Resume of SAP Security Consultant

Title
SAP Security Consultant

Primary Skills
SAP Security, Solution Manager, Netweaver, R/3 / ECC 6.0, GRC CC,AE,FF,RE Unix Oracle

Location
US-TX-Dallas (will consider relocating)

Posted
Jul-01-08


SUMMARY OF QUALIFICATIONS

Outstanding experience in SAP R/3/ ECC 6 Security / Authorizations for Supply Chain Management, Manufacturing & Utilities Companies as Security Consultant covering 4 major and complex SAP Security projects. Performed multiple troubleshooting and strategy type engagements around the use of SAP Security / GRC projects.
More than 4 years SAP and 16 years Information Technology experience.
Good understating of SOD /Security Assessment / SAP Authorization / Roles and SOX.

Successfully completed SAP trainings:
• ADM940 SAP Authorization Concept
• ADM950 SAP System Management 4.7
• SAP GRC (Virsa Compliance Calibrator 5.1)

Security Tools: SPA GRC / Virsa (Compliance Calibrator 4.0 / 5.1, Risk Terminator,
Firefighter 3.0 & SAP User Management Engine / CUA) , SAP Solution
Manager 4.0 (SolMan)
Operating Systems: HP / Sun UNIX, VAX VMS, IBM AS/400, Windows NT/XP
Databases & Tools: Oracle 8/9i, SQL Server, TOAD and test director
Programming Languages: C++, CORBA, PL/SQL
ERP Applications: SAP R/3 4.6 / ECC 6.0 SD/MM, FI/CO, HR, Solution Manager 4.0

PROFESSIONAL EXPERIENCE

PETSMART, Phoenix,AZ Jan. 2008 - Mar. 2008
Sr. SAP Security Consultant

Helped Client for SAP GRC Access Control Upgrade from 5.1 to 5.2. Analyzed current GRC 5.1 installation on SAP R/3 4.6c. Prepared the plan for installation onto ECC 6.0 backend. Helped client in performing Solution Monitoring, Administration and Change Control Management with use of Solution Manager.

California Portland Cement Corp., Glendora, CA Nov. 2007 - Dec. 2007
Sr. SAP Security Consultant

Performed User Management for SAP ECC 6.0 using Solution Manager 4.0 (SolMan) / CUA. Developed / maintained the Roles and their assignment to users. Create new Roles / users for Companies new acquisitions in HR,PY, SD,MM. Perform Role Management /Transaction security by restricting access to authorization objects. Debugging the user authorization problems using su53 / trace. Support GRC Access Control Batch jobs and Reports.

Centerpoint Energy, Houston,TX Aug. 2007 - Nov 2007
SAP Security Consultant

Evaluated Logical Security around SAP BASIS environment. Evaluated current user roles to improve system performance. Recommended solutions to remediate SOD conflict issues related to Logical Access for HR, FI / CO, SD/MM modules using Virsa Compliance Calibrator & firefighter 4.0.

World Bank Group, Washington,DC March 2007 -- June 2007
SAP SOD Consultant

World Bank disburses the Loans to Developing Countries around the world to the amount of US $30 Billion. Evaluated GCC Control related to Bank's Treasury Application and ISG (Information System Support Group) . Conducted walkthrough of business processes for System Support and Information security related to SAP R/3 FI /CO applications. Performed users / role Administration using Profile Generator. Performed SOD conflict resolutions using Virsa Compliance Calibrator for SAP GRC in conjunction with HR FI / CO. Analyzed usage of Emergency Super users in SAP using Virsa Firefighter. Helped the client in analyzing current Solution Manager Configuration and suggesting improvements to utilize it to increase productivity of SAP installation.

Fannie Mae, Inc., Reston,VA August 2006 -- February 2007
St. IT Risk Consultant

Fannie Mae is largest Mortgage finance Company booked a profit of US $ 6.3 Billion in 2005. I was involved in Consulting with regards to Sarbanes-Oxley Compliance for Enterprise System Management Group's Risk Office Responsibility included guiding Information Technology Department in understanding of risk and controls as they document Information Security . Worked on Access Control, Issue Log which included the deficiencies and recommendations to close the gaps for Oracle Database.

