SAP Security Consultant
CGI
Keywords
Skills
SAP Security Consultant
Project history
03/2019
-
07/2022
* SODEXO :
* Audit of the authorization system : Remediation and Mitigation for sensitive business transactions
(F110,MIGO... ) and technical ones (SM30, LSMW, SE16... ), role and transaction volume , use of critical
profile like SAP_ALL, Occurrence of transaction in roles, Respect of the SAP Authorization architecture
* Correction of critical objects (s_btch_job, s_tabu_dis, s_develop, s_rfc, s_user_grp... ) according to best
specific rules
* Documentation and Template creation to improve ticketing process relative to authorization issues.
* Audit of the authorization system : Remediation and Mitigation for sensitive business transactions
(F110,MIGO... ) and technical ones (SM30, LSMW, SE16... ), role and transaction volume , use of critical
profile like SAP_ALL, Occurrence of transaction in roles, Respect of the SAP Authorization architecture
* Correction of critical objects (s_btch_job, s_tabu_dis, s_develop, s_rfc, s_user_grp... ) according to best
specific rules
* Documentation and Template creation to improve ticketing process relative to authorization issues.
06/2018
-
07/2022
SAP Security Consultant
CGI
* VALEO :
* Program creation for mass assignment of composites and simple roles per user: use of
BAPI_USER_ACTGROUPS_ASSIGN
* Writing of functional specification and testing of the solution
* Program creation for mass assignment of composites and simple roles per user: use of
BAPI_USER_ACTGROUPS_ASSIGN
* Writing of functional specification and testing of the solution
05/2016
-
07/2022
SAP Technical Assistance
CGI
* TMA IPSEN
* Technical Analysis (FI / MM / PP)
* ALV Report creation from scratch
* Debug and standard analysis on various subject like the Analysis of false values found in invoice
creation function module
* User exit implementation
* SAP notes Implementation GR / PT using SNOTE
* Release Management via STMS, SE10
* Technical Analysis (FI / MM / PP)
* ALV Report creation from scratch
* Debug and standard analysis on various subject like the Analysis of false values found in invoice
creation function module
* User exit implementation
* SAP notes Implementation GR / PT using SNOTE
* Release Management via STMS, SE10
10/2015
-
07/2022
SAP Security Consultant
CGI
* SAP Authorization deployement for OCP Répartition
* Study of Deloitte Audit to define the SOD repository according to the requirements
* Audit of the system ( respect of authorization conception, audit of users, security aspect)
* Specification of the new OCP Profiles and the new organizational families during design workshops
* Specification of the new authorization solution (OCP Matrix)
* SoD Analysis of roles by using an Access database filled according to the rules defined in the new SoD
OCP matrix
* Implementation of father derived and composite roles
* Assistance during deployment and procedure definition for maintenance
* Study of Deloitte Audit to define the SOD repository according to the requirements
* Audit of the system ( respect of authorization conception, audit of users, security aspect)
* Specification of the new OCP Profiles and the new organizational families during design workshops
* Specification of the new authorization solution (OCP Matrix)
* SoD Analysis of roles by using an Access database filled according to the rules defined in the new SoD
OCP matrix
* Implementation of father derived and composite roles
* Assistance during deployment and procedure definition for maintenance
06/2015
-
07/2022
SAP Security Consultant
CGI
* SAP Authorization deployement for HERAKLES Project
* Build of the Habilitation model based on SAP best practice for 90 Profiles and according to Safran
specifications
* Definition of SAP transaction, functional and organizational content, for profiles during design workshops
(PS, MM, PP, QM, SD, FI/CO, MDM)
* Design of the Authorization Matrix
* Implementation of the roles based on the new Matrix
* Build of the Habilitation model based on SAP best practice for 90 Profiles and according to Safran
specifications
* Definition of SAP transaction, functional and organizational content, for profiles during design workshops
(PS, MM, PP, QM, SD, FI/CO, MDM)
* Design of the Authorization Matrix
* Implementation of the roles based on the new Matrix
05/2015
-
07/2022
SAP Security Consultant
CGI
* Assemblée nationale : ECC6 IT Auhorization Maintenance at acceptance phase using GRC
Access Control
Access Control
04/2011
-
02/2013
SAP Security Consultant ECC6
CGI; Atos
* TMA Sanofi :
* Authorization Incident resolution : Analysis, proposition of solution, SOD Analysis, remediation, deployment
and documentation
* Designing Approval matrix, Analyzing Creating and maintaining authorization and Roles including Single
role, Composite role and derived role under deployment of new affiliate
* Assistance for HR authorization: Structural restriction on managers and employee perimeter
* Generate specification document for each role using Macro
J2
J2EE Developer
Atos - Bordeaux, France - Master 1 Intership - 05/2010, 08/2010
* France Telecom :
J2EE Trainee on ETECH PIDI project for France Telecom where I Designed and developed new
functionality of the web service. PIDI and ETECH are the web services that manage the
technician interventions under France telecom's local loop
* Authorization Incident resolution : Analysