SAP Security & Controls Architect & SME
· Led security & controls discipline for multiple clients across different industry sectors– Maersk, Mondelez International, Invista, Philips-Van Heusen (PVH), Cargill & Life Sciences industry. Responsible for development of security design solutions, driving requirement workshops, business role definitions and execution of security integration build, test, deployment, and stabilization for large environments. Reengineered access management processes and implemented strategic changes to improve access provisioning workflow processes. Performed pre-go live checks from readiness standpoint, sampling-based security audits for controls compliance in-line with established change management procedures.
· Experienced in various SAP projects ranging from implementations, redesigns, assessments, financial transformations, advisory and steady state support. Delivered client’s complex security requirements utilizing the SAP infrastructure authorization concept and leveraging various implementation methodologies including Deloitte’s Enterprise Value Delivery (EVD) methodology. He has designed strategies to suite client requirements and has worked on different role design strategies including position based, business roles, single, master/derived and enabler roles.
· Implemented security models for SAP reporting applications - Business intelligence (BI) & HANA database with front-end tools like Bex, Analysis for office, Business objects platform.
· Led transition efforts from project work to successful application managed services model on one C&IP client. Involved in reviewing production support changes to determine their alignment with global design, business role management & identifying improvement areas in line with leading practice recommendations.
· Planned and facilitated security unit and integration testing strategy and perform root cause analysis of the issues encountered, resolve them, and provide guidance and recommendations to the organization’s management team on potential risk areas. Experienced in handling release activities including prioritization of change requests, project risks tracking & closure, business role management, security changes migration and transport management task during Go-live.
SAP Governance Risk & Compliance SME
·SAP GRC Access Control (AC) 12.0 support for Access Risk Analysis, Access Request Management (ARM), Emergency Access Management (EAM) & Business Role Management lite modules.
· GRC Ruleset customization to include custom transactions & Fiori apps for connected SAP applications.
· Custom GRC ruleset benchmarking against industry leading practices.
· Leveraged Soterion GRC tool for risks identification, getting & staying clean using several workflow types, mitigation controls and standard reporting.
· Location lead – responsible for driving operations locally and improve collaboration across solutions and locations.
· Responsible for driving organization wide people initiatives – hiring, staff deployment & performance management.
Business development – driving growth, adding new solutions & building competency around those solutions.