| 20,000+ Fresh Resumes Monthly | |
|
|
| | Click here or scroll down to respond to this candidate Candidate's Name
SAP Security ConsultantSummary:SAP Security Consultant and project leader with over 20 years ofaccomplished IT experience; with experience in SAP ECC, SAP Security, GRC,HANA Security and SAP Basis. Has worked through the entire support cycle ofBasis administration from installations, upgrades to maintenance andsupport including application of SPAM/SAINT updates, support, clientmanagement, correction and transport management system, profilemaintenance, and SAPDBA. Extensively worked on SAP security, useradministration and security concept in SAP with authorizations usingProfile Generator (PG) for various modules in R/3 (SD, MM and FI) and SAPBW.Selected Accomplishment: . SAP Security specialist with experience in SAP Security for ECC 6.0 ERP, SAP, GRC Rulesets Access Control Process Control Risk Management 10.1, SAP S4_hana, SAP HANA Security, SAP BI/BW, BPC, BOBJ ,SAP HCM and NetWeaver Portal. . Has worked in SAP BW systems from 3.0B to 3.1 (content 3.1 thru 3.3) and 3.5 (content 3.51/3.52). . SAP GRC Implementation and Production support experience, with a good understanding of business processes. . Remediation of Segregation of Duties (SOD) within SAP implementation for SOX (Sarbanes Oxley) Compliance using GRC tool. . Worked extensively on pre-SOX audits requirements and working with Auditors to comply the system. . Experience in HANA Security implementation and maintenance in a multitenant environment. . Installation of new generation such as CRM, Solution Manager. . Has worked on SAP security, user administration and security concept in SAP with authorizations using Profile Generator (PG) for various modules in R/3 (SD, MM, FI, and HR) and also in SAP BW. . Has good understanding of business processes from order to cash, procure to pay, plan to procure and plan to produce. . Has worked in SAP Basis systems on Windows and UNIX systems based on Oracle RDBMS from version 4.5 to the 4.7 Extension set 2.00 releases . Has a good exposure to sales taxation third party SAP software such as Vertex. . Generated significant reductions in time by facilitating the automatic generation of work orders through the design of an order launch system for the Glovia manufacturing system; created an interface for web transactions into the same. . Developed a custom project management system in Glovia that integrated the work order, sales, order, billing, and purchase order systems to enable tracking, management, and analysis of project costs, budgets, and profitability. . Served as the lead technical consultant in the design, analysis, and development of an integrated EDI system in a bilingual environment. . Prepared custom G/L reports in a multi company environment to enable management to track profitability.Technical Skills:Operating Platforms and Hardware: DEC PDP 1123 (RT11)/DEC 1134 (RT11)/DECPDP 1144 (Tsx)/DEC PDP 1173 (RT11/Tsx); Solaris 2.6; Digital Unix 4.0D P2;Aix 4.1; Micro-Vax (VMS)/Micro-Vax/II (VMS)/Vax 11/750 (VMS)/Vax 3800(VMS)/Vax 3100 (VMS)/Vax 6000 (VMS); IBM Risc/6000 (AIX 5.x); HP/3000(Unix)/HP/9000 (Unix)/NT 4.0 SP5/Windows 2000/Windows 2003, HP-UX 11.0 / HP-UX 11i,SAP VERSION 700, OP: Windows NT 5.0, Windows NT 5.1, Windows NT 5.2,Wi, SAP NetWeaver 2004s, SAP ECC 6.0Software: SAP R/3 4.5B/4.6C, SAP R/3 Enterprise 4.7 Ext. Set 1.10/2.00, SAPBW 3.0B/3.1/3.5, Mini-Computer Business Application (MCBA); GloviaManufacturing /MS and DOS; SAP R/3 Enterprise 7.00; BI NetWEAVER 7.0, BOBJ4.0Coding Languages (15+ years): Dibol, Cobol, Fortran, ABAP, Basic, Pro-IV,Progress, C, HTMLProfessional ExperienceJOANN Feb 2024 - May 2024 . Performed GRC 10 Risk/Audit Reports to check for any SOD/Sox Errors. . Solved all (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . Clean up the production system to maintain only required roles and perform routine SOD/SOX analysis to keep the Production clean. . Reports and Analytics like User Role Relationship . Worked with Auditors to prepare the system for a general audit. . Trained Users in ECC/GRC10, S4_HANA Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given . Performed GRC check for any HP SOD/Sox Errors (User/Role Level Simulation) . User department input (organizational and processes structures) . Work with the Functional Teams to design the required task (roles) for such Modules as, Production Planning, Materials Management, Sales and Distribution . Work with the Functional Teams to design the required FFIDs, Risk- Matrix, Rule Sets. . Performed remediation and mitigation against various risks associated with roles and users .AbbVie, Illinois Jul 21 - JAN 24 . In BW, OER, GTS, SRM, SSO, SOLMAN, S4_HANA, systems worked with users to