Profileimage by Gennadiy Krivdyuk SAP SECURITY ARCHITECT from Vinnitsa

Gennadiy Krivdyuk

available

Last update: 05.05.2016

SAP SECURITY ARCHITECT

Graduation: Master of Science Degree in Computer Science and Electronic Engineering
Hourly-/Daily rates: show
Languages: k. A.

Keywords

SAP Applications SAP HANA Controles de Acceso Human Resources Risk Analysis Sap Business Objects Enterprise Resource Planning Hybris Identity Management Governance Risk Management and Compliance + 130 more keywords

Attachments

sap_security_architect_mhg.docx

Skills

OBJECTIVE:  SAP Architect - Development of division goals and objectives
SUMMARY
  • Over 20+ years of experience and hundreds of successful projects in SAP Architecture
  • Participated in more than 80 SAP projects, 10+ full implementations
  • Led and participated in Global designs and Implementations
  • Established strategies and policies for global multi-million international corporations
  • Created proposals on client site with analysis on real systems and real data
  • Developed tailored security and control techniques in conjunction with multiple systems integration
  • Highly motivated with the ability to work independently with minimum supervision and under pressure
  • Managed staff through direct and subordinate managers and supervisors, developing policies and procedures related to projects’ activities (up to 50 - directly)
  • Developed and administered budgets, conducting short and long range planning, and performing related work as required 
 
RELEVANT SKILLS & EXPERIENCE
 
Companies worked for as Managing Consultant – SAP Architect
 
Tim Hortons, Uni Select, Sunoco, Saudi Electricity Company, Tampa Electric Company, SaskPower, Applied Materials, NBC Universal, Municipality of Anchorage, Saudi Aramco, General Motors, ConAgra Foods, Becton, Dickinson and Company (BD), Graphic Packaging, ConocoPhillips, Colgate, Deloitte US, Allegheny Energy, Inc., NASA, Whirlpool, Eastman, Adobe, CMC, BNSF, Chevron-Phillips, Department of Personal State of Washington, FEMSA (Coca Cola Mexico and Latin Americas), JoAnne, CMC, Convergys Corp, State of Florida, Fifth Third Bank, AT&T, Whirlpool, DuPont, Johnson & Johnson, Pfizer, Solectron Corporation, Guidant, Lucent, Medtronic, Bridgestone Tires, PWC, CAMECO, KGH, British Columbia Government, IBM, SAP America and SAP AG internal projects, modules and author of  Security Course P_ADM_SEC_70 for professional  (United all previous SAP Architect courses ), SAP America and SAP AG Authorization Concept Lead for SAP Resource Management @ Field Services new module, IBM (Blue Harmony Project) Global HR  for IBM (200+ countries)
 
Methodologies
 
ASAP, User - Centered Design (UCD), Centralized and DE-Centralize Business Model, 3 Tier Approach Model, Position Based Model, Tasks Oriented Model, RBAC Model, Job Related Model, Agile, Waterfall, Drop Down
 
Concepts, Strategies and Policies
  • Develops and directs the implementation of goals, objectives, policies, procedures and work standards for assigned division; interprets and complies with all applicable federal and state regulations
  • Monitors and directs daily operations to ensure that policies and procedures are being followed, that goals and objectives are met, and that services are being provided efficiently and effectively; takes corrective action as necessary; personally handles the most difficult, sensitive or controversial projects for the division
  • Develops and monitors the division’s budget; oversees financial well-being of the division by analyzing cost effectiveness and directing cost control activities; prepares, submits and justifies budget enhancement requests
  • Plans, organizes, administers, reviews and evaluates the work of subordinate professional, technical, office support and operational staff through subordinate levels of supervision.
  • Provides for the selection, training, professional development and work evaluation of subordinate staff; makes recommendations on hiring, termination, promotion and discipline as required.
  • Confers with and represents the Security division and the department in meetings with other departments and divisions; serves as the representative with a variety of public, business and community organizations; fosters collaborative relationships to the benefit of the division, department and the organization
  • Prioritizes and allocates available division resources; reviews and evaluates program and service delivery, makes recommendations for improvement and ensures maximum effective service provision
  • Develops systems and maintains records that provide for the proper evaluation, control and documentation of assigned activities; prepares and directs the preparation of a variety of written correspondence, reports, procedures, directives and other materials
  • Provides a formal and structured way of viewing and defining an enterprise in a two dimensional classification schema that reflects the intersection between two historical classifications (Zachman Framework)
  • Uses a reliable, practical method - the TOGAF Architecture Development Method (ADM) - for defining business needs and developing an architecture that meets those needs, utilizing the elements of TOGAF and other architectural assets available to the organization
 
Identity Management and Skills
 
  • Created and designed a high-end identity management security security
  • Handled a large amount of repositories containing an unlimited amount of information within different systems platforms   
  • Designed event-driven HCM (HR) integration software with IDM
  • Created flexible and scale able high-availability security for work flow, provisioning, data synchronization and joining for a large number of data repositories
  • Developing division activities, goals and objectives, creating program evaluation tools and evaluating the effectiveness of the division
  • Applying theories, principles and procedures in the area of assignment
  • Supervising and evaluating staff, directly and through multiple levels of supervision 
  • Managing multiple tasks, often with competing deadlines
  • Providing leadership and motivating staff
  • Making effective presentations to individuals and groups
  • Developing, implementing, interpreting and explaining applicable policy and regulations
  • Preparing clear, concise and informative reports, correspondence and other written materials;
  • Handling difficult and sensitive situations using sound, independent judgment within general policy and legal guidelines
  • Communicating effectively with co-workers, supervisors, the general public, representatives of public and private organizations and others sufficient to exchange or convey information
 
Governance Risk and Compliance – Access Control
 
  • Prevented segregation of duties violations with Access Control
  • Built real-time compliance to stop security and control violations before they occur
  • Identified and selected risks to manage, build, maintain rules and detect authorization risks
  • Developed excellent knowledge in control tools such as Guardian-manual controls environment, ACE-Automatic Controls Environment, Approva Biz Rights, Virsa, GRC Access control, Process control and Risk control, RAR, ERM, SPM, CUP, Access Risk Analysis (ARA), Emergency Access Management (EAM), Business Role Management (BRM), Access Request Management (ARM), Business Rules Management Systems (BRM)
  • Designed extended integration with GRC solution (Business Objects Access Control)
  • Participated in Segregation of Duties and Audit Compliance Standards
 
Process Control and Risk Management
 
  • Created key concepts for Process Control such as security, time, workflow, record locking
  • Developed solutions for internal controls management
  • Created control documentation, evaluation, certification, reporting and analysis
  • Developed a single framework to monitor and enforce rules, procedures instead of keeping data in separate \"silos\"
  • Helped organizations to manage risk, reduce costs incurred by multiple installations and minimize complexity for managers
 
Knowledge of
 
  • Principles and practices of management and supervision;
  • Public sector budgeting principles and practices;
  • Principles of effective leadership;
  • Applicable laws, rules, ordinances and regulations;
  • Theories, principles and operational practices applicable to the area of assignment
  • Manage and maintain Project Plans, develop action plans for issues, track risk mitigation plans, make recommendations as necessary to advance project.
 
Manage complex information technology centered projects
 
  • Manage and provide consultative services and specialized expertise in information-technology areas
  • Maintain logs to track issues, action items, risks, queries and change management for each project.
  • Manage and report on project metrics including progress, earned value metrics, baseline, forecast and actual dates, costs and scope
  • Prepare project status reports
  • Create & maintain a project library and coordinate the collection and filing of project documentation & artifacts
  • Review project and project status files for integrity, accuracy and timeliness
  • Design, develop or coordinate the use of project facilities, ensuring that technical and physical resources are available to meet project requirements
  • Negotiate contracts and contract changes, project change orders, work schedules and requirements changes as required to meet project objectives
  • Review and approve Invoices and charges
  • Cooperate with other areas in the application of standards, methodologies, architectures
  • Transmission & Distribution Business in the Utility Industry
  • Deployed SAP products to the current enterprise cloud infrastructure
  • Integrate SAP and non-SAP technology seamlessly 
  • Manage SAP releases and deployments technology-wise
  • Establish and implement target technology architecture through the consumption of infrastructure as a Service, Platform as a Service, Software as a Service and on premise offerings
  • Research and recommend best of breed technology solutions
  • Assess technology and product RFPs
  • Implement technical security architecture from authorization, authentication, network and application perspectives
  • Work to deliver solutions that meet the business strategy and requirements
  • Establish technology standards
 
