OLAIYA OLUWAGBAYI OLOWOOYE
SAP Security & GRC Analyst
Olaiya is an experienced information technology professional who can work with all levels of management, both internally and externally, working independently and with teams on difficult projects with minimal supervision, has a working knowledge to implement company and departmental compliance and regulatory policies and procedures. He has over 6 years of IT experience with 3 years of dedicated experience exposure to SAP Security and GRC implementation and support. He understands both business processes and technical architecture and can communicate effectively with the technical teams, business process owners, and various levels of decision makers. Olaiya has deep exposure to SAP security architecture throughout multiple environments, designing user management systems, maintaining user accounts, solving security incidents, and delivering authorizations within SAP, testing, and supporting SAP Security, in ECC, and GRC- Access Control in Access Risk Analysis (ARA), Access Risk Management (ARM), Business Role Management (BRM) and Emergency Access Management (EAM). ENGAGEMENTS PERFORMED
SAP GRC Implementation SOD Design and Remediation
SAP GRC AC Monitoring Structural Authorization
SAP security Redesign S/4 Hana Fiori Security
Information Systems Audit and continuous monitoring. Skills/Qualifications:
GRC administration including risk and usage analysis along with emergency access management in versions 10.x
Knowledge of internal controls, segregation of duties (SOD), and sensitive transaction analysis An understanding of integration points across SAP modules such as MM and FI/CO, SAP Security administration in SAP systems such as ECC, and GRC. PROFESSIONAL EXPERIENCE
AppsCompliance Dallas, TX 02/2018 – Present
Role: SAP Security GRC Analyst
Primary responsibilities were centered around SAP Security, S4 Hana/ Fiori and GRC implementations. Maintain existing security landscape by identifying and correcting defects, upgrades, managed services/daily support of security in SAP System, Design,development and analysis of end user and technical security roles, configuration and maintenance of GRC, development and maintenance of SOD rule sets, Evaluation, design and implementation of system/role/user/process compliance controls and documentation, Definition and development of SAP security policies and procedures, prepare and maintain documentation for security purposes.
Responsibilities: Perform all aspects of SAP security control tasks and maintenance which includes configuration, deployment and management of SAP Security Roles (simple and composite) using the profile generator (PFCG), Profiles and Authorizations across various SAP systems. Performs user provisioning activities which includes, setting up new accounts, password resets, assigning users to appropriate groups and assigning security roles according to employee approved positions.
Leverage System trace to record authorization checks in different sessions. Troubleshoot authorization errors using SU53, SU56, SU24, ST01, SUIM and proffered timely resolutions.
Build Fiori roles using standard/custom catalogs, groups and OData services both on front end and back end.
Implement the SAP GRC AC ARA to ensure segregation of duties (SOD) exists and Sensitive Access in the SAP systems are enforced.
Configured ARA for continuous monitoring, risk detection, and assisted process owners in mitigation and/or remediation of identified risks.
Perform risk analysis at Role and User level for SOD analysis. Ensure compliance with security policies, processes and procedures pertaining to SAP systems. Perform GRC ruleset changes based on requirements. Develop and maintain relevant documentation to satisfy audit requirements.
Design, develop and Activation of Rule Sets, created custom rulesets and updated the functions grouping with custom transactions as required.
Perform Role and User Level analysis for sensitive access and SOD worked with Role owner and process owners to address risk and assisted with outright remediation, and/or mitigation. Daily monitoring of GRC systems which includes monitoring of Batch jobs, System logs and Application logs etc.
Perform Firefighter ID Provisioning Tasks and Troubleshoot any issues relating to Firefighters or IDs and GRC in general.
Monitor SAP GRC systems and troubleshoot the issues and report to the management on a timely basis.
Performed GRC AC post installation activities and implemented ARA, EAM, BRM and ARM based on client requirements.
Created business rule configuration plus (BRF+) for complex workflow requirements in ARM, ARA and BRM.
Configure the MSMP workflow settings based on client’s requirement. Review and act on daily monitoring/change reports. and perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
Communicate with clients of all levels.
PORTLAND CEMENTS 05/2008-07/2010
Federal Polytechnic Ado Ekiti:
HND/BSc Equivalent Electrical/Electronic Engineering