SAP GRC SME
Saudi Arabian Monetary Authority
Total years of experience :19 years, 10 Months
SAP GRC Lead responsible for all GRC initiatives, incidents etc.
SAP Phase 3 Authorization & GRC Sr. Consultant
GRC PC 10.0 FCF Implementation Phase1 & 2
responsible for Implementing GRC AC 10.0 Suite, GRC PC & RM 10.0 security, SAP Security, Pre-Sales, Customer Demos, Proposals etc.,
Workshop for gathering the security requirements related to GRC PC 10.0 & RM 10.0
Work with the Functional Team for building the role design strategy and requirements
Build and finalize User to ENTITY template in PC 10.0 and RM 10.0
Participate in UAT and resolve issues related to authorizations related to PFCG roles and ENTITY assignments to the PC 10.0 and RM 10.0 business users.
Production cut over activities such as User Id creation, Role assignments and User assignments to Organizations in NWBC User access screen.
Go-Live and Post Go-live support.
BI 7.3 Analysis authorization report roles & Project Team related access management.
SAP GRC Access Control 10.0 Implementation
responsible for Implementing GRC AC suite, SAP Security, Sales Support etc
responsible for Implementing
responsible for Implementing
responsible for leading the team and monitoring SLA
Solving authorization issues, role refinements, SOX compliance etc
Solving authorization issues, role modifications.
Desktop issues, OS and printer installations and troubleshooting etc.
SAP Phase 3 Implementation Project
Role
Design & implement security for HCM solutions( ESSMSS, SAP Learning solutions, SAP E-Recruitment, Portal, HR Renewal 2.0, SRM, Management of change, BI, GRC Access Control 10.1 BRM & ARM, Feasibility study for GRC Process control and Risk Management implementation.
Responsibilities/Deliverables
Workshops for formulating Project teams and support teams access request procedures as per QP policies
Design and build project team roles for SAP E-recruitment, ESS/MSS, SAP LSO, SAP SRM, SAP MOC, SAP MAM
Workshop along with the functional team for collecting role design requirements
Alignment meetings with the customer security team and design process for project team’s access request to support landscapes and project landscapes.
End User menu strategy build along with OCM team
Alignment meetings with the PORTAL team to develop the role design framework to be in line with the portal content upload from PFCG roles.
Conduct the role matrix workshop for the SAP E-Recruitment solution with the stakeholders.
Role build and modifications of the menu entries and folder structures to incorporate the default page, OBN parameters, system alias etc.
Role upload to the portal system activity and troubleshoot errors at Role level.
Alignment meetings with the ESS MSS functional and Portal consultants for role design requirements for HR Renewal 2.0
Build ESS & MSS roles and upload support to portal.
Troubleshoot unit testing missing authorization.
Build documentation for the Portal role upload and Role design rationale.
Build SAP management of Change(MOC) roles
Build and trouble shoot roles for SRM Supplier Life Cycle(SLC) solution
AC 10.0 BRM & ARM Implementation
Role
SAP GRC Access Control 10.0 Lead
Responsibilities/Deliverables
Workshop for gathering the functional requirements related to GRC AC 10 BRM & ARM
Working with the Business consultant to understand the business requirements from OPUs and proposing the required functional configuration concept
Baseline configuration and validation
Configuration of BRM& ARM as per the signed Business blue print
MSMP and BRF+ configuration as per the customer requirement
Plan and prepare Unit testing with test manager
Assisting Basis team on post installation steps, LDAP integration etc.
ARM End user screen lay out changes by customizing End User personalization(EUP)
GRC Business Role concept proposal and enabling the customer adaption
Participated in the Business OPU discussions to understand their existing pain points and proposed required functional solution.
Knowledge transfer to the PETRONAS GRC AC project team in preparing the Unit Test documentation
Conduct Unit testing of GRC BRM & ARM configuration and issue resolution.
