SAP Security and GRC Consultant
Nigerian National Petroleum Corporation (NNPC)
Total years of experience :9 years, 9 Months
- Part of the team that implemented the GRC (Access Control, Process Control and Risk Management) solution to manage the internal security model, remediate compliance issues, and monitor business risks within the SAP landscape.
- Responsible for technical design, development and configuration of roles and authorisations across the SAP systems (ERP, HCM, BW, Portal, ECM & Fiori); also, compliant user provisioning and role mapping.
- Perform analysis of sensitive transactions, Segregation of Duty (SoD) violations and deviations from established procedures, unauthorised system activities and applying remediation and mitigation procedures.
- Achieved a reduction of access risk violation exposure by 90% over 2 years of operations.
- Projects & Deployments supported: Funds Management, Split Valuation, PR, PO, SA Release Strategy, Demurrage Claims, Educational Certificate Maintenance, Performance Management, Travel Management, Fiori implementation, Role Redesign, and several others.
- Took part in the design of NITDAâs IT communication policy.
- Part of the team that designed and proposed an Intelligent Phishing Detection and
Prevention System to NCC and NDIC.
- Trained AMCON and NDIC staff on Secure Online Communication.
- Provides training classes for the courses: COMPTIA A+, Network+, Security+ and Ethical
Hacking.
- Acquisition, setup and deployment, support and maintenance of IT equipment in the
organization.
- Provided tuition classes and workshops in Computer courses and Mathematics from
secondary to university level (Networking, Web design etc).
- Lead instructor for 'Computing 4 Kids' programme, teaching programming and basic
computing.
- Co-organiser of tri-annual Camp 4 Kids. Activities include sports, fashion, robotics, science
and technology.
- Worked with students with learning difficulties (dyslexic, etc.) across computing
programmes to help facilitate their learning progression; also did stints in Photography,
Biology, Psychology, Education, and TV and Media, thereby giving me a well-rounded
knowledge.
- My roles were 1:1 mentoring and tutoring, project research assistant and reviews, manual
and electronic note-taking, computer lab support, library use assistant, exam support and
invigilation.
- Modules: Computer Networks, Wireless and Mobile Communication; Network Systems and Services; Network Security; Security Architecture and Engineering; Project Research and Communication Skills, Postgraduate Project in Computer Communications. - Research Projects: Security Re-engineering of HSBC Online Banking; Face Identification in Multimedia Archives; Monitoring and Tracking Hospital Patients Using Bluetooth and Wireless LANs, Web Server Operating Systems (Windows v Linux); Digital Forensics; Tracking and Identifying Individual Users in a Web Surfing Session; Biometrics. - Thesis: “An Investigation into the Security and Privacy Issues of Cloud Computing: A Case Study of Amazon Elastic Compute Cloud (EC2) and Dropbox.” – (Published) - Awards: Received a Postgraduate Technology Award for best graduating student.
- Gained a wide background on general computing aspects: Web Application Engineering, Database Management Systems, Data Communications, Object-oriented Programming, Artificial Intelligence, Human-Computer Interaction, etc. - Final Year Project: “Sneics: A Java Game Design and Implementation.”