SAP Analyst

Babalola Olawale

Email:xhbyei@r.postjobfree.com

Phone: 972-***-****

Professional Experience

• 5+ years of IT industry experience encompassing a wide range of skill set, strong background in design, implementation/configuration of business process control to meet SOX compliance requirement.

• Worked on the security and controls implementation involving all major releases of SAP including ECC 5.0/6.0, VIRSA/GRC Release 4.0, 5.0, 5.2 and 5.3 which include all this products (Access Enforcer, Firefighter, Role expert and Compliance Calibrator).

• Familiarity and hands-on experience on GRC 10.0 configuration.

• Worked with clients during pre and post implementation of SAP in identifying and designing control points and preparing working documents in readiness for external audit assessments.

• Established identity by use of professional knowledge and acumen in areas of SAP Security at different levels of organization.

• Proficient in analyzing and translating business requirements to technical requirements in SAP.

• Experience in coordinating within team and with other teams. Handled roles related to the team.

• Extensive experience in SAP R/3 Security Administration(4.7b, ECC5.0 and 6.0) and SAP BI security, with in-depth knowledge in designing and implementing SAP security solutions, that includes Strategy, Role Definition, Design, Development, Testing, Transportation and Production Support

• Good communication skills, interpersonal skills, self-motivated, quick learner, team player.

Employer: Accenture

Period: 07/2009- Present

SAP Security GRC Consultant

Client Engagement: Healthcare

Period: 02/2011-11/2011

Responsible for following activities as SAP Security/GRC Consultant:

Created and uploaded custom rule set in RAR GRC 5.3

Work with business managers in changing SAP roles and ensuring appropriate work flow in GRC Compliant User Provisioning (CUP)

Reviewed critical and sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.

Customized Rule creation for SOX audit tool SAP GRC RAR for action and permission level SOD violations in roles for various business processes and functions.

Recommended and created mitigation controls in SAP GRC

Configured Fire Fighter to capture audit logs and trigger alert

SAP GRC SPM: Assign firefighter Id’s to support users in order to resolve provisionally broad issue.

Make use of Role Creation [Role Change Request] form in order create a new role or make changes to an existing role; Change Request Board approvals mandatory for transports. Simulate the role using GRC before moving the changes to quality environment.

Worked with the SAP Security team and business process owners to identity Fire fighter ID (FFID) controllers, administrators and Owners and mapped these in SAP GRC SPM 5.3.

Period:05/2010-02/2011

Client Engagement: Public Corporation

SAP Security Consultant

Performed following activities for an upgrade project:

Made use of transaction SU25 to compare SAP tables and customer tables of source and target release.

Identify the roles with new authorization objects added and for which there are changes transactions.

Manually maintain authorization data for all these roles; maintain authorization values for new objects depending upon the transactions provided in the role.

Created test user Id’s in CUA and performed security testing [positive and negative]; followed by user acceptance testing.

Verified the roles, transaction codes and user master records in SAP 4.6c and SAP ECC6.0 for appropriateness after an upgrade.

Create/ Modify/ termination of user accounts.

Modifying the existing user master records, roles and responsibility.

Period:09/2009-04/2010

Client Engagement: Healthcare

SAP GRC Consultant

As a SAP Security GRC team member responsible for analyzing and resolving problems related to SECURITY application within specified time frame.

Implement VIRSA Access Enforcer 5.2 for user provisioning

- Configured Basic, Detour and Parallel workflows

- Define requests and configuration approvers

- Importing roles from back end systems and define role configuration

- Setting up Risk Analysis and mitigation

- Setting up email reminders

- Defining connectors

Develop and Implement process for monitoring the following reports from security and audit perspective.

- VIRSA Fire Fighter audit

- VIRSA Fire Fighter log in notification

- Audits logs

- Email alert for failed log on through Solution Manager

- Maintaining non-dialog user’s credentials

Streamlining Fire Fighter Access

Perform SOD Analysis on User’s Access using VIRSA Compliance Calibrator 5.2

Employer: DUS Technologies

Period:05/2006-07/2009

Client Engagement: Global Manufacturing Company

SAP Security Administrator

Responsible to work in complex environment containing many software and interfaces, delivery of solutions to problems faced by client within specified time frame (SLA).

Understanding of change in requirements of business, sizing, scope of changes, impact analysis, configuration, testing of configuration, transport between systems, monitoring of transport of changes, validation of configuration or data after changes have been moved is a requirement for delivering excellent service.

Creating users with specified access after receiving appropriate approvals from client side.

To identify the risks involved in the users access with the help of Compliance Calibrator and then minimizing those risks with the help of mitigation control document.

Day to day update for problems ticketed by users, follow up with other teams, effective communication and adhering to service level agreement (SLA) is must for performance in this project.

Serve as primary focal point for SAP Security for production support and defects request

Timely correspondence with counterparts on-site and users from client organization is requirement of the project.

Develop, maintain and enforce security policies and procedures

Participate in performing security updates specific to SAP support/enhancement packs and upgrades

Job profile also involves listing of users who has not logged in to the SAP Systems for a considerable span of time.

Basis Activities: Daily monitoring tasks (work process, locks, jobs, system dumps, update overview), applying support packs, transport systems [creating RFC’s], spool configuration, performance and monitoring tasks (Alerts using CCMS, logs and analysis), working with ABAP team members and functional people with respect to dumps generated, IDOC’s, spool logs etc..

Period:05/2006-02/2007

Client Engagement: Leading Pharmaceutical Company

SAP Security Consultant

Day to day implementation and administration of security in SAP production environment

Review of critical and sensitive authorization, implementing improvement to meet audit requirements

Performed user administration (create, lock, unlock, change and delete user account) using SU01, SU10 and SU3

User access provisioning management using CUA

Troubleshoot existing user roles, authorization, security object, workflows and batch jobs to resolve issues in SAP Security roles

Update transactions via SU24 (managing authorization object)

System Experience

Software: SAP 4.X, ECC5.0&6.0, BW 3.X, BW7.0, Solution Manager, CRM and Enterprise Portal

Education

Bachelor of Electronics and Electrical Engineering

LAUTECH, Nigeria

Training

SAP Security and User Administration

Cross ERP Security Training

Hands on Training on VIRSA’s compliance calibrator 4/5, Firefighter 3.0 and Risk Terminator 1.2

Hands on Training on GRC 5.3(CUP, RAR, SPM & ERM), hands on GRC 10.0

Contact this candidate