GRC AC CUP 5.3 Implementation
Role
SAP GRC AC Team Lead
Responsibilities/Deliverables
Workshop for framing the GRC AC CUP 5.3 project scope and project plan as per the SOW
Conducting workshops to gather customer requirements for GRC AC CUP 5.3
Business Blueprint documentation
Baseline configuration and validation
Workshop with the change management team to plan and document the customer specific change management plan
Finalized the customization as per the BBP.
Unit testing the GRC QAS system for desired functionality and performance
End user screen lay out changes by adding the customer logo
Preparation for UAT
Go Live and post go live support
Knowledge transfer to the TNB project team
AC 10 greenfield Implementation, Security redesign
Role
SAP GRC AC 10 Project lead
Responsibilities/Deliverables
Workshop for framing the GRC AC 10 project scope and project plan as per the SOW
Conducting workshops to gather customer requirements for GRC AC 10 Access Risk Analysis and Super user management.
Business Blueprint documentation
Baseline configuration and validation
Creation of customized rule set in line with the existing GRC solution
Upload and test the customized rule set into GRC AC 10 systems for its effectiveness.
Back jobs for synchronization of user, role, authorization and Batch risk analysis
Back jobs for SUM notification, log reports etc.
Finalized the customization as per the BBP.
Configured Super User Management for all the identified back end systems
Workshops for the local IT team in using the GRC AC 10 system for Access Risk Analysis and Super user management.
Finalize the configuration and move the transports to the GRC Prod system.
Analyze the post transport status and do manual corrections if any
Testing the GRC prod systems for desired functionality and performance
UAT framework discussion and supervise the task handling status and communicate to the concerned stake holders
Cut over check list and execution of the cut over tasks
Preparation for the Go-Live.
Go Live and Post Go Live support.
Hand over session with documentation
AC 10 Ramp up Implementation, Security redesign
Role
SAP GRC AC 10 & Security project lead
Responsibilities/Deliverables
Workshop for framing the GRC AC 10 ramp up project scope and project plan as per the SOW
Conducting workshops to gather customer requirements for GRC AC 10 Access Risk Analysis and Super user management.
Finalize the scope including 14 roll outs and create the BBP document.
Baseline configuration and validation
Brain storming sessions with the process and audit groups to understand the corporate SoD framework, audit recommendations and other statutory requirements.
Creation of customized rule set in line with the corporate SoD guidelines and other recommendations
Upload and test the customized rule set into GRC AC 10 systems for its effectiveness.
Back jobs for synchronization of user, role, authorization and Batch risk analysis
Back jobs for SUM notification, log reports etc.
Finalized the customization as per the BBP.
Interacting with the SAP GRC 10 developers for various bug fixes and other enhancements
Conduct workshops for governance model and guide the customer with the final output
Configured Super User Management for all the identified back end systems
Workshops for the local IT team in using the GRC AC 10 system for Access Risk Analysis and Super user management.
Finalize the configuration and move the transports to the GRC Prod system.
Analyze the post transport status and do manual corrections if any
Testing the GRC prod systems for desired functionality and performance
POC for GRC AC 10 Business role management and Access request management
Configured Business role management with the standard role methodology and role management workflow
Configured GRC AC 10 Access request management with a 3 stage MSMP work flow for New hire, Change requests.
Configured Password self-service for all the back end systems
Configured Lock and Unlock requests with a 1 stage work flow.
Worked with various groups in the IT infra division for archiving, backup, firewall, requirements of the project.
Worked with the support group in identifying the changes required for the security issues in the scope of GRC AC 10 and adapt them for the current SLA framework.
UAT framework discussion and supervise the task handling status and communicate to the concerned stake holders
Cut over check list and execution of the cut over tasks
Preparation for the Go-Live.
Go Live and Post Go Live support.
Remediation/Mitigation control workshop, creation and assignment
Roll out implementations for the remaining markets.
for Media Implementation
Role
SAP Security lead
Responsibilities/Deliverables
Listed Customer specific requirements for authorization.
Conduct and drive the authorization approach workshops with the customer IT OPS team.
Created project support roles for technical and functional teams
Approach, strategy, time lines and other requirements for implementing a good security model
Creation of Authorization Matrix formats for SAP for Media and CRM modules.
