Sap Security Consultant
Grupo Gigante
Keywords
Skills
25 years of SAP security design, construction, redesign, implementation, and operation for ECC, S4 Hana (SD, FI, MM, HR, FA, GL, CO) CUA Admin, BW, BO, SOLMAN, PI, Portal, Fiori, SRM and CRM.
IT audit general controls review, SAP SOX IT controls review, documentation and compliance. SAP security notes analysis and application.
10 years as a SAP security manager, oversee international team located in Mexico and Hungary. Manage up to 30 consultants, multi project management, budget management, personnel selection, training and evaluation. IT support center implementation and management in Hungary to support 6 European countries in all SAP Security needs
Over 7 years of experience with Virsa and GRC Access Control implementation and operation (5.3,10,10.1 and 12). Design, construct and implement the full process of ARM, ARA, EAM, BRM (Workflows, Functions, risks, SOD conflicts, Business roles, and critical access)
SAP security upgrades. GRC Access control ARA, ARM, EAM, BRM. GRAC Migration. SAP Security notes and EWA analysis. SAP security redesign based on SOD compliance. Teams, projects and budget management, SAP instructor for ADM940, ADM950, ADM960, SAPTEC, ADM100, ADM102, ADM325. SAP Basis consultant, software installation, patches apply, transports management, parameters update, upgrade execution, kernel updates. Analyze table and database grow and apply archiving procedures.
Bilingual- English and Spanish (Advance level)
IT audit general controls review, SAP SOX IT controls review, documentation and compliance. SAP security notes analysis and application.
10 years as a SAP security manager, oversee international team located in Mexico and Hungary. Manage up to 30 consultants, multi project management, budget management, personnel selection, training and evaluation. IT support center implementation and management in Hungary to support 6 European countries in all SAP Security needs
Over 7 years of experience with Virsa and GRC Access Control implementation and operation (5.3,10,10.1 and 12). Design, construct and implement the full process of ARM, ARA, EAM, BRM (Workflows, Functions, risks, SOD conflicts, Business roles, and critical access)
SAP security upgrades. GRC Access control ARA, ARM, EAM, BRM. GRAC Migration. SAP Security notes and EWA analysis. SAP security redesign based on SOD compliance. Teams, projects and budget management, SAP instructor for ADM940, ADM950, ADM960, SAPTEC, ADM100, ADM102, ADM325. SAP Basis consultant, software installation, patches apply, transports management, parameters update, upgrade execution, kernel updates. Analyze table and database grow and apply archiving procedures.
Bilingual- English and Spanish (Advance level)
Project history
01/2005
-
01/2021
* Support to SAP security personnel in access roles, review and modification for the occident
and central area stores.
* Security parameters review and access roles improvement, as well as support to the user
administration in R/3 an BW by the central user administration
and central area stores.
* Security parameters review and access roles improvement, as well as support to the user
administration in R/3 an BW by the central user administration
01/2004
-
01/2021
Project leader
Integradora de Servicios Operativos S.A.
Integradora de Servicios Operativos S.A.- Mexico City External services for Mexican Treasury
department (private company)
Project leader 2004 (6 months): * Consensus online -
* R/3 upgrade from 3.0F to 4.6C version with SQL 2000 database
department (private company)
Project leader 2004 (6 months): * Consensus online -
* R/3 upgrade from 3.0F to 4.6C version with SQL 2000 database
01/2003
-
01/2021
SAP FM Functional Consultant
AMECE
* Responsible of the budget structure construction and load the initial budget in the FI,FM and
CO modules for the 2004 accounting period.
* Support in the policies, procedures and the R/3 system manual creation for the CO and FM
modules
* Operative support in SAP to controlling (CO) and Funds Management (FM) modules. Modification
to GL accounts.
* Creation of the commitment items. Original budget assignment, release and transfer.
* Information analysis
CO modules for the 2004 accounting period.
* Support in the policies, procedures and the R/3 system manual creation for the CO and FM
modules
* Operative support in SAP to controlling (CO) and Funds Management (FM) modules. Modification
to GL accounts.
* Creation of the commitment items. Original budget assignment, release and transfer.
* Information analysis
01/2000
-
01/2021
Project leader
Química Knoll
* Segregation of duties analysis and security implementation of the SAP R/3 4.0
* Positions definition. Roles generation. Users generation.
* Test procedures design and execution.
* Training offered to basis personnel.
* Documentation of the project in a Access database.
* Positions definition. Roles generation. Users generation.
* Test procedures design and execution.
* Training offered to basis personnel.
* Documentation of the project in a Access database.
01/1998
-
01/2021
Project leader
Daimler Chrysler
* Security review and interfaces control for SAP R/3, Test design and execution
12/2019
-
12/2020
SAP and GRC Consultant
Danone; Cross Resource group
* Support end user request managed by Clio and GRC requests
* Manage Business job with in GRC (create, modify and assign new authorizations)
* Manage users and access within SAP applications (ECC, CRM, BW, Portal)
* Manage Network drive mapping, manage non SAP applications access (Optiva and Informance)
* Manage GRC Path and workflow modifications
* Uprade GRC from 10.1 to 12, implement ARM process for Danone North America (4 months project)
* Create Business roles, upload technical roles
* Create SOD Matrix
* Create Access request workflows
* Implement EAM workflows process
* Manage Business job with in GRC (create, modify and assign new authorizations)
* Manage users and access within SAP applications (ECC, CRM, BW, Portal)
* Manage Network drive mapping, manage non SAP applications access (Optiva and Informance)
* Manage GRC Path and workflow modifications
* Uprade GRC from 10.1 to 12, implement ARM process for Danone North America (4 months project)
* Create Business roles, upload technical roles
* Create SOD Matrix
* Create Access request workflows
* Implement EAM workflows process
12/2019
-
12/2020
SAP and GRC Consultant
Danone Northamerica
(Consumer goods and retail, 5000-10.000 employees)
- Support end user request managed by Clio and GRC requests
- Manage Business job with in GRC (create, modify and assign new authorizations)
- Manage users and access within SAP applications (ECC, CRM, BW, Portal)
- Manage Network drive mapping, manage non SAP applications access (Optiva and Informance)
- Manage GRC Path and workflow modifications
- Uprade GRC from 10.1 to 12, implement ARM process for Danone North America (4 months project)
- Create Business roles, upload technical roles
- Create SOD Matrix
- Create Access request workflows
- Implement EAM workflows process
01/2018
-
09/2019
SAP Security divestment advisor
Cemex; Neoris USA
* Review and re-design the current security SAP model in ECC, S/4 Hana (SD, MM, FI, GL), BW,
Fiori and BI in order to separate based on organizational levels the information between
current owned plants and those that had been sold.
* Generate strategy, workplan, design and create business blueprint, role matrix. Coordinate
with construction team in different countries, support construction, testing and golive.
Fiori and BI in order to separate based on organizational levels the information between
current owned plants and those that had been sold.
* Generate strategy, workplan, design and create business blueprint, role matrix. Coordinate
with construction team in different countries, support construction, testing and golive.
01/2018
-
09/2019
SAP Security divestment advisor
Cemex- Houston
(Architecture and civil engineering, 1000-5000 employees)
- Review and re-design the current security SAP model in ECC, S/4 Hana (SD, MM, FI, GL), BW, Fiori and BI in order to separate based on organizational levels the information between current owned plants and those that had been sold.
- Generate strategy, workplan, design and create business blueprint, role matrix. Coordinate with construction team in different countries, support construction, testing and golive.
07/2017
-
12/2017
Central applications security advisor
Neoris USA
* Control all new applications projects to ensure a proper security model implementation.
* Review and approve access to SAP consultants based on their project.
* Periodical review of IBM (outsourcing). SAP Security support and construction.
* Review and approve all access modifications request by any project. L2, L3 of SAP security
support for special projects.
* Analyze and follow SAP security findings reported by external auditors or SAP notes.
* Analyze and arrange SAP security notes installation
* Review and approve access to SAP consultants based on their project.
* Periodical review of IBM (outsourcing). SAP Security support and construction.
* Review and approve all access modifications request by any project. L2, L3 of SAP security
support for special projects.
* Analyze and follow SAP security findings reported by external auditors or SAP notes.
* Analyze and arrange SAP security notes installation
07/2017
-
12/2017
Central applications security advisor
Cemex Houston
(Architecture and civil engineering, 1000-5000 employees)
- Control all new applications projects to ensure a proper security model implementation.
- Review and approve access to SAP consultants based on their project.
- Periodical review of IBM (outsourcing). SAP Security support and construction.
- Review and approve all access modifications request by any project. L2, L3 of SAP security support for special projects.
