Post Job Free
Sign in

Engineer Sap

Location:
Montigny-le-Bretonneux, Ile-de-France, France
Posted:
December 13, 2020

Contact this candidate

Resume:

Sr. Consultant SAP GRC & Authorizations

*.SAP Certified Application Associate - SAP BusinessObjects Access Control 10.0

2.SAP Certified Technology Associate - SAP Authorization and Auditing for NetWeaver 7.31

PERSONAL DETAILS

Abderrahim DAROUICH

2 allée Anna de Noailles

78180 Montigny-le-Bretonneux - France

*******@*****.***

French citizen

Please have a look at my recommendations & posts at:

http://fr.linkedin.com/in/asapsap

https://www.linkedin.com/in/asapsap/detail/recent-activity/shares/

EMPLOYMENT SUMMARY

2019/12 up to now GRC & Authorizations Lead – Klépierre, France…

Supporting IT & Business Audits

Supporting & testing SOX key controls

Work with the Business & Technical Teams

Monthly UAR, Audit & Remediation of 15 Business applications: SAP ECC, SAP BW, Kyriba…

Roles Design & Build

Troubleshooting

2018/9 2019/11 SAP GRC Senior Consultant – Riscomp, Switzerland

SAP GRC Access Control 10.1 – 12.0

EAM - Emergency Access Management Design & Build

ARA – Access Risk Analysis Design & Build

ARM – Access Request Management Design & Build

BRM – Business Role Management Design & Build

Access Control roles Design & Build

2019/1 to 2019/4 SAP GRC Senior Consultant / SAP Authorizations Architect – Roquette, France, Italy…

SAP GRC Access Control 10.1

EAM - Emergency Access Management Design

Authorizations Architecture

TM – Transportation Management roles Design & Build

2018/2 to 2018/8 SAP Authorizations Architect – Tarkett, France

Authorizations Architecture

Workshops leading

Stakeholders actions coordination

Business needs analysis

Authorizations Matrix (Functions, Roles, Transactions, Org. Level, Authorization Objects…) design

UAT coordination

2017/9 to 2018/1 SAP GRC & Authorizations Senior Consultant – Safran

SAP GRC Process Control 10.1

Presentation of Process Control methodology

Workshops leading

Design & Build of Master Data: Organization, Process, Subprocess, Control, Regulations & Policies

Design & Build of Data Source & Business Rule

Compensating Controls set-up in Process Control and Unit Testing

Create Job in Automated Monitoring

Job Monitoring

Key Users training on Process Control

SAP GRC Access Control 10.1

Workshops leading

EAM Emergency Access Management Design & Build

ARM Access Request Management, Workflows Design & Build

Training leading

Risk Remediation plan

Workshops leading

Role remediation

User remediation

2017/5 to 2017/8 SAP Authorizations, Governance, Risk & Compliance Architect – Bolloré T&L, France

Writing documents

Security & Authorizations Concept

Roles Naming Conventions

Access Control 10.1

Risk matrix update

Post installation of SAP Access Control 10.1

Configuration of SAP GRC Access Control

Design & Build of GRC 10.1, TM 9.4, EM 9.2, EWM 9.4, GTS 11, S/4 HANA 16.10, Fiori 2.0 project roles

2016/9 to 2017/4 SAP Authorizations, Governance, Risk & Compliance Expert – CMA CGM

GRC & Authorizations Advisory

Offshore Team Management

Design of BI/GRC Dynamic Authorization Concept

Design of BI/CRM Authorization Concept

Maintenance & Support of GRC / Authorizations (GRC 10.1, ECC 7.4, BW 7.4, CRM 7.0, SOLMAN 7.1, Fiori)

2015/12 to 2016/8 SAP Governance, Risk, Compliance Team Leader – Sanofi, France

Maintenance & Support of Access Control

Team management

Authorizations Design, Build & Go-Live (SAP Fiori)