Authorization matrix kick off work shop for functional team
Authorization matrix workshops per individual functional team and matrix filled in line with the ARIS BP model and OCM guidelines
Role creation as per the finalized role matrix
Role modifications as per the approval procedure.
Documented the entire approach process in Solution Manager
Creation of User Ids and Roles as per the set naming convention and approval process.
Designed the security unit testing process along with the testing team
Addressed missing authorizations and authorization restriction issues logged by the functional testers.
Addressing missing Authorization using tools like SU53, system trace etc.
/Deliverables
Created project support roles for technical and functional teams
Listed Customer specific requirements for authorization.
Participated in the security strategy proposal discussions.
Creation of User Ids and Roles as per the set naming convention and approval process.
Creation of Authorization Matrix formats for the Identified SAP Modules.
Circulating the Auth. Matrix to the Functional Teams, Clarifications to the Functional Teams.
Role creation as per the functional role matrix
Role modifications as per the approval procedure.
Documented the entire role creation process as role packages in Solution Manager
Supported the functional role testing process and addressed missing authorizations and authorization restriction issues logged by the functional testers.
Analyzing SU53, ST01 screen shots to debug Authorization problems.
Post maintenance of Missing Authorization.
Access Controls 5.3 Quick Start Implementation
/Deliverables
Conducted pre Implementation calls with the customer for Quick Start Implementation enablement.
Conducted client kick off meeting and presented GRC AC 5.3 functionalities to the customer GRC core team, Basis & Security team, SCI Internal audit and SCI operations group.
Verified the GRC AC 5.3 dev installation and performed post installation tasks, integration with the back end SAP servers as per the project scope.
Conducted requirement gathering meeting for Access Controls 5.3
Documented the AS-IS Analysis and sign off from the customer.
Listed Customer specific requirements for various processes in GRC AC.
Documented the Information on SAP Modules, Org structure etc.
Proposed naming conventions for Roles and Role Types.
Conducted and documented GRC Work Flow meeting and finalized the path and the stage approvers
Proposed and documented the TO - BE risk management strategy using GRC AC5.3 and sign off from the customer
Baseline configuration of GRC AC components (RAR, ERM, CUP and SPM).
Trained the customer GRC core team on various stages in the Risk management phase.
Trained the Basis & Security Consultants in using the GRC Enterprise Role Management.
Day to day administrative tasks for GRC AC 5.3 was explained to the customer Basis and GRC core team.
Conducted wrap up and knowledge transition to the Customer GRC core team.
SAP Security Implementation-Blue Print Phase
/Deliverables
Gathered information on security in the customer existing IT setup.
Documented the AS-IS Analysis and sign off from the customer.
Listed Customer specific requirements for authorization.
Documented the Information on
GRC 5.3 Ramp up and Security Implementation
Role
GRC & Security Team Lead
Responsibilities/Deliverables
Actively involved in Feasibility study phase of the Implementation.
Documentation for Pre-Implementation phases of GRC Access Control Suite 5.3, SAP Security like AS-IS, TO- BE etc
Created SAP(ECC, CRM, SRM, SOLUTION MANAGER, BI) & NW UME(EP, GRC) roles in DEV systems for various user groups
Trained the security team, in using Role Expert for role creation to ABAP Systems.
Role naming conventions was proposed as per the client’s authorization strategy
Procedural documentations were made as per the client’s IT policy, access approval strategy.
GRC AC 5.3 products (ERM, RAR, CUP and SPM) were configured as per the recommendations from the Audit group.
Actively involved in Post Go Live support by trouble shooting missing authorizations in ECC, SRM, CRM, and BI.
Modified and assigned the roles to End users as per the process defined process and transported to Productions systems as per the Change Management Strategy.
Conducted trainings for the Customer Security and GRC team on various topics like Single and Derived roles, Restricting tables and programs by assigning auth. Groups, importance of audit data for changes in the Production systems, analysis auth. in BI etc.