resolve authorization needs and Errors. Using transaction like SU01, SU53, PFCG, and ST01 . Used SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Security T-Codes use: SU01, RSECADMIN, PFCG, SU24, ST01, NetWeaver- Business Client . Resolved all SOD problems and SAP transaction Usage Analysis for compliance and remediation risks and to ensure all access control provides a good control over SOD and risk analysis thereby keeping the SAP environment clean and risk free. . Performed GRC check for any SOD/Sox Errors (User/Role Level Simulation) . Setup GRC Access Request and search for GRC Access Requests . Reports and Analytics like User Role Relationship . Worked with Auditors to prepare the system for a general audit. . Setting up rulesets and performing User/Role Risk AnalysisPENN State, College State, PA Jan 19 - May21SAP Security Consultant . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, and ST01 . Used PFCG to add/ remove transaction and authorization objects and SU10 to perform mass changes to user roles assignments. . Used SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Security T-Codes use: PFCG, SU24, SUIM, SPRO_ADMIN, ST01, SU10, RSECADMIN, SOLAMN . Designed and Implemented BW Security. . Held Security classes used to teach the Penn State Security team. . Designed and developed HANA Security Roles and Set up Users. (HANA Security Roles are design to grant access based on the various HANA Privileges (System, Object, Analytic, or Application) . Developed and assigned S4 HANA and Fiori Role . Performed GRC 10 Risk/Audit Reports to check for any HP SOD/Sox Errors. . Solved all (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . Clean up the production system to maintain only required roles and perform routine SOD/SOX analysis to keep the Production clean. . Written documentation on User Role provisioning, CUA process, and HANA Security . Setup HANA security for Basis, Security, and Users and set up HANA Roles (Catalog and Repository) . Trained Users in ECC Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given . Found tiles by name or text using Transaction /UI2/FLT
. Used to determine Catalog-IDs assigned to a role.../UI2/FLC . Used LPD_CUST to create a Launchpad role . Used Fiori Launchpad Orphaned Catalogs and Groups - Transaction /UI2/FLC1 . Configure SAP Transaction as Custom Tile in Fiori Launchpad /UI2/FLPD_CONF . Used Fiori Launchpad Content Checks - Transaction /UI2/FLP_CONTCHECK . Configure SAP Transaction as Custom Tile in Fiori Launchpad . Setup Fiori Launchpad, Categories, Groups, and Roles . Work with functional teams to Design, develop, and implement secure configurations for SAP applications and systems ECC, BW, HANA. . Managed team of 5 which also includes the training of 4 PENN-State PersonnelNational Gypsum Company, Charlotte, NC Jul'018 - Dec'018SAP Security Consultant . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, and ST01 . Setup Fiori Launchpad, Categories, Groups, and Roles . Performing study to determine how to solve conflicts between the necessary rights of the user and the rights that the user actually has been given by the assigned roles . Written Security Policies and best practices for designing and creating Security Profiles . Using PFCG to add/ remove transaction and authorization objects and SU10 to perform mass changes to user roles assignments . Using SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Security T-Codes use: PFCG, SU24, SUIM, SPRO_ADMIN, ST01, SU10 . Used Excel to layout required Security changes and to map role roles to new . Used SU10 to perform mass changes to user roles assignments (ECC and SolMan-7.2) . Wrote documentation on User Role provisioning, CUA process, and HANA Security . Designed and developed HANA Security Roles and Set up Users. (HANA Security Roles are design to grant access based on the various HANA Privileges (System, Object, Analytic, or Application) . Work with the client's Functional Teams to design the required task (roles) for such Modules as Sales and Distribution, Finance, Materials Management. . Setup Mediation IDs which involvers setting up hierarchy organization, users(approvers/monitors), organization, and Mediation IDs . Performed Risk Audit Reports to check for any HP SOD/Sox Errors. Then solve all (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . Performed remediation and mitigation against various risks associated with roles and users . Clean up the production system to maintain only required roles and perform routine SOD/SOX analysis to keep the Production clean. . In resolving SOD/SOX errors the related Business Functional Team(s) were informed these errors and inform of any them of possible resolutions. And seeking the team's contribution on how to resolve the problem. . Designed/changed/debugged roles for ECC and Solman . S4 HANA and Fiori Role development and assignment . Setup HANA security for Basis, Security, and Users and set up HANA Roles (Catalog and Repository) . Used SE80 to determine what Function Groups are being used in a ABAP program. This is needed by security to determine required authorizations must be assigned to the authorization object S_RFC. . Performing study to review how roles must be changed so that transactions will be performed has needed for users . Used to determine Catalog-IDs assigned to a role... /UI2/FLC . Finding tiles by name or text using Transaction /UI2/FLT
