Xxxxxxxx Xxxxxxxx
753 New Wales Lane
Saint Augustine, Florida
  Xxxxxxxxx@xxx.xxx
     xxx-xxx-xxxx

SUMMARY
Experienced technical SAP security consultant   specializing in security SAP User - Centered Design, ASAP, SOA, MDM, CUA, XI, Solution Manager, SRM, CRM, CRM 2007, ACE, Business Role, BI, BW, SAP R3, Enterpise Portal, Global Trade Services, ESS/MSS, ECC, PSCD, HR, TREX, SCM, PS, GRC and Virsa, Virsa Compliance Calibrator, Virsa Firefighter, Access Enforcer, Role Expert, Audits systems implementations for more than 6 years and SOX and SOD analyze, Netweaver SAP Identity Manager (NWIM) knowledge, IS* security including utilities and banking sector
Participate actively with internal training/knowledge transfer to new security team members as well as project support team members.
Strong leadership, analytical skills and strong interpersonal skills
Effective in facilitating, conducting and leading meetings
Conduct formal and informal training classes on security concepts to security team and business process subject matter experts as part of project activities.
Interact well with all levels of team membership including management.
Excellent communication, oral & written skills, and excellent customer service
Work with functional teams and business Users to gather role requirements
Develop security roles for project team in deferent IS* and functional areas
Advised project team members on the procedure to report and re-test security issues

TECHNICAL
Technical analyst for SAP security in production & non-production environments.
Segregation of Duties and Audit Compliance Standards.
Proficient in use of standard security administration tools such as Profile Generator for Authorization Profiles/Roles administration (design, development, implementation),  and User administration, (mass user creation and maintenance).
Experience includes advanced technical & some functional knowledge of most SAP modules.
Advocate of three tier job role model and other SAP security leading practices
Advocate  User Centered Design and and a process in which the needs, wants, and limitations of the end user of an interface or document are given extensive attention at each stage of the design process
Experienced with implementing CUA functionality within customer landscapes
Authorizations insights implementation and SOD analysis
Proficient in use CRM2007 security administration tools as ACE, Business Role, Technical Roles (PFCG)
Proficient in use BI Analyses Authorizations tools as ( RSECADMIN)
SAP Global security and authorization support for share service, development and design
Experience/Project Work



April 2007- April 2009
SAP America Inc.
Technical Consultant
Industry:  Multiple  

Companies worked for as SAP America consultant:
ConAgra Foods, Becton, Dickinson and Company, Graphic Packaging, Colgate,
Deloitte US, Allegheny Energy, Inc., NASA, Whirpool, Eastman, Adobe, CMC, BNSF,
Chevron-Philips, Department of Personal State of Washington, FEMSA (Coca Cola
Mexico and Latin Americas), JoAnne, CMC, SAP internal projects and others

Projects Description/Scope: Multiple/Security
Role: Team Lead (Security)                                               Duration 24 months
Competency Areas:
SSO-Concepts (Certificates, SAP Logon Tickets)
Business Continuity Planning
Security Management Practice
Security Infrastructure Architecture
Compliance
Enterprise SOA Security in SAP Systems
Authorization groups functional tables, custom development authorisation solutions
Implementing and reviewing SAP Authorization Concept
Integrating ABAP User-Management with Organizational Management
Central User Storage Techniques
Build Framework: Security Audit tools & Change Documents (SCDO)
Maxware, IDM and LDAP in a company environment
GRC Suite: Compl.Calib.5.X, Role Expert, Virsa, Fire F, Maxware
SAP UME administration and J2EE roles
Handling PFCG (check indicators, SU24, transport & upload roles)
Configure and implement cryptographic technologies in SAP System

Responsibilities/Deliverables/ Achievements:

Upgrade ECC 5.0 to ECC 6.0
Security Policy and Strategy
BI 7.0 Strategy and Tactics, Analyses Authorization
Conversion from Structural Authorization to BI analyses authorization.
New GL (Security), ESS, MSS
CUA Landscape and Presentation
CUA creation, review, and recommendation
P_ADM_SEC _70 Security Course Development (Author)
GRC AE configuration and review
Authorization Concept Lead Consultant (SAP Resource Management@Field Services) New SAP development
Securiy GTS 7.1 design and implementation (Global Trade Services)
Analyses Authorizations (BI) creation and implementation
PD profoiles and BI structure security and authorization design
Structural autorization BI analyses and BI structure conversation
Upgarde to SAP R/3 Enterprise Release 4.70
Integration Analyses: IBM Tivoli Identity Manager ,LDAP, SAML, SAP UME, Internet Portal, Biller Direct
IBM Tivoli Access Management Integration
CRM2007 security and design
Dynamic CRM Authorization Model, ACE and business roles set up and IMG (SPRO) configuration
ACE, Web UI and ABAP roles integration from complete UCD (User Centered design SAP Metology)
An Architectural View of SAP's Analytical CRM Capability
CRM integration with ERP, BI
SAP CRM module, SAP Biller Direct, SAP Exchange Interface ("PI/XI")
Flexible security framework that can be adapted to specific customer (business partners) needs
Interaction Center CRM (Security) and Access Control Engine, User Ceneterd design (UCD), ACE, CRM 2007, Business Roles, Technical (ABAP)
Roles, IS* integration
Customer Relationship Management (CRM) includes the methodologies, strategies, software, and web-based capabilities that help an enterprise organize and manage customer relationships
Security based on industry standards
Development of tailored security and controls techniques in conjunction with system upgrade (i.e. ERP) and the design or re-engineering of business processes (i.e. shared services environment)
SAP framework for SAP Global security upgrade
Completed ECC 6.0 upgrade for global companies
SAP Global security and authorization support, development and design

April, 2006
April, 2007        
Convergys Corporation
Jacksonville, Florida, USA
Industry:  Software Consulting Company, Government, Banking, Chemical, Retail,
Pharmaceutical, Telecommunications, Manufacture

Companies worked for:  State of Florida, Fifth Third Bank, AT&T, Whirpool, DuPont,
Johnson && Johnson, Pfizer, Solectron Corporation, Guidant, Lucent and others

Project Description/Scope:
SAP Global security and authorization support, development and design for share service (multiple projects).
Application and Software: SAP R3 4.7 Enterprise, Visio, Microsoft Project, SAP CRM, SRM, BW, BI 7.0, Portal, XI, ESS/MSS, HCM
Operation System: Windows XP
Project Development: ASAP/Value SAP, Security and Authorization
Role:   Senior SAP Security Consultant Duration: 13 months
Responsibilities/Deliverables:
Security based on industry standards
SAP framework for SAP Global security and authorization support and implementations.
Development of tailored security and controls techniques in conjunction with system
implementations (i.e. ERP) and the design or re-engineering of business processes (i.e.
shared services environment
Achievements
Completed SAP Global security and authorization (HR) support for eleven global
companies
Completed SAP Global implementation for leading global provider of electronics
manufacturing services (EMS) and integrated supply chain solutions

July, 2005
January, 2006
Contract

Bearing Point
Victoria, British Columbia
Industry: Software Consulting Company, Public Sector, and Government

Project Description/Scope: SAP framework for security and authorization design for Public Sector.
Application and Software: SAP R3 4.7 Enterprise, Visio, Microsoft Project, SAP CRM, SAP Biller Direct, BW, Portal, XI, SAP FI, CO, MM, PP, SM, PSCD and others
Operation System: Windows XP
Project Development: ASAP/Value SAP, Security and Authorization

Role: Senior Security Consultant Duration: 7 months

Responsibilities/Deliverables:
ASAP methodology/User Centered Designed
Role definition depends on HR positions
Conversion from "as is" to "to be" business processes
Assignment of Authorization Groups to Tables (TDDATA,VD_DATA)
Authorization groups and tables trace from applications
Access Control- Authorization Groups (SM30, TBRG table)
Role design "ABAP and JAVA" sites for XI
Security Strategy for web Methods Integration Platform
Role design, development and assignment (PFCG, SU01)
Authorization Groups-Report-types programs (SA38, SE38, AUTHORITY_CHECK)
Document Types in design and configuration processes (T003)
Check indicators (SU24, SU25, SE93, and SE97)  
Authorization checks by assigning reports to authorization classes (RSCSAUTH)   
Tables for relationship for Tcode, Roles
and users (Agr_Users, Agr_Texts, Agr_Tcodes, and TSCT)
Developed CUA for all systems from XI
Sensitive Transactions analyses (objects level matrix)
Segregation of Duty matrix (objects level matrix)
Role design and security policy strategy

Achievements: Completed Security and authorization design for Public Sector project.

April 2005  
July 2005
Contract

Canada Customs and Revenue Agency
Ottawa, Ontario, Canada
Industry: Government (Security Clearance)

Project Description/Scope: Re-Design SAP security and authorizations

Role: Senior SAP Security Consultant Duration: 4 months

Responsibilities/Deliverables:
Re-Design SAP security and authorization

Achievements:
Analyze current situation
Role selection multidimensional matrix
Role definition depends on HR position
Re-designed and re-built security roles (PFCG)

January 2005
March 2005

PwC-PricewaterhouseCooper

Industry: Financial, Chemical (Security Clearance)

Project Description/Scope:
SAP audit (Automatic Control Environment)
Application and Software: SAP R3 4.7 Enterprise, Visio, Microsoft Project, ACE-Automatic Controls Environment, Guardian- Manual Controls Environment
Operation System: Windows 2000, Unix, and Oracle
Project Development: ASAP/Value SAP, Security and Authorization, SOX, SOD- Segregation of Duties Test, STA-Sensitive Transaction Analyses

Role: Senior Associate/ SAP Security Audit and Controls.  Duration: 2 months

Responsibilities/Deliverables:
SOX, SOD analyses and advice
Assessment of the SAP control environment to identify internal control deficiencies and recommend improvements
SAP Audit (ACE)
Business Processes- "As is"-Transactions -objects-authorizations field's analyses, best practice and recommendations
Sensitive Transaction Analyses (objects level matrix)
Segregation of Duty matrix (objects level matrix)
Operational Control and Computer Operations Analyses
Physical Security and Security Polices

Achievements:
Completed assessment of the SAP control environment to identify internal control deficiencies and recommended improvements.
Completed SOD and SOX analysis and recommended improvements

April 2004                                 
December 2004
Saudi Aramco, Saudi Arabia

Industry: Oil, Health Care, and Hospitals
Project Description/Scope:
Medical Designated Facilities System involved105 hospitals, clinics, and remote area designated facilities across the country
Application and Software: SAP R3 4.7, Visio, Microsoft Project Manager, BW 3.5, and Internet Portal 6.0, SRM, APO, SRM
Operation System: Windows XP
Project Development: ASAP/Value SAP, IS-H and IS-H* Med, Security and Authorization, Documentum

Role: Project Technical Lead t of Medical Designated Facilities
System (105 hospitals, clinics, and remote area designated facilities,
Monitoring Quality of Healthcare), Kingdom of Saudi Arabia (50+ international
consultants' global team)                                             Duration: 9 months

Responsibilities/Deliverables:
SAP User - Centered Design
Gave guidance and control to the project and project organization
Flexible framework, which can be adapted to specific customer needs
Increase productivity by provision of templates, tools, examples
Completed Business Blueprinting
Industry-Specific Components for Hospitals (IS-H, IS-H*MED)
Roles and security strategy design for:
SAP R3
Customer Relationship Management (CRM) includes the methodologies, strategies, software, and web-based capabilities that help an enterprise organize and manage customer relationships.
Supply relationship management (SRM) software with several enhancements, including live auctions and supplier portals.
Advanced Planner & Optimizer (APO) provides up-to-date information about a company's current inventory and triggers orders for more supplies when a certain quantity of customer orders have been placed and processed. Authorization of APO users has to specify in the BW system
Different scenarios for Single Sign-On to SAP Systems
Defined on high level design which method of Single Sign-On (SSO) you use with a SAP System
Application and Software: SAP R3 4.7, Visio, Microsoft Project Manager, BW 3.5, and Internet Portal 6.0, SRM, APO, SRM
Operation System: Windows XP
Project Development: ASAP/Value SAP, IS-H and IS-H* Med, Security and Authorization, Documentum