Configured AIS (Audit Information Systems) to monitor the changes happening in Production systems.
Analyzing SU53, ST01 screen shots to debug Authorization problems.
Post maintenance of Missing Authorization.
Mass user and role creation
Used CATT scripts for mass changes like Role assignment and User Creation.
GRC 5.2 Implementation & Technology Support
Role
GRC Implementer
Responsibilities/Deliverables
Implementation of GRC Access Control Suite 5.2 on Dev/Qua and Production Systems.
Actively involved in all phases of Implementation like Feasibility study, Realization (Installation and Implementation), Pre Go live and Post Go live etc.
Created NW UME roles in GRC boxes for various user groups
Trained the security team, in using Role Expert for role creation.
Role naming conventions was configured in RE as per the client’s authorization strategy which includes Risk Analysis.
Trained the Controls Dept. in using Compliance Calibrator for risk analysis and mitigation controls.
Access Enforcer was configured to meet the complete end user requirements like Access Change, Password Self service, new account creation etc.
Business Process, Sub processes and Functional Areas were effectively configured to meet the client’s authorization approval strategy.
Fire fighter access Privileges were configured on both Java and ABAP stacks as per the IT policies of the client.
Procedural documentations were made as per the client’s IT policy, access approval strategy.
Three stage Authorization approval Work Flows in Access Enforcer were designed in concert with the approval strategy
/ Deliverables
Worked with GRC tools like Role Expert (RE).
Authorization redesign and modification of ECC 6.0, HCM, CRM
Activity group’s creation/modification/Refinement
Direct contact with functional counterparts collecting security requirements for redesign/refinement of existing roles
Refinement/ creation of roles as per SOD
Analyzing SU53, ST01 screen shots to debug Authorization problems.
Post maintenance of Missing Authorization.
Mass user and role creation
Proficiency with Profile generator
Authorization traces
Used CATT scripts for mass changes like Role creation, modification and User Creation.
/Deliverables
Authorization redesign of MM, PP, QM and FI modules
Defined process for refinement and change requests.
Cleaned up and optimized MM, PP, QM and FI roles
Activity group’s creation/modification/Refinement
Direct contact with functional counterparts collecting security requirements for redesign/refinement of existing roles
Refinement/ creation of roles as per SOD
Analyzing SU53, ST01 screen shots to debug Authorization problems.
Post maintenance of Missing Authorization.
Mass user creation
Profile generator
Authorization traces
/Deliverables
User and activity group’s creation/modification
User creation/deletion/lockdown/activation
Profile generator
Authorization traces
Password management
Direct contact with functional counterparts collecting current R3 security requirements
Analyzing SU53, ST01 screen shots to debug Authorization problems.
Post maintenance of Missing Authorization.
Cleaned up and optimized security Roles
Processing New Hire, Incident, Change, Termination and SOX Compliance Tickets.
Processing tickets as per the privileges of the client (S.L.A).
Performed transporting of roles and Used CATT scripts for mass changes.
Worked with VIRSA systems VRAT tool in identifying SOD conflicts.
Worked with VIRSA systems VFAT tool for granting access to Fire fighter User ids based on BIS approval.
Processing escalation, Development Tickets.
Internal SOX auditing.
Delta Email Uploads
Portal User Administration.
R/3 4.6 Implementation & Technology Support
responsible for the following:
Installation of Operating Systems and related Medical software.
Testing the new versions and preparing standard statements.
Creating User Documentation regarding installation, trouble shooting, etc.
Onsite work relating to installations, training and trouble shooting.
Project Preparation.
GRC 5.2 Access Control Installation Methodology.
Process Flow for Deployment of GRC components.
Identification of Potential Risks & Mitigation during the Complete Project.
Media List Validation for GRC Access Control 5.2 Installations.
Validation of the Technical Documentation for GRC 5.2 AC Installation.
Reviewing Standard SAP notes with the Basis Consultant for implementing on GRC as required.
Providing Support to Basis Consultant for GRC Installation from Security Perspective.
(
URL removed due to policy violation. Please contact support for further information.