Analysing business needs

Designing and building roles

Mass roles creation

User Acceptance Test Management

Defect management

Mass users master record build

Documentation writing

Team Management

2015/1 to 2015/11 SAP Governance, Risk, Compliance & Audit Consultant – Total, France

Authorizations Design, Build & Go-Live

Analysing business needs

Designing and building Master and Derived roles

Mass roles creation

User Acceptance Test Management

Defect management

Mass users master record build

Documentation writing

Upgrade – Access Control 10.1

Risk matrix update

Post installation of SAP Access Control 10.1

Configuration of

Access Risk Analysis

Emergency Access Management

Role Management

Test and acceptance-test management

2013/6 to 2014/12 SAP Governance, Risk, Compliance & Audit Consultant – Renault, France

Upgrade – Access Control 10

Post installation of SAP Access Control 10

Configuration of Access Risk Analysis, Workflow for Access Control, Emergency Access Management & Role Management

Build of workflows (MSMP, BRF+, decision tables, Workflow setup)

Test and acceptance-test management

2013/4 to 2013/5 SAP Governance, Risk, Compliance & Audit Consultant – Siemens, Spain

SOX Remediation

Controls review and update

Remediation & Mitigation plans proposal

2012/11 to 2013/3 SAP Governance, Risk, Compliance & Audit Consultant – French Ministry of Justice

HR LSO Authorizations Blue-Print, Design, Build & Go-Live

Analysing business needs

Enabling PD PA switch and the main Structural Authorization switches (HR)

Designing and building Master and Derived roles

User Acceptance Test Management

Defect management

Transport Management (Authorization Objet, Structural Profiles and Rôles)

Go-Live and Post Go-Live support

Documentation

2012/3 to 2012/10 SOX Auditor / SAP Application Manager – Siemens Financial Services, France

SOX audit of SAP accounting – Management of SAP application

Controls review and update

SOX reports analysis

Remediation & Mitigation plans proposal

Internal Auditors support

Change Management

2012/2 to 2012/2 SAP SOX Consultant – Renault, France

Design of SOX matrix applied to SAP HR

SOX workshops organizing

Design of SOX matrix (HR)

2011/3 to 2011/12 SAP SOX Consultant – Alcatel-Lucent, France

ApprovaOne tool implementation - SOX remediation

Design and implement SOX conflicts free roles

Design and implement compensation controls in line with business team and audit planning

Implement control procedures for SAP Authorizations team

Support the audit, provide evidences

Design and build of rules in ApprovaOne – Authorizations Insight

2010/10 to 2011/2 SAP GRC Consultant – Renault, France

SAP GRC CUP implementation - Request access workflow design

Drafting of the functional specifications document

Post installation of SAP GRC Compliant User Provisioning

Configuration of CUP

Design and build of workflows

UME management

Test and acceptance-test management

Roll-out

Post Go-Live support

Documentation

2009/09 to 2010/09 SAP HR Security & Authorizations Consultant – French Air Force

HR Authorizations Blue-Print, Design, Build & Go-Live

Enabling PD PA switch and the main Structural Authorization switches (HR)

Creating Organizational Plan

Creating Profiles

Creating Custom Authorization Objects

Designing and building Master and Derived roles

User Acceptance Test Management

Defect management

Transport Management (Authorization Objet, Structural Profiles and Rôles)

Mass users master record build (70 000)

Testing, Rehearsal and preparing for the Go-Live

Go-Live and Post Go-Live support

Documentation update

2008/11 to 2009/07 SAP Governance, Risk, Compliance & Audit Consultant – British Petroleum, UK

Migration of BW to BI (authorizations) - Rebuild of BI roles & Authorizations

Roles rationalisation

Creating Custom Analysis Authorization Object

Adding Authorization Object to roles

Building BW menu and authorization roles

Upgrade of BW 3.5 to BI 7.0

User Acceptance Test Management

Defect management

Mass users master record maintenance with Quick Test Pro 7.3

Transport Management (InfoObject, Analysis Authorization and Roles)