TECHNICAL SUMMARY
 
  • SAP Architect and global design and implementations, security strategies and policy
  • Methodology: ASAP, SAP User - Centered Design (UCD), Centralized and DE-Centralize Business Model, 3 Tier Approach Model, Position Based Model, Task Oriented Model, RBAC Model - IDM (SAP and none SAP Systems integration), BW/HR Structural Authorizations Architectural Model, The Methodology (Creation of Building Blocks),
  • Identity Managements and RBAC:  SAP IDM, Integration with SAP -IBM Tivoli, Sun Micro-systems, Oracle Identity Management, Rapid Deployment Solution (RDS), CUA, RBAC - (Oracle Database, Unix, Windows, Policy-Based Authorization, Business Processes, Business Policies, RBAC pattern as an extension of the Authorization pattern)
  • Identity Center Database, Work-flow User Interface, Monitoring User interface, Management Console, Run time Engine and Dispatcher, Event Agent, Virtual Directory Server, VMware
  • Guardian, ACE, Approva Biz-Rights, Virsa, GRC 5.0-10x, and SOD, SOX
  • More than 8 years in Segregation of Duties and Audit Compliance Standards, Audit Compliance Standards
  • Guardian- Manual Controls Environment for SOD, SOX ACE-Automatic Controls Environment for SOD , SOX, Approva Biz-Rights, Virsa, GRC5.0-10.x, Access control, Process control and Risk control, RAR, ERM, SPM, CUP, Access Risk Analysis (ARA), Emergency Access Management (EAM), Business Role Management (BRM), Access Request Management (ARM), Business Rules Management Systems, MSPM, GRC_MSMP_CONFIGURATION, Design and Manage Roles, Emergency Access  Management, Provision and Manage Users, Analyze and Manage Risk, Managing Compliance with  Access Control
  • HCM - Human Capital management: Personnel Management. Organizational Management, Personnel Development, Personnel Administration, Recruitment, Benefits, Compensation Management,Time Management, Payroll, E-Recruitment, Training and Event Management, ESS/MSS more than 11 projects
  • HCM Authorization and Methods of implementation:  Direct role assignment (User based): Roles and profiles directly assigned to User Master Records via SU01/PFCG,
  • Indirect role assignment (Position based)- assigned to position via OM IT1001
  • Structural Authorizations-assigned to position via OM IT1017, Master Data with Context authorization object (P_ORGINCON)
  • Event-driven SAP ERP HCM integration with SAP IDM and GRC5.0-10.1; HPQC Load Runner
  • Worked with all HCM sub-Modules as SAP Architect
  • Organizational Management – OM, Personnel Administration – PA, Recruitment – RCT
  • E-recruitment – E-REC, Time Management – TM, Payroll – PY (International, KSA, UAE)
  • Travel & Expenses Management – TRV, Personnel Development – PD, Learning Solution – LSO
  • Succession Planning – SPL, Career Planning – CPL, Appraisal Management – APM
  • Employee Self Services – ESS, Manager Self Services – MSS
  • Role-Based Permission (RBP) framework in Success Factors that controls data access for different users
  • Extended integration with SAP GRC5.0-10.x solution (SAP Business Objects Access Control)
  • Solution Manager, CRM2007, Access Control Engine (ACE), Business Roles (Web UI), Technical Roles (ABAP), Utilities: B2C Call Center and B2B Work Center, Public Sector
  • Proposal preparation on client site with Security analysis on real systems and real data
  • Expert in use BI, BW Analysis Authorization, BeX Analyzer, BOBJ and BPC
  • Log changes to analysis authorizations -and other authorization-related activities: RSUDOLOG, RSECVAL_CL, RSECHIE_CL, RSECUSERAUTH_CL, RSECTXT_CL, RSECTXT_CL
  • SAP ECC 6.0, ERP 6.0, Financial Accounting (FI), Financial Supply Chain Management (FSCM), Controlling (CO), Materials Management (MM), Sales and Distribution (SD), Logistics Execution (LE), Production Planning (PP), Quality Management (QM), Plant Maintenance (PM), Project System (PS),Human Resources (HR), ERP, Enterprise Portal (EP) UME, XI/PI, MDM, SRM,CRM 2007, BI, BOBJ, BPC, SAP R3, Global Trade Services (GTS) ,ESS/MSS, PSCD, TREX, SCM, PS, APO, PLM, SCM, SAP Human Resource Management Systems (HRMS), MII, MES, LSO, E -Sourcing, Portal (SRM, CRM, BI, MDM, MDG, SAP Fiori, Fiori Application (incl. cloud edition), HANA -SAP\'s in-memory computing platform designed for performing real-time analytic and developing and deploying real-time applications. )
  • Development of tailored Security and controls techniques in conjunction with system upgrade (i.e. ERP,
  • GRC, IDM, ECC, CRM) and the design or re-engineering of business processes (i.e. shared services)
  • Support security design and architecture for SAP Cloud implementations, end-user interface to manage tokens issued to client applications, request access token
  • Setting an Authorization Grant Type and their associated Flows, Enable Tag Clouds, Enable Community Sharing, Enable Dynamic Navigation Support, Define Tag Result Lists, OAuth Protocol
  • SAP hybris integration with SAP Business Suite rapid-deployment solution
  • HANA Security, HDMSQL, Standard and Restricted Users, SYSTEM user, HANA Live
  • Asynchronous B2C/simple B2B scenario
  • Experience designing and implementing security for SAP HANA
  • Experience Creating customized roles in HANA DB for Developers, Modelers, Technical Admins, End Users, Power Users
  • Design, Restrict and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users
  • Define controls to restrict Create, Drop, Alter other DB Admin rights on HANA DB Schema and its objects
  • Design transportation of Security Objects/Roles within HANA Landscape
  • Define user creation and Role assignment processes
  • Set up password policies
  • Create Groups in BOBJ Server for different type of Users (Admins, Managers, Developers, End Users etc..)
  • Define and Control access to various Folders
  • Setup SSO with AD or LDAP for SAP, Enterprise and other types of Authentication
  • Define & Control access at Object level for different types of BOBJ Reports (Full control, View, Schedule, View on Demand)
  • Transportation of Security objects within BOBJ Landscape
  • Integration of BOBJ Security with HANA DB Security Roles
  • ERP sends master data to hybris, and hybris runs the whole commerce scenario without any real time interaction (= synchronous calls) into ERP. Orders are created in hybris and replicated via iDoc to ERP for fulfillment
  • \"Hybrid\" B2B scenario - mostly asynchronous with synchronous calls to ERP where required ERP sends master data to hybris, and hybris runs the whole commerce scenario
  • Synchronous B2B scenario ERP sends master data to hybris, and hybris provides the shopping UI, product catalog, search and navigation