. Used LPD_CUST to create a Launchpad role. . Managed and Trained Users in BI Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given. . Used Fiori Launchpad Orphaned Catalogs and Groups - Transaction /UI2/FLC1 . Configured SAP Transaction as Custom Tile in Fiori Launchpad /UI2/FLPD_CONF . Fiori Launchpad Content Checks - Transaction /UI2/FLP_CONTCHECKNissan, Franklin, TN Feb'018 - Jun'018SAP HANA/BW/BI Security Consultant . Analyzed current BI System to view/audit their current security structure . Provided report on required changes for the BI system . Security T-Codes use: PFCG, SU24, SUIM, RSECADMIN . S4 HANA and Fiori Role development and assignment . Used Excel to layout required Security changes and to map role roles to users and query access. . Worked with functional teams to redesigned BI security structure. . Rewritten the BW Security System . Written Security Policies and best practices for designing and creating Security Profiles . Performed Periodic Syncs: GRAC_ROLEREP_PROFILE_SYNC GRAC_ROLEREP_ROLE_SYNC GRAC_ROLEREP_USER_SYNC GRAC_BATCH_RISK_ANALYSIS . Executed GRC 10 analytical software Audit Reports to check for any SOD/Sox Errors. Then solve any SAP Segregation of Duties (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . In discovering any SOD/SOX errors the related Business Functional Team(s) were informed these errors and inform of any them of possible resolutions. Then seeking the team's contribution on how to resolve the problem. . Work with the Functional Teams to design the required task (roles) for such Modules as, Production Planning, Materials Management, Sales and Distribution. . Maintained Configuration Setting Parameter IDs (GRC) . Used transaction to SCPR20 to activate standard global rule sets. . Used transaction GRAC_DOWNLOAD_RULES to download Rules from one GRC System then used transaction GRAC_UPLOAD_RULES upload the Rule Set into another GRC. . Trained Users in BI Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given. . . Setup FF IDs and Reviewed FF logs, Risk Analysis into GRC 10 Interfaced with technical and functional teams to solve security problems.Matthews Internationals, Pittsburg, PA Oct'017 -Jan'018SAP Security Consultant . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, SLAW, and ST01 . Used PFCG to add/ remove transaction and authorization objects and SU10 to perform mass changes to user roles assignments. . Used SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Security T-Codes use: PFCG, SU24, SUIM, SPRO_ADMIN, ST01, SU10 . Used Excel to layout required Security changes and to map role roles to new . Performing study to review how roles must be changed so that transactions will be performed has needed for users (ECC and SolMan- 7.2) . Changes/debug roles for ECC and SOLMAN . Changed/debug roles for PIP and TM (ME22N,ME22N,ME21N,ME2K,ME2K, F110,TM00,TM02, TM04,etc) wased . To determine the required Functions Groups for authorization object S_RFC the transaction SE80 was to determine what Function Groups are being used in a given ABAP program. . Performing study to determine how to solve conflicts between the necessary rights of the user and the rights that the user actually has been given by the assigned roles . Worked with CPGRC (Symmetry Corporation) analytical software Audit Reports to check for any SOD/Sox Errors. Then solve any SAP Segregation of Duties (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all Access Control provides a good control over SOD and risk analysis thereby keeping the SAP environment clean and risk free. . Reviewed Custom ABAP program to determine what Authorization Objects were being used so that the Authorization Objects could be assigned related Transactions for security requirements.DOW, Midland, WI Apr'017 - Sep'017SAP Security Analyst . Analyzed current BI Systems to view their current security structure . Provide report on required changes for the BI systems . Used SU10 to perform mass changes to users' roles assignments . Worked on SAP BI/BPC Security using SU53, PFCG, SU24, ST01, SM20, SUIM and working with the user base to design and solve user problems. . Used Excel to layout required Security changes and to map role roles to new . Designed the BW processes for Export Control. Which is used to control what ECCNs can be viewed . Conducted workshops to gather information needed to create security roles. . Worked with BI Developers to prepare for the roll-out of new BI Security roles. . Setup security documents used to explain BI terms and provide User Instructions on RSA1, RSECADIM, and PFCG (using Word, Excel, PowerPoint) . Trained Users in ECC and BI Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given. . Designed and oversaw the creation of an ABAP routine to be used in a BW Analysis Authorization process to control masking and unmasking of sensitive military data. . Work with the US Armed Forces to link Dow's BW system into Military Data baseFlowers Foods, Thomasville GA Dec'016- Mar'17SAP Security/BI/BOBJ/HANA/SOLMAN Consultant . Analyzed current BI/BOBJ/HANA Systems to view their current security structure . Provided report on required changes for the BI/BOBJ/HANA systems . Security T-Codes use: PFCG, SU24, SUIM, RSECADMIN, HANA Studio . Designed/Debugged roles for SOLMAN . Executed transaction SICF to activate a web service. . Executed SCPR20 for BC setup . Setup Workflows . Setup BW on HANA and setup HANA security for Basis, Security, and Users . Designed and developed HANA Security Roles and Set up Users. (HANA Security Roles are design to grant access based on the various HANA Privileges) . Used Excel to layout required Security changes and to map role roles to new . Setup processes in BOBJ to load users into BOBJ and auto-load the users in the appropriate groups. Perform Periodic Syncs: GRAC_ROLEREP_PROFILE_SYNC GRAC_ROLEREP_ROLE_SYNC GRAC_ROLEREP_USER_SYNC GRAC_BATCH_RISK_ANALYSIS . Execute GRC 10 analytical software Audit Reports to check for any HP SOD/Sox Errors. Then solve any SAP Segregation of Duties (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . In discovering any SOD/SOX errors the related Business Functional Team(s) were informed these errors and inform of any them of possible resolutions. Then seeking the team's contribution on how to resolve the problem. . Work with the client's Functional Teams to design the required task (roles) for such Modules like Controlling, Quality Management, Project Systems, Sales and Distribution, Finance, Materials Management. . Clean up the production system to maintain only required roles and preform routine SOD/SOX analysis to keep the Production clean. . Maintained Configuration Setting Parameter IDs (GRC) . Used transaction to SCPR20 to activate standard global rule sets. . Used transaction GRAC_DOWNLOAD_RULES to download Rules from one GRC System then used transaction GRAC_UPLOAD_RULES upload the Rule Set into another GRC . Setup FF IDs and Reviewed FF logs, Risk Analysis into GRC 10 Interfaced with technical and functional teams to solve security problems . Worked with function teams to assigned appropriate authorizations to BOBJ Groups Folders, and Queries . Fiori and HANA Role development and assignment. . Worked also with functional teams to setup BI and HANA accesses.NUTA Arizona Jan'016- Nov'016SAP Security/ Systems Audit/SOLMAN . Reviewed the process used to design, create and debug the Roles (ECC and SolMan-7.2) . Setup and chaired interviews of persons who are essential to the workflow of the Various departments of the enterprise. . Using Maestro (GRC) analytical software Audit Reports to check for any SOD/SOX Errors. Then solve any SAP Segregation of Duties (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . . Reviewed the testing process of the new roles and the process by which changes are done. . Review how locked/terminated are handled. . Review Users and there assigned roles with the various functional teams to ensure each user has only the required roles. . Instruct NUTA on security policies and procedures. . To determine the required Functions Groups for authorization object S_RFC the transaction SE80 was to determine what Function Groups are being used in a given ABAP program. . Trained NUTA personnel on ECC Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given. . Managed a team of 2 for a redesign of the ECC roles. And managed ti testing of same.Gulfstream Aerospace, Savannah, GA Jan'015 - Dec'015SAP BI Security Lead/SOLMAN . Analyzed the current system design to determine how to improve on its current design. Users were known to have access to queries outside of their scope. . Worked on SAP BI Security using SU53, PFCG, SU24, ST01, SM20, SUIM and working with the user base to design and solve user problems. . Set up BW authorizations for BW queries using RSECADMIN and BI- NetWeaver7.0 . Conducted workshops to gather information needed to