- Analyze and follow SAP security findings reported by external auditors or SAP notes.
- Analyze and arrange SAP security notes installation
11/2016
-
07/2017
SAP Security Specialist
Gardner Denver; K2 Partnering
* Responsible of master and derived roles construction, testing support and SOD review by Virsa
for Boshan (China implementation).
* Supporting worldwide security redesign and adjustment based on the external audit review
for Boshan (China implementation).
* Supporting worldwide security redesign and adjustment based on the external audit review
11/2016
-
07/2017
SAP Security Specialist
Gardner Denver
(Industry and mechanical engineering, 500-1000 employees)
- Responsible of master and derived roles construction, testing support and SOD review by Virsa for Boshan (China implementation).
- Supporting worldwide security redesign and adjustment based on the external audit review
01/2016
-
01/2017
SAP Security Consultant
K2 Partnering Solutions
01/2016
-
03/2016
Project leader and GRC consultant
Yazaki America
(Industry and mechanical engineering, 500-1000 employees)
- Migration from GRC 10.0 or 10.1 Access Control.
- Create business bluepint, workplans ,installation, run upgrade process, rules and data transfer, configuration, testing support, training delivery and golive support
05/2013
-
01/2016
Central applications security Owner
Cemex; Neoris Mexico
* Responsible of security model for all financial and operative SAP environments BW, SOLMAN,
CRM, SRM, BO, PORTAL, ECC, PI and CUA Admin , more than 20 instances and 15 thousand users.
* Implement security control in all applications and monitor them. Control all new applications
projects to ensure a proper security model implementation.
CRM, SRM, BO, PORTAL, ECC, PI and CUA Admin , more than 20 instances and 15 thousand users.
* Implement security control in all applications and monitor them. Control all new applications
projects to ensure a proper security model implementation.
05/2013
-
01/2016
Central applications security Owner
Cemex- Mexico
(Architecture and civil engineering, 1000-5000 employees)
- Responsible of security model for all financial and operative SAP environments BW, SOLMAN, CRM, SRM, BO, PORTAL, ECC, PI and CUA Admin , more than 20 instances and 15 thousand users.
- Implement security control in all applications and monitor them. Control all new applications projects to ensure a proper security model implementation.
Project leader and GRC consultant 2013 (completed in 4 months): -Neoris Mexico -
- Implement, manage, operate and maintain SAP GRC 10 Access Control. 35 countries including Mexico and US with more than 15 thousand users.
- Design SOD process, design and create business blueprint, configure access assignation workflow and automatic SOD review with control assignation during the approval.
01/2008
-
01/2013
Central Security Owner
Cemex Mexico
(Architecture and civil engineering, 1000-5000 employees)
- SAP (BW, CRM and ECC) Security central model owner in charge of execution and control of any change made to master roles of any of the regions (Europe, Asia, America, Mediterranean).
- Implement and support CUA (central user administration) for Development, quality and production systems.
- Oversee multinational teams (regional teams) for new derived roles.
01/2006
-
12/2008
SAP security implementation leader
Neoris Mexico
* R/3 Security implementation leader for 6 North European countries.
* Personnel and budget administration.
* Design security model, business blueprint and workplans, support roles construction process.
* Technical supervision and unit test. Composite, derived and reference roles construction.
* Management of over 60 thousand roles and over 13 thousand users. Oversee multinational teams.
Implementation of the third level of support for security in Hungary and Mexico
* CUA implementation for DEV and QA systems
* Personnel and budget administration.
* Design security model, business blueprint and workplans, support roles construction process.
* Technical supervision and unit test. Composite, derived and reference roles construction.
* Management of over 60 thousand roles and over 13 thousand users. Oversee multinational teams.
Implementation of the third level of support for security in Hungary and Mexico
* CUA implementation for DEV and QA systems
01/2006
-
12/2008
Central Security Owner
Cemex Central
(Architecture and civil engineering, 1000-5000 employees)
- R/3 Security implementation leader for 6 North European countries.
- Personnel and budget administration.
- Design security model, business blueprint and workplans, support roles construction process.
- Technical supervision and unit test. Composite, derived and reference roles construction.
- Management of over 60 thousand roles and over 13 thousand users. Oversee multinational teams. Implementation of the third level of support for security in Hungary and Mexico
- CUA implementation for DEV and QA systems
Local Availability
Only available in these countries:
USA
100% travel flexibility
