Profileimage by Gerardo Oviedo SAP Security Consultant, SAP Security Manager, SAP Basis / Security Senior Consultant from Houston

Gerardo Oviedo

available
Contact

Last update: 06.09.2022

SAP Security Consultant, SAP Security Manager, SAP Basis / Security Senior Consultant

Graduation: not provided
Hourly-/Daily rates: show
may reduce when remote project
Languages: English (Native or Bilingual) | Spanish (Native or Bilingual)

Attachments

gerardo-oviedo-resume.docx

Skills

25 years of SAP security design, construction, redesign, implementation, and operation for ECC, S4 Hana (SD, FI, MM, HR, FA, GL, CO) CUA Admin, BW, BO, SOLMAN, PI, Portal, Fiori, SRM and CRM.
IT audit general controls review, SAP SOX IT controls review, documentation and compliance. SAP security notes analysis and application.
10 years as a SAP security manager, oversee international team located in Mexico and Hungary. Manage up to 30 consultants, multi project management, budget management, personnel selection, training and evaluation. IT support center implementation and management in Hungary to support 6 European countries in all SAP Security needs
Over 7 years of experience with Virsa and GRC Access Control implementation and operation (5.3,10,10.1 and 12). Design, construct and implement the full process of ARM, ARA, EAM, BRM  (Workflows, Functions, risks, SOD conflicts, Business roles,  and critical access)

SAP security upgrades. GRC Access control ARA, ARM, EAM, BRM.  GRAC Migration. SAP Security notes and EWA analysis. SAP security redesign based on SOD compliance. Teams, projects and budget management,  SAP instructor for ADM940, ADM950, ADM960, SAPTEC, ADM100, ADM102, ADM325.  SAP Basis consultant, software installation, patches apply, transports management, parameters update, upgrade execution, kernel updates. Analyze table and database grow and apply archiving procedures.
Bilingual- English and Spanish (Advance level)

Project history

01/2005 - 01/2021
Sap Security Consultant
Grupo Gigante
* Support to SAP security personnel in access roles, review and modification for the occident
and central area stores.
* Security parameters review and access roles improvement, as well as support to the user
administration in R/3 an BW by the central user administration

01/2004 - 01/2021
Project leader
Integradora de Servicios Operativos S.A.
Integradora de Servicios Operativos S.A.- Mexico City External services for Mexican Treasury
department (private company)
Project leader 2004 (6 months): * Consensus online -
* R/3 upgrade from 3.0F to 4.6C version with SQL 2000 database

01/2003 - 01/2021
SAP FM Functional Consultant
AMECE
* Responsible of the budget structure construction and load the initial budget in the FI,FM and
CO modules for the 2004 accounting period.
* Support in the policies, procedures and the R/3 system manual creation for the CO and FM
modules
* Operative support in SAP to controlling (CO) and Funds Management (FM) modules. Modification
to GL accounts.
* Creation of the commitment items. Original budget assignment, release and transfer.
* Information analysis

01/2000 - 01/2021
Project leader
Química Knoll
* Segregation of duties analysis and security implementation of the SAP R/3 4.0
* Positions definition. Roles generation. Users generation.
* Test procedures design and execution.
* Training offered to basis personnel.
* Documentation of the project in a Access database.

01/1998 - 01/2021
Project leader
Daimler Chrysler
* Security review and interfaces control for SAP R/3, Test design and execution

12/2019 - 12/2020
SAP and GRC Consultant
Danone; Cross Resource group
* Support end user request managed by Clio and GRC requests
* Manage Business job with in GRC (create, modify and assign new authorizations)
* Manage users and access within SAP applications (ECC, CRM, BW, Portal)
* Manage Network drive mapping, manage non SAP applications access (Optiva and Informance)
* Manage GRC Path and workflow modifications

* Uprade GRC from 10.1 to 12, implement ARM process for Danone North America (4 months project)
* Create Business roles, upload technical roles
* Create SOD Matrix
* Create Access request workflows
* Implement EAM workflows process

12/2019 - 12/2020
SAP and GRC Consultant
Danone Northamerica (5000-10.000 employees)
Consumer goods and retail
  • Support end user request managed by Clio and GRC requests
    • Manage Business job with in GRC (create, modify and assign new authorizations)
    • Manage users and access within SAP applications (ECC, CRM, BW, Portal)
    • Manage Network drive mapping, manage non SAP applications access (Optiva and Informance)
    • Manage GRC Path and workflow modifications

 

  • Uprade GRC from 10.1 to 12, implement ARM process for Danone North America (4 months project)
    • Create Business roles, upload technical roles
    • Create SOD Matrix
    • Create Access request workflows
    • Implement EAM workflows process

01/2018 - 09/2019
SAP Security divestment advisor
Cemex; Neoris USA
* Review and re-design the current security SAP model in ECC, S/4 Hana (SD, MM, FI, GL), BW,
Fiori and BI in order to separate based on organizational levels the information between
current owned plants and those that had been sold.
* Generate strategy, workplan, design and create business blueprint, role matrix. Coordinate
with construction team in different countries, support construction, testing and golive.

01/2018 - 09/2019
SAP Security divestment advisor
Cemex- Houston (1000-5000 employees)
Architecture and civil engineering
  • Review and re-design the current security SAP model in ECC, S/4 Hana (SD, MM, FI, GL), BW, Fiori and BI in order to separate based on organizational levels the information between current owned plants and those that had been sold.
  • Generate strategy, workplan, design and create business blueprint, role matrix. Coordinate with construction team in different countries, support construction, testing and golive.

07/2017 - 12/2017
Central applications security advisor
Neoris USA
* Control all new applications projects to ensure a proper security model implementation.
* Review and approve access to SAP consultants based on their project.
* Periodical review of IBM (outsourcing). SAP Security support and construction.
* Review and approve all access modifications request by any project. L2, L3 of SAP security
support for special projects.
* Analyze and follow SAP security findings reported by external auditors or SAP notes.
* Analyze and arrange SAP security notes installation

07/2017 - 12/2017
Central applications security advisor
Cemex Houston (1000-5000 employees)
Architecture and civil engineering
  • Control all new applications projects to ensure a proper security model implementation.
  • Review and approve access to SAP consultants based on their project.
  • Periodical review of IBM (outsourcing). SAP Security support and construction. 
  • Review and approve all access modifications request by any project. L2, L3 of SAP security support for special projects.
  • Analyze and follow SAP security findings reported by external auditors or SAP notes.
  • Analyze and arrange SAP security notes installation  

11/2016 - 07/2017
SAP Security Specialist
Gardner Denver; K2 Partnering
* Responsible of master and derived roles construction, testing support and SOD review by Virsa
for Boshan (China implementation).
* Supporting worldwide security redesign and adjustment based on the external audit review

11/2016 - 07/2017
SAP Security Specialist
Gardner Denver (500-1000 employees)
Industry and mechanical engineering
  • Responsible of master and derived roles construction, testing support and SOD review by Virsa for Boshan (China implementation).
  • Supporting worldwide security redesign and adjustment based on the external audit review

01/2016 - 01/2017
SAP Security Consultant
K2 Partnering Solutions

01/2016 - 03/2016
Project leader and GRC consultant
Yazaki America (500-1000 employees)
Industry and mechanical engineering
  • Migration from GRC 10.0 or 10.1 Access Control.
  • Create business bluepint, workplans ,installation, run upgrade process, rules and data transfer, configuration, testing support, training delivery and golive support

05/2013 - 01/2016
Central applications security Owner
Cemex; Neoris Mexico
* Responsible of security model for all financial and operative SAP environments BW, SOLMAN,
CRM, SRM, BO, PORTAL, ECC, PI and CUA Admin , more than 20 instances and 15 thousand users.
* Implement security control in all applications and monitor them. Control all new applications
projects to ensure a proper security model implementation.

05/2013 - 01/2016
Central applications security Owner
Cemex- Mexico (1000-5000 employees)
Architecture and civil engineering
  • Responsible of security model for all financial and operative SAP environments BW, SOLMAN, CRM, SRM, BO, PORTAL, ECC, PI and CUA Admin , more than 20 instances and 15 thousand users.
  • Implement security control in all applications and monitor them. Control all new applications projects to ensure a proper security model implementation. 

 

Project leader and GRC consultant 2013  (completed in 4 months): -Neoris Mexico -

  • Implement, manage, operate and maintain SAP GRC 10 Access Control. 35 countries including Mexico and US with more than 15 thousand users.
  • Design SOD process, design and create business blueprint, configure access assignation workflow and automatic SOD review with control assignation during the approval.
250 critical functional transactions identified, 32 SOD rules configure and monitor globally, ECC and HR systems included

01/2008 - 01/2013
Central Security Owner
Cemex Mexico (1000-5000 employees)
Architecture and civil engineering
  • SAP (BW, CRM and ECC) Security central model owner in charge of execution and control of any change made to master roles of any of the regions (Europe, Asia, America, Mediterranean).
  • Implement and support CUA (central user administration) for Development, quality and production systems.
  • Oversee multinational teams (regional teams) for new derived roles.

01/2006 - 12/2008
SAP security implementation leader
Neoris Mexico
* R/3 Security implementation leader for 6 North European countries.
* Personnel and budget administration.
* Design security model, business blueprint and workplans, support roles construction process.
* Technical supervision and unit test. Composite, derived and reference roles construction.
* Management of over 60 thousand roles and over 13 thousand users. Oversee multinational teams.
Implementation of the third level of support for security in Hungary and Mexico
* CUA implementation for DEV and QA systems

01/2006 - 12/2008
Central Security Owner
Cemex Central (1000-5000 employees)
Architecture and civil engineering
  • R/3 Security implementation leader for 6 North European countries.
  • Personnel and budget administration.
  • Design security model, business blueprint and workplans, support roles construction process.
  • Technical supervision and unit test. Composite, derived and reference roles construction.
  • Management of over 60 thousand roles and over 13 thousand users. Oversee multinational teams. Implementation of the third level of support for security in Hungary and Mexico
  • CUA implementation for DEV and QA systems

Time and spatial flexibility

100% travel flexibility

Contact form

Contact details

Register