Project history

UPON REQUEST

Local Availability

Only available in these countries: Ukraine
World

Other

EDUCATION / PROFESSIONAL DEVELOPMENT
 
Master of Science Degree in Computer Science and Electronic Engineering,           
Vinnitsa State Technical University, Vinnitsa, Ukraine, USSR
Program emphasis:
Information System, Embedded Systems, Database, Business Application and Communications, Computer Engineering, Management, Software Architectures
 
Final Project:
“Adaptation for generation of functions on segnetopyezo electrical elements of analog memory by a                             method of piece-linear approximation”
 
Central Processor Internal Operations Certificate,
Union Computer Complex, Kazan, USSR
Principle of Operation (Processors), Programming in Assembler, Micro Programmed Control Unit,
Operations unit, Local Memory of Processor, Control Unit, Diagnostic Unit, Operational Memory Bank,
Unit of giving command, System of Virtual Machine, Selection Unit, Accelerator
               
Programmer Analyst Diploma, CDI College, Kingston, ON
 
SAP- Security and Authorization Concepts Certificate, SAP, Montreal, QC
 
REFERENCES AVAILABLE UPON REQUEST
Profileimage by Gennadiy Krivdyuk SAP SECURITY ARCHITECT from Vinnitsa SAP SECURITY ARCHITECT
Register