2008/01 to 2008/10 SAP Governance, Risk, Compliance & Audit Consultant – RTL Group, Luxembourg, Germany, UK, France & Australia

Migration of BW to BI (authorizations) - Rebuild of BI roles & Authorizations

Design & build of worldwide roles template (MM, SD, CO & FI modules)

Analysing business needs

Analysing client workflow, rules and constraints

Designing and building Master and Derived roles (by profit-center, cost-center…)

Upgrade of BW 3.5 to BI 7.0

Building BW menu and authorization roles

Making Info Object Authorization-Relevant

Creating Custom Reporting Authorization Object

Adding Authorization Object to roles

Updating transactions (managing authorization objects)

User Acceptance Test Management

Go-Live and Post Go-Live support

Defect and Work Order Management

Standard Operating Procedure - SOP writer

2007/11 to 2007/12 SAP Governance, Risk, Compliance & Audit Consultant – Sodexho, France, Finland & Germany

Roles & authorizations management

Designing and Building Roles

Updating Transactions (Managing Authorization Objects)

Maintain Transactions Selection and Authorisation Objects in Activity Groups

Managing Mass Transport

Transaction Variant / Variant Transaction & Parameter Transaction creation

Change Request Management

Defect and Work Order Management

Documentation update

2006/12 to 2007/10 SAP Governance, Risk, Compliance & Audit Consultant – British Gas, UK

Roles & authorizations management

Designing and building roles

Updating transactions (managing authorization objects)

Maintain transactions selection and authorisation objects in activity groups

Managing Mass Transport

Transaction Variant / Variant Transaction & Parameter Transaction creation

Authorisation Field, Authorisation Class and Authorisation Object creation

User Provisioning Management, using CUA and eCATT (1500 users)

CRM Organization Structure Management

Implement InfoObject security

Create BI reporting authorization object

Creating and Securing Workbook

Maintaining authorization for hierarchies

Setting-up RFC/ALE

Testing, Rehearsal and preparing for the Go-Live

Go-Live and Post Go-Live support

Change Request Management

User Acceptance Test Management

Defect, Call, Incident and Work Order Management

Documentation update

Team Management

2005/11 to 2006/11 SAP Governance, Risk, Compliance & Audit Consultant – Sanofi Aventis, France, Germany, Morocco, Poland, Czech, Estonia, Lithuania, Latvia, Cyprus, Malta, Slovenia, Turkey, Bulgaria, Slovakia, Austria, Romania & UK

Roles & authorizations management

Developing master and derived roles

Maintain transaction selections and authorisation data in activity groups

User Registration Form Management

User Access Management using inSight 3.5 Fast Solution Tool

User Access Reporting using BMC Enterprise Security Station ESS 3.8.01

Authorisation Management Reporting

User Provisioning Process writer

User Acceptance Test writer

Application Integration Process writer

Change Request Management

Fast Solution Database Management

Standard Operating Procedure - SOP writer

Service Level Agreement - SLA writer

Documents translation (English/French) Create, maintain, lock and unlock users, and reset passwords

SAP License management

Passwords management (requirements, restrictions, best practices, rules)

Create, maintain, lock and unlock users, and reset passwords

Users Group management

Assign activity groups to users

Tracing Authorizations

SAP R/3 4.6C Security Audit (Logs, Checklists & recommendations)

2005/09 to 2005/10 SAP Governance, Risk, Compliance & Audit Consultant Project Manager – Bel Fromagerie

Designing and building of a worldwide roles template (MM, SD, CO & FI modules)

Getting the input information from the process owners of: Master Data, Logistic/Stock, Purchasing, Accounting, Sales and Controlling

Developing the master and the derived roles

Designing the users menus

Testing, roll-out & Go-live

2005/07 to 2005/08 SAP Governance, Risk, Compliance & Audit Consultant Auditor – Carrefour