Achievements:
Defined quality assurance checkpoints and formats of deliverables
Guided customer staff in implementation tasks with clearly defined rules and responsibilities
Supported consultants in the various functional areas to work in a similar way within a project team
Detailed design phase of the project
Captured the detailed scope and requirements for:
Business processes
Master data
Organisation structures, Hospitals structures
Development work
Produced a blueprint to describe how the business intends to run its business using the SAP R/3 system:
Established the development system:
Provided Team Training, Business Process Master List, Development Master List (DML)
Business Blueprint Document, Configuration Approach Document
Landscape Strategy, Roll-Out Strategy, Change Management Document Strategy
Development System Environment, BB Management Summary
Patient Management, Eligibility Check, Contract Management
Basic Data flow modeling, Data selection matrix

August 2001
January 2004
Permanent  
                                      
Kingston General Hospital
Kingston, Ontario, Canada

Industry: Health Care, Hospitals

Project Description/Scope: SAP-Security and Authorization. IS_H* prototype

Role: Senior SAP Analyst/SAP Security Analyst Duration: 36 months

Responsibilities/Deliverables:
ASAP/Value SAP
Evaluation of business processes
Design high-level strategy for SAP Security (Architecture)
SAP-Security and Authorization
SAP profile Generator (PFCG)
SAP module concept
SAP Hierarchy Concept
SAP Technical Structure and promote to Production Strategy  
Security Control Tools
Organizational Management
Structural Authorization
Business conception (model) of structural authorization
Security upgrades using SU25 and Profile Generator (PFCG)
Review and correction of sensitive authorizations (s_tabu_dis, s_rfc, etc.), including creation and assignment of custom authorization groups for sensitive tables
Evaluation and recommendation of SAP menu vs. user menus
Resolve issues arising from testing using system traces and dumps
PD and PA Switches (OOPS, OOAC)
Conversion of manual profiles and implementation of role based security, including IM department
Evaluated and used SAP standard roles as templates for custom roles
Review critical and sensitive authorizations, implement improvements to meet audit requirements
Post Go Live support to resolve all security-related issues
Evaluation of Central User Administration (CUA)
Maintenance of HR organizational structure to administer and control user access, including time-delimited access (e.g. temporary assignments to positions)
Basic HR configuration (e.g. create Evaluation Paths for reporting purposes)
Comprehensive knowledge exchange and documentation of Security and HR functions, including use of PPOMW, Expert functions (PO10, PO13, etc)
Profile Generator (PFCG) and related functions
IS_H* prototype

Achievements:
Established detailed security upgrade plan, strategy and dual maintenance procedures
Created of new 4.6C authorization objects and values
Evaluated customized matrix of Authorization groups - tables, users - groups
Used of HR structural transactions (e.g. PPSC) to maintain workflow position to position assignments
Customized HR to allow activity group assignment in PPOMW
Created of HR security authorization objects for structural authorizations based on Info Type and allowed functions / activities (e.g. Help Desk staff were only allowed to display structural assignments, not change users assigned to positions, etc.)
Created Organizational Plan (PPOM_OLD), Personal Master Record (PA40), User I.D (SU01, SU10), Info type 105(PA30), Structural Authorization Profiles (OOSP), Info type 1017 (PO10), Assigned Info type 1017 (PO13), Assigned Structural Authorization Profiles to User I.D (SE38), Setup Regular security (PFCG),
Cleaned up and optimized security Roles
Established security testing procedures and tools
Worked on procedures and applications of dual-maintenance of security changes
Worked to build strategy and implemented structural authorization
Built and evaluated up to 5 different IS_ H* prototypes




June 2000
To April 2001
Contract

Visa International / ECHO
Foster City, California, USA
Senior Systems Analyst / Technical Lead
Conversion (migration) from Assembler 370 (3, 5 millions lines of cod) to C/C++ in mainframe and PC environment was using Visual Age C++ for TPF. My responsibilities involve directing the Process and Technology Deployment (PTD). PTD supports the Shared Services Organization in the evaluation, acquisition, and roll out of software tools and development methodologies.

Responsibilities also involve object oriented (OO) mentoring the teams (Over 500 people) engaged in OO development using UML based tools for analysis and design. Advising development teams on how to effectively utilize tools for OO structuring team oriented development. Also need to participate in the development of guidelines and other forms of support documentation such as guides in setting up their environment and instruction manuals.

Designed a critical Visa International application for TPF (CVV-Card Verification Value, Functional Messages, and Address Verification Value)
Carried out initial system study and design and involved in full phase of development. The project contains over 3 million lines of code. Worked as software architect and consultant for project VISA NEW GENERATION

Application and software: Rational Rose, Visual Age C/C++, Extra! For TPF, NFS Maestro Solo, MS Exchange/MS Outlook, MS Internet Mail, MS Office and MS Excel
Operation System: Window NT4.0, AIX UNIX 4.2, MVS, VM, TPF (VPARS)
Hardware: IBM mainframe, PC workstation
Project Development: Large system, locking critical Visa applications

September 1999
June 2000

Oracle Telecomputing (Member of Boing)
Carleton Place, ON

Senior Embedded Programmer Analyst

Designed air traffic Control System for Cuba (drivers for fire wire backup of air traffic system, radar simulator), Air traffic Control Simulator (client and telecommunication server), TCP/IP, SMTP, Voice Communication Systems, DSP's  SIEMENC, MOTOROLA (MPC7450), i960, INTEL, EMULEX, (PEB 20560 20340), drivers, these entailing the development of deferent models to forecast the effects of alternative sector and route geometry's, the establishment of a lab to house simulation models and the reams of data they employ and the development of a internationally recognized process for airspace
.
Designed Small Computer Systems Interface (SCSI), back up systems for Air traffic Control
SCSI-3 technologies disk array applications, Hot-Swap support. Worked as software architect for low level software and hardware development
Designed 3 functional areas:
Interfacing, Switching and Conferencing, Supervision and Control

Designed the program for main component of architecture a Peripheral Component Interconnect adapter card
It performs the Switching/Conferencing, Supervision and Control. It communicates with the Interface Shelf for reception of Signaling and Supervisory signal, voice, and data

Application and Software: C/C++ compiler for Linux, Hardware and Software
Configuration, Assembler, C/C++, and, Java 2.0, Vi editor
Operation System:  Linux (Caldera, Slack ware, Red Hat 4.1-6.1, Turbo Linux),
UNIX, Windows NT, Windows 98, Qunix
Hardware: PC server/workstation, oscilloscopes

Project Development: Air traffic control systems, Air traffic control simulator, back up
systems, firewire drivers, Linux drivers (PCI, ISA, Firewire), touchscreen drivers

March 1999
June 1999
Contract

Alternative Resources Corporation and Subsidiaries/National Grocery
Toronto, ON

Senior Programmer Analyst

Designed, programmed, tested, and documented set of batch applications to check information in the database.
Designed, programmed, tested, and documented the interface application between two warehouse systems.

Environment: Application and software: Oracle 7, C, Pro*C/C++, PL/SQL, OOP methods, MS Exchange/MS Outlook, MS Internet Mail, MS Office 98 and MS Excel. Operation System: AIX UNIX 4.2, Window NT4.0 server/workstation, Windows 95. Hardware: PC server/workstation
Project Development: Real time warehouse system

October 1998
March 1999
City of Kingston Corporation
Senior Research Officer

Collect, research, inventory and provide feedback on Year 2000. Compliance information on the following City's assets:
Hardware components
Packaged software
Commercially available customizable software solutions
Process control components
Visual Basic, Access
Application and components support.

Environment: Applications and Software: MS Visual Basic V5 Enterprise SP3,
Access 97 MS Exchange/Outlook, MS Internet Mail, MS Office 98
Operating System:
Window NT4.0 server/workstation, Windows 95
Project Development: Marketing application, multi-user, and real time. With over 2000
Local servers and several mainframe host machines.

January 1997
September 1997
Contract

Brain's II

Kingston, ON

Field Service Enginee
Serving public computers: Ministries of Transportation, Health, management Board
Secretariat and private organizations (Lipton's, The Bay, Sears, Alcan
Heavy customer contact
Repair of complex computer systems
Repair to Component Level (assembler language, schematics and oscilloscope)

Environment: Application and software: Assembler, Test programs, OLTEP
Operating System: OS 390, Windows 3.1, 95, Window NT4.0 server/workstation,
Windows 95, UNIX, OS/400
Hardware: IBM mainframe, IBM LAN Server, AS400
Project development: Real time system analysis and decisions for complex systems

September 1991- January 1996
Krigen Corporation
Vinnitsa, Ukraine
Director of Technology

Managed information systems and their associated hardware
Specified, designed, and implemented customized information system solutions.
Design, implementation and maintenance of the Inventory Management System Application for storing, searching, retrieving information about buildings belong to municipal property.
Participated in analysis, design evaluation, development, testing and implementation of Application systems
Designed at High-level all steps of Application systems (Architecture)

Environment: Application and Software: Borland C/C++, Assembler, Embedded
Systems, PL/1
Operating System and Platform: OS 7.0, OS Real Time, UNIX, MVS, and DOS
Hardware: Mainframes, PC, Hybrids

September 1984
August 1991
Peramanent

WestComputerComplex
Vinnitsa, Ukraine
Computer Engineer/ Technical Lead

Carried out component level troubleshooting, program and micro-program using Assembler testing
Designed and implemented of several packages for different aspects of the maintenance and usage of telecommunication equipment (Systems architecture for all levels software and hardware).
Evaluated projects to develop time, cost, and completion estimates
Conducted Analysis of systems specifications and estimation, developed block diagrams and flow-charts, conversion and systems implementation plans, prepared system and programming documentation.
Created decision logic tables in which all new software was tested.
Tested software for system compliance and accuracy recommend system enhancements.
Participated in development of information systems, databases and hardware drivers

Environment: Application and Software: Borland C/C++, Assembler, Embedded Systems, PL/1 Operating System and Platform: OS 7.0, OS Real Time, UNIX, MVS, and DOS. Hardware: Mainframes, PC, hybrids, Data Transmission Multiplexers, SNA Network, a hard disk interface for a hard drive, a tape drive interface for a tape drive.

August 1984
August 1984
Permanent

Chkalov Aircraft Production Association
Tashkent, USSR

Computer Engineer/Team Lead

Installed and tested data transmission multiplexer.  
Troubleshoot and resolve system problems.
Designed software tools for DOS
Created installation documents
Channels I/O simulation and programming
Designed channels simulators
Designed for all level systems access to
Data transmission multiplexer (Systems Architecture witch combines software and hardware from low level to high)

Environment: Application and Software: Assembler Embedded Systems, PL/1
Operating System and Platform: OS 7.0, MVS, DOS
Hardware: Mainframes, Data Transmission Multiplexers, SNA Network, a hard disk
interface for a hard drive, a tape drive interface for a tape drive

EDUCATION

1981-Master of Science Degree in Computer Science and Electronic Engineering,
Vinnitsa State Technical University, Vinnitsa, Ukraine, USSR

Program emphasis: Information System, Embedded Systems, Database,
Business
Application and Communications, Computer Engineering, Management, Software
Architectures

Final Project is "Adaptation for generation of functions on segnetopyezo
electrical elements of analog memory by a method of piece-linear approximation"

1967-Central Processor Internal Operations Certificate, Union Computer Complex,
Kazan, Russia, USSR

Principle of Operation (Processors), Programming in Assembler, Micro
Programmed Control Unit, Operations unit, Local Memory of Processor, Control
Unit, Diagnostic Unit, Operational Memory Bank, Unit of giving command, System of Virtual Machine, Selection Unit, Accelerator

1998-Programmer Analyst Diploma, CDI College, Kingston, Ontario, Canada

2000-SAP-Security and Authorization Certificate, SAP, Montreal, Canada
"It is fast and easy to hire a Canadian for most jobs in the U.S. through the use of the NAFTA TN Visa process.  Ask your Human Resources Department for details."
Security clearance (Enhanced reliability)

REFERENCES ARE FURNISHED UPON REQUEST