PSE&G, Newark,NJ July 2006 -- Aug. 2006
SAP Security Consultant

Guide IT Department in Configuring Central User Administration for SAP ERP System. Used Virsa Compliance Calibrator in order to assure Separation of Duties for roles and users as part of Sarbanes-Oxley 404 Compliance for SAP FI & MM Applications.

Manulife Financials (John Hancock), Boston, MA Oct. 2005 -- June 2006
Consultant

Acted as Information Security Consultant for IT Department in assessing Logical / Physical Security for Companies Reinsurance and Annuities Application. Recommended solutions to avoid SOD conflicts to comply with SOX Compliance for Oracle Database platform

TRW Automotive, Shirley, UK May 2005 -- Sept. 2005
Lead SAP Security Consultant

Helped Companies IT / Internal Audit Department to achieve Sarbanes-Oxley Compliance to overcome SOD issued in SAP ERP System.
Worked on improving SAP user / Role Management to avoid SOD issues
for SCM / FI. / HR Modules. Lead the team of 3 Security Consultants.


Aeroflex,NY (hi-tech electronic Mfg.) Sep. 2004 - May 2005
SAP Security Consultant
Coordinated and performed testing of SAP ERP Security for Companies facilities throughout US. Worked on Configuration Controls for SAP Access Control & SOD in collaboration with business process owners

Merrill Lynch, NJ Mar 2004 - Sep. 2004
SOX Consultant
Created test plan and tested automated application controls for Companies Technology Management group. Worked on testing for the 5 Stock Applications as part of Sarbnaes-Oxley 404 Compliance


Intel, Inc, CA Sep 2003 - Feb . 2004
SAP Security Consultant
Analyzed the Security controls of SAP ERP SCM application and Oracle Platform. Analyzed the standard and Customized settings for SAP R/3 System Parameters, CTS , Authorization profiles (Profile Generator) & User Access. Used VIRSA Compliance Calibrator in order to assure Sarbanes-Oxley Separation of Duties compliance for users .

Verizon Wireless, NJ July 2003 - Sep 2003
IT Consultant
Implemented Revenue Assurance module of Amdocs Billing Software written in Unix / C. The Implementation and support was challenging as system stopped functioning before I came on-board.

US Cellular,IL Jan -2003 - July 2003
Consultant

Implemented Wireless Number portability Software (as part of FCC compliance) written in C++ / Corba for US Cellular Corporation based in Chicago. Also helped in release management of newer version of STAR Billing system.

AMDOCS, Inc., St. Louis, MO September 2000 - December 2002
System Analyst

Implemented and Supported Revenue Assurance module of Amdocs Billing Software written in Unix / C & COBOL. Major client include Roger's AT&T, SBC & Sprint.

Syntel Inc., Troy, MI March 1998 - October 1999
System Analyst

Documented existing IT process and prepared gap Analysis for Y2K problem Maintained and implemented client-server applications related to Freight bill Audit payment system for Logistic Company in C, PRO* C and ORACLE RDB on VAX. Helped client in configuring and setting up of Source Control Management system.

Indian Oil Corporation, Bombay, India January 1988 - March 1998
Assistant Manager (Systems Audit)

Audited IT infrastructures (Operating Systems, Network, LANs,) and application systems at Companies HQ and various POS all over country. Participated in design, development testing and implementation of Billing system for Petroleum (Oil & Gas) products at POS locations for this Fortune 500 Company Helped to incorporate Audit trails in various IT Application System

EDUCATION / MEMBERSHIPS
GRC Access Control (Virsa Compliance Calibrator for SAP v5.1) Certification, Aug. 2007 by SAP

CISA (Certified Information System Auditor), June 2006
Network / Wireless Penetration testing, Dallascon, May 2005
IT Audit & Security Boot Camp, by CANAUDIT, Inc., Jan. 2005
B.S. (Computer Science) Aug. 1986

Member, Information Systems Audit & Control Association
Member, Information System Security Association

WORK Authorization:
US - Permanent Resident (Green Card holder)
India -- Citizen
Brazil - 5 year business visa

Certifications
CISA
Virsa Complaince Calibrator



You must be logged in and have a current resume access subscription. Login or Register »

View all resumes in US-TX-Dallas »
View all resumes in US-TX »

View other SAP Security Consultant resumes