SAP R/3 authorizations audit

Client settings

Naming conventions

Dialog users

User groups

Authorizations concept: Composite roles, Single roles

Use of Wildcards and ranges in S_TCODE

Excess of access rights

Sarbanes Oxley compliance

2005/05 to 2005/06 SAP Governance, Risk, Compliance & Audit Consultant Project Manager – Henkel, France & Germany

Authorizations concept design

Implement and Support the SAP R/3 Authorization concept at Henkel France, Paris and Germany, Dusseldorf

Develop a worldwide function template for the logistic functions (Blue Print)

(6 Master Processes: OTC, PTP, MP, IC, SCP, and MD)

2000 to 2005 Security Engineer – TOTAL

Installation and configuration of Cisco Catalyst 2924C-XL

Project management of building a supervision platform using IBM NetView 7.1.4

Project management of building of a platform of quality of service using InfoVista 2.1

Audit of firewall Checkpoint, Solaris

Management and support of Firewall, Antivirus, DNS, Messaging, Proxy…

Audit of the Security Cell of The Refining & Marketing Department

Study of the security of an Information System

Editorial staff of an answer to request for proposal of an IS security facilities management

Drafting of NetCache C3100 and SSH exploitation procedures

Security Engineer – ORANGE

Audit of the Security Laboratory (Windows NT, Windows 2000, Solaris, AIX, UX and the network)

Put in correspondence and evolution of the laboratory

Editorial staff of a request for proposal and implementation of a study on the Strong Authentication on Orange portal

Project of the Security Systems of Windows 2000, AIX and UX

Network & Security Engineer – AXA

Installation and Configuration of Check Point 2000 VPN-1/FireWall-1

Solaris 7 Security System Project

Internet Collector Project: Test and Validation of a Statistical Protocol Tool NetFlow: http, dns, ftp, smtp

Installation and Configuration of the Test Platform (Cisco 3660, PIX520, InfoVista 2.2 and NetFlow 3.0)

Installation and Tuning of Info Vista 2.2 on Sun Enterprise 250 (Solaris 7)

Builds of Instances and Reports (4000 reports, 130 routers, 700 links: PVC, HDLC…)

Installation and tuning of HP OpenView 6.2

1998 to 1999 Systems & Network Engineer – ATOS

Antivirus Security Project: Installation and Configuration of InocuLAN 4.00

Windows NT 4 System Secured Architecture Project

Management of IP Addressing

Technical Support Engineer (3rd level) of Windows NT Server 4

Analyze of DUMP file of Windows NT (MEMORY.DMP)

Installation and Configuration of CA-Unicenter TNG 2.1

Management of 50 servers (user management, printing servers LPD, DHCP, WINS…)

1996 to 1998 System Administrator – IBM

Audit of Servers (Insight Manager, Events viewer, Sensor of Performances and Network Monitor)

Servers integration

Project of Back-up Strategy (Arcserve 6.61 (GFS), Ntbackup, Winat and batch files)

EDUCATION

GRC300 – SAP Access Control Implementation and Configuration

ADM945 – Authorization Concept for SAP S/4 HANA

SECCD – Code Security

HA240 - SAP HANA Authorization, Security and Scenarios

ISO 27005 Risk Manager

TZNWIM – IDM SAP Identity Management

HR940 - Authorizations in HR

Master - Management and Enterprise Strategy ENACO

SAP GRC Access Control 5.3

BW365 - BI User Management & Authorizations 7

ADM940 - SAP Authorization Concept (4.7)

ADM950 - Secure SAP System Management (4.7)

ADM960 - Security in SAP System Environment (4.7)

CSI Authorization Auditor 7.2.5

MEHARI: Method of Risk analysis

Projects Management

Information Systems

Mastering Network Security

CISSP: Certified Information Systems Security Professional

CompTIA Security+

EBIOS French security method

IBM English Test

Network Field Service Engineer

Conservatoire National des Arts et Métiers

BTS IT of Management

PET of The University of Cambridge



Contact this candidate