create security roles . Worked with BI Developers to prepare for the roll-out of new BI Security roles. . Designed and developed HANA security, roles and set up Users. Developed HANA Security Roles and Set up Users. (HANA Security Roles are design to grant access based on the various HANA Privileges . Execute transaction SICF to activate a web service. . Data Management (Divestiture)...Company code, Master/transactional data, and sub-elements (e.g... controlling area) . Global Clients . Execute SCPR20 for BC setup. . Setup Workflows . Designed/Debugged roles for SOLMAN. . Set Security Worksheet that documents the structure of the BI Security process and roles. . Used SE38 to debug a custom ABAP program. . Setup security documents used to explain BI terms and provide User Instructions on RSA1, RSECADIM, and PFCG (using Word, Excel, PowerPoint) . Setup BW on HANA and setup HANA security for Basis, Security, and Users. . Set up mapping of new roles to old roles. This is used for loading the new roles into the effect uses.Continental Automotive Systems, Deer Park, IL Nov'014 -Jan'015SAP ECC/BI Security Consultant . Interfaced with technical and functional teams to solve security problems. . Worked on SAP security using SU53, PFCG, SU24, ST01, SM20, SUIM and working with the user base to design and solve user problems. . Using SUIM to determine the roles assigned to users or what authorization objects are assigned to roles. . Reviewed that the rules of SOXs and SODs were being using and that there was a define naming convention for the roles in placed and being used method. . Changed/debug roles for TM TM00, TM002, TM13, TM16, etc) . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, SOLAMAN, and ST01 . Changed/debug roles for PIP (ME22N, ME22N, ME2K, etc.) . Performing study to determine how to solve conflicts between the necessary rights of the user and the rights that the user actually has been given by the assigned roles . Using PFCG to add/ remove transaction and authorization objects and SU10 to perform mass changes to user roles assignments. . Work with the client's Functional Teams to design the required task (roles) for such Modules like Controlling, Quality Management, Sales and Distribution, Finance, Materials Management. . Used a SE80 to debug a SAP ABAP program. Once the reason for the error was found the information was sent to SAP for their review and applied. . Work with client to help set up testing processes used to test out roles. . Performing study to review how roles must be changed so that transactions will be performed has needed for users.Fossil, Dallas, TX & Suncor Energy, Inc., Calgary, Canada May'014- Oct'014SAP BI/ECC Security Consultant . Worked on SAP BI Security using SU53, PFCG, SU24, ST01, SM20, SUIM PA10, PA20, PA30 and working with the user base to design and solve user problems. . Designed BW authorizations for BW queries, (using RSECADMIN) (BI- NetWeaver7.0)) . Conducted workshops to gather information needed to create security roles. . Conducted workshops to gather information needed to create security roles. . Worked with BI Developers to prepare for the roll-out of new BI Security roles. . Set Security Worksheet that documents the structure of the BI Security process and roles. . Setup security documents used to explain BI terms and provide User Instructions on RSA1, RESECADMIN, and PFCG . BOBJ Administrator; setting up Users, Groups, Folders, Import Roles . Worked on SAP BI Security using SU53, PFCG, SU24, ST01, SM20, SUIM and working . Executed transaction SICF to activate a web service and executed SCPR20 for BC setup . Data Management (Divestiture)...Company code, Master/transactional data, and sub-elements (e.g... controlling area) . Performed Periodic Syncs: GRAC_ROLEREP_PROFILE_SYNC GRAC_ROLEREP_ROLE_SYNC GRAC_ROLEREP_USER_SYNC GRAC_BATCH_RISK_ANALYSIS . Solved SAP Segregation of Duties (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks and to ensure all access control provides a good control over SoD and risk analysis thereby keeping the SAP environment clean and risk free. . Maintained Configuration Setting Parameter IDs (GRC) . Used transaction to SCPR20 to activate standard global rule sets. . Setup FF IDs and Reviewed FF logs, Risk Analysis into GRC 10Interfaced with technical and functional teams to solve security problems. . Produce a technical document that outline in detail the BI Security Structure. . Knowledge/Training to the Fossil Security team concerning the BI Security Structure.Coca-Cola, Atlanta, GA Oct'013 - Apr'014SAP BI Security Analyst . Worked on SAP BI Security using SU53, PFCG, SU24, ST01, SM20, SUIM and working with the user base to design and solve user problems. . Designed BW authorizations for BW queries, (using