SAP security & GRC consultant

Company: Diverse Lynx
Location: Dallas
Posted on: March 21, 2023

Job Description:

Job Description

SAP security & GRC consultant
Monday is an achievement-oriented and self-motivated IT professional who can deliver results with minimal supervision. He is keen in listening and communicating effectively, which has made him particularly adaptable in team-oriented environments to achieve maximum results. He has over 7 years of IT experience with the last 4 years of dedicated experience in SAP Security and GRC implementation and support. He understands business processes in regards to technical applications and is able to facilitate collaboration between technical teams, business process owners, and various levels of decision makers using technical terminology.
Monday is proficient supporting SAP Security and GRC- Access Control in Access Risk Analysis (ARA), Access Request Management (ARM), Business Role Management (BRM) and Emergency Access Management (EAM). Monday also has 2 full cycle implementations in sap security and has a good understanding of SOX compliance requirements and SOD conflict issues.I have experience in S/4HANA

CORE ENGAGEMENT
* SAP Implementation
* GRC AC Implementation
* ASAP Methodology

* Segregation of Duties (SOD)
* SOD Design and Remediation
* Information System Audit

* Continuous Monitoring
* Production Support
* SAP Launchpad support

PROFESSIONAL EXPERIENCE

Subaru 06/2022 to Present
Role: SAP Security Analyst
Responsible for OSS connection creation and maintenance, user access management and provisioning, authorization management, Unit testing, SOD detection and remediation and general security related troubleshooting including internal and external audit support as needed. Key responsibilities include:
Responsibilities:
* OSS connection creation and maintenance using SAP launchpad tool
* Creating/Deleting S_USER ID's
* Creating and maintaining user master data according to the security policies and procedures.
* Responsible for creating and maintaining Master/Derived/Composite Roles, and Authorizations using Profile Generator (PFCG) throughout multiple SAP Landscapes based on complex client design restrictions and security.
* Worked on Mass user Administration activities using SU10
* Running Unit testing and User Acceptance testing.
* Supporting with user administration.
* Role change support for role that need to be transported using Rev Trac.
* Checking Queues of Tickets assigned in ServiceNow and giving production support
* C4S tool support
* Generating activity log for RFC/ System user Id
* Production support using SAP IDM tool.

NTD DATA 08/2019 to 06/2020

Role: SAP Security and GRC Consultant
Responsible for user access management and provisioning, authorization management, GRC Access Control SOD detection and remediation and general security related troubleshooting including internal and external audit support as needed. Key responsibilities include:
Responsibilities:
* Creating and maintaining user master data according to the security policies and procedures.
* Responsible for creating and maintaining Master/Derived/Composite Roles, and Authorizations using Profile Generator (PFCG) throughout multiple SAP Landscapes based on complex client design restrictions and security.
* Worked on Mass user Administration activities using SU10
* Tracing, troubleshooting and assigning missing Authorizations as per User requirement using SU53, SU56, SU21, SUIM, SE16N, ST01 & STAUTHTRACE
* Creating and modifying Single Roles, composite roles and Derived roles as per change request (PFCG).
* Extensively Used SUIM (User Information System) to generate various reports for audit monitoring.
* Assigning Controllers, and Owners to Firefighter IDs assigning firefighter IDs to firefighters.
* Validating the SOD violations for the available roles & users in the landscape against the regional rule set.
* Perform the simulation to find the violations for the new roles to be created against the regional rule set.
* Performing the remediation for the roles to resolve the risks at the role level instead of mitigation.
* Generating Firefighter log reports
* Downloading various security reports from ARA and EAM
* Review and act on daily monitoring/change reports and perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
* Provide knowledge transfer and train client's personnel on security authorization concept and security design/implementation.
* Perform daily monitoring of scheduled jobs related to security and compliance activities and associated system administration tasks.
* Prepare all applicable deliverables such requirement document, setup/configuration documents and weekly status reports.
* Communicate with clients of all levels

APPS Compliance LLC 02/2018 to 08/2019

Role: SAP GRC Consultant
Primary responsibilities were centered around SAP Security support and GRC implementation which involved managing services/daily support of security in SAP System Landscape, User and role administration, GRC Access Control including SOD rules review, updating rules to reflect audit deficiencies, process improvements and recommending best practices where appropriate.
Responsibilities:
* Perform all aspects of SAP security implementation tasks which includes but not limited to coordinating and interacting with business leads and process owners, technical and functional SMEs, Internal Audit and Security Admins for the sole purpose of gathering SAP Security requirements.
* Create functional and technical design document to ensure role-building follows business and risks and controls requirement set forth by the internal control teams and obtain functional design signoff prior to build.
* Configure various types of role such as Single Roles, Composite Roles and Derived roles using the Profile Generator (PFCG).
* Implement the SAP GRC AC ARA to ensure segregation of duties (SOD) exists and Sensitive Access in the SAP systems are enforced.
* Performs user provisioning activities which includes, setting up new accounts, password resets, assigning users to appropriate groups and assigning security roles according to employee/contractor approved positions.
* Design, develop and Activation of Rule Sets, created custom rulesets and updated the functions grouping with custom transactions as required.
* Perform Role and User Level analysis for sensitive access and SOD worked with Role owner and process owners to address risk and assisted with outright remediation, and/or mitigation.
* Provide technical support for any GRC production related issues.
* Perform Firefighter ID Provisioning Tasks and troubleshoot any issues relating to Firefighters or IDs and GRC in general.
* Monitor SAP GRC systems and troubleshoot the issues and report to the management on a timely basis.
* Review and act on daily monitoring/change reports and perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
* Provide knowledge transfer and train the trainer exercise to client personnel on security authorization concept and security design/implementation.
* Worked with offshore team, led and provide daily tasks, provided knowledge transfer (KT).

Energeria 02/2015 to 08/2017
Finance & Insurance Development -Nigeria
* Train Finance Managers on Process, Product Knowledge (VSC, GAP, etc.) & performance.
* Organize, plan and conduct meetings within personnel.
* Promote communication and foster a positive business relationship.
* Achieve minimum performance standards set forth by client and company.
* Achieve performance objectives set forth by MarketSource while managing time to complete all reporting requirements (e.g., daily reports).
* Build relationships and earn respect within all departments and at all levels within the dealership.
* Communicate in an effective manner with Dealership personnel in order to properly execute directives as given.
* Work independently and manage work schedule while on assignment.
* Develop consultant relationship with Dealer Principal and senior dealership management.
* Effectively manage your assigned territory to drive F&I growth.
* Implement all Program initiatives and processes within requested timeframes.
* Maintain, create and execute account development business plans.
* Effectively communicate in writing to MarketSource management, Ford regional partners and dealership management on a regular basis.
* Constantly evaluate performance vs. expectations.
* Ensure sales, market and competitive information is recorded and reported daily.
* Conduct trainings in technology including - Microsoft Office Products, Web-Based applications and navigation.
Demonstrate sales record establishing and developing accounts

EDUCATION AND CREDENTIALS
BSC, Business Administration -Abuja University
federal fishery and marine technology)
Cybersecurity (In Progress)

Certifications
SAP Certified Application Associate-SAP BusinessObjects GRC Access Control 10.0
Certified E-Business Professional (EC-COUNCIL) in Customer Relationship Management Version 2
Certified SCRUM Master (INTERNATIONAL SCRUM INSTITUTE)
TECHNICAL SKILLS
Tools: ServiceNow, C4S, SAP IDM, SAP R/3.SECC 6.0, GRC AC 10.x, and MS Office (Word, Excel, PowerPoint, Outlook, Visio, Project)
ERP Application: SAP R/3, ECC, CRM, S4 HANA FIORI (FOUNDATION)
Methodologies: ASAP Methodology, SDLC.
Regulatory Requirements: SOX, HIPPA, ISO20002, PCI-DSS, FISMA.

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.

Keywords: Diverse Lynx, Dallas , SAP security & GRC consultant, IT / Software / Systems , Dallas, Texas