RSECADMIN) (BI- NetWeaver7.0)) . Using SOLMAN-7.2 to control Transports (SM_CRM) . Conducted workshops to gather information needed to create security roles . Worked with BI Developers to prepare for the roll-out of new BI Security roles. . Set Security Worksheet that documents the structure of the BI Security process and roles. . Using SE38 determine the Function Groups used my custom ABAP program to be applied to the authorization object S_RFC . Setup security documents used to explain BI terms and provide User Instructions on RSA1, RSECADIM, and PFCG (using Word, Excel, PowerPoint) . Assign Portal roles and groups to users . Worked with Auditors to ready the system for a general audit. . Setup FF IDs and Reviewed FF logs, Risk Analysis into GRC 10 . Interfaced with technical and functional teams to solve security problems. . Produce a technical document that outline in detail the BI Security Structure. . Worked technical and functional teams to setup required tools and install plans for installing the new BI Roles. . Knowledge/Training to the Coke Security team concerning the BI Security Structure.Cameron, Houston, TX & Forest City, Cleveland, OH Feb'13 -Oct'013SAP BI/BW Security Analyst . Setup security documents used to explain BI terms and provide User Instructions on RSA1, RSECADIM, and PFCG (using Word, Excel, PowerPoint) . Conducted workshops to gather information needed to create security roles. . Interfaced with technical and functional teams to solve security problems. . Worked on SAP BI/BPC Security using SU53, PFCG, SU24, ST01, SM20, SUIM and working with the user base to design and solve user problems. . Designed BW authorizations for BW queries, (using RSECADMIN) (BI- NetWeaver7.0)) . Migrated the current BI 3.5 security structure (Role Base) to BI 7.0 (Analysis Authorization) . Designed security documents used to explain BI terms and provide User Instructions on RSA1, RESECADMIN, and PFCG . Debugged a custom ABAP code and sent the results to the ABAPer to review and apply changes. . Performed study to determine the required rights that are required for Users who will be assigned to new Company codes and Plant codes. . Assisted in the design, development, maintenance, and testing of SAP roles and provide consulting support to security team, project members and business users. . Using SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Setup classes in which I taught users how to user RSA1 and RESECADMINFairfax County Government, Fairfax County, VA May'011 -Dec'012SAP BI-BOBJ Security Consultant . Designed security documents used to explain BI terms and provide User Instructions on RSA1, RSECADIM, and PFCG . Interfaced with technical and functional teams to solve security problems. . Designed folder authorizations in BOBJ to allow users access to assigned Queries. . Setup Info-Objects, Info-Providers and Process Chains to gather into the BI production system security data from the various productions systems. . Written user Instructions for RESECADMIN and RSA1. (using Word, Excel, PowerPoint) . Setup classes in which I taught users how to user RSA1 and RESECADMIN . Performed study to determine the required rights that are required for "Special" IDs used in the production systems so that SAP_ALL might be removed. . Used SM36 and Sm37 to setup Batch processing (with the use of variants). . Using SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Worked with ABAP programmers in assigning Authorization Objects to custom programs . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, and ST01 . Using PFCG to add/ remove transaction and authorization objects and SU10 to perform mass changes to user roles assignments. . Worked with function leads to work out the planning, analysis design, development, coding, testing, maintenance of the implementation. . Interfaced with technical and functional teams to solve security problems.Bemis, Appleton, WI Mar'08 - Jan'11SAP Security Lead . Assisted in the design, development, maintenance, and testing of SAP roles and provide consulting support to security team, project members and business users. . With functional leads work out the planning, analysis design, development, coding, testing, maintenance of the implementation. . Interfaced with technical and functional teams to solve security problems. . Worked on SAP Security using SU53, SU24, SUIM SOLMAN and working with the user base to design and solve user problems. . Used ALM to provide framework for developing/ managing of applications as planned and any required operations. . Using PFCG to add/ remove transaction and authorization objects and SU10 to perform mass changes to user's roles assignments. . Conducted meetings with the heads of the functional teams to explain how role security works. . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, PA10, PA20, PA30, PO13 SLAW, and ST01 . Using ST01, ST05, PFCG, SU53 to solve problems between transactions and roles . Using SUIM to determine the roles assigned to users or what authorization objects are assigned to roles . Debug SAP APAB program and set the results to SAP for their review and use. . Using AL08, SM51, and SM04 to monitor/ kill users and SU01 to add/ changed users, set/ reset user passwords, lock/ unlocked users, and to assign/ unassigned roles to users. . Designed BW authorizations for BW queries, (using RSECADMIN) (BI- NetWeaver7.0) . Using SUGR to setup user groups . Used SU10 to perform mass changes to user roles assignments . Working knowledge of SE80 . Worked with BASIS to setup the parameters: Login/fails_to_session_end, Login, system_client, Login/min_psssword_lng, . Re-designed the BW security at Bemis and set up a technical document that outlines the BW security system and is used by developers and functional users . Execute CPGRC (Symmetry Corporation) analytical software Audit Reports to check for any SOD/Sox Errors. Then solve any SAP Segregation of Duties (SOD) problems and SAP transaction Usage Analysis for remediation and compliance risks. . Trained Client employees in BI Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given.Corbis, Seattle, WA Aug'07 - Feb'08SAP Security Lead . Security lead and managed a security team of 3 to setup security policies and review including presentations to senior client staff . Working with the function leads work out the analysis, planning, design, development, coding, testing, maintenance of the implementation. . Conducted computer security reviews, violation investigations, and prepare reports to Management . Assisted in the design, development, maintenance, and testing of SAP roles and provide consulting support to security team, project members and business users in USA and Europe . In ECC systems worked with Functional Teams and users to resolve authorization needs and Errors. Using transaction like SU01, SU53, ST03N, PFCG, and ST01 . Worked on SAP Security using SU53, SU24, SUIM and working with the user base to Design and solve user problems. . Worked with functional SAP to map user task to related SAP transactions. Then used this mapping to develop roles. (System R/3 & BW & HCM & CRM) (client is converting from JD-Edwards to SAP) . Used various transactions in HCM, (example: PA10, PA20, PA30, SPRO, PO13, PO03, ESS, LSO, MSS) . Set up BW authorizations for BW queries. . Teaching class on BI security . Worked with client to help set up testing processes used to test out roles. And Provided Post Go Live Support . Used SPAD and SP01 to add and maintain printers. . Using SUGR to setup user groups . Backend processing in Java . Wrote ABAP program to list out specific customer data. . Used SU10 to perform mass changes to users' roles assignments. . Trained Client employees in ECC and BI Security. The one point that must be made clear is that authentication is used to grant access to the system only...but is only by authorization is it determine what the access rights will be given. . Meet with the CFO of Corbis to recommend that VIRSA and CUA be purchased and installed.Samsonite, Denver, CO Jun'06 - July'07SAP Security Analyst . Worked on SAP Security using SU53, SU24, SUIM and working with the user base to design and solve user problems. . Conducted workshops to gather information needed to create security roles. . Architected/Security lead for BI. CRM, FI, HCM, IV, SRM, CO, SD, PP, etc. . Using AL08, SM51, and SM04 to monitor/ kill users and SU01 to add/ changed users, set/ reset user passwords, lock/ unlocked users, and to assign/ unassigned roles to users. . Worked with functional SAP to map user task to related SAP transactions. Then used this mapping to develop roles. (System R/3 & BW & HCM) (client is converting from JD-Edwards to SAP) . Used various transactions in HCM, (example: PA10, PA20, PA30) . Work with client to help set up testing processes used to test out roles. And Provided Post Go Live Support for USA and Europe . Setup and taught how to install CUA... (USA and Belgium) . Used SPAD and SP01 to add and maintain printers. . Using SUGR to setup user groups . Used SU10 to perform mass changes to users' roles assignments.Pioneer, Long Beach, CA March'06 - May'06SAP SecurityJabil, St. Petersburg, FL Nov'05 - Feb'06SAP SecurityDeluxe Minnesota July'05 - July'05SAP Security/ Systems AuditGPI Atlanta, GA Feb 99 - May'05Senior SAP Basis Consultant and AdministratorParagon Trade Brands, Norcross GA (now Tyco)Osprey Systems consulting for Hoechst Celanese, Charlotte, NCEducation:Bachelor of Science in Mathematics, University of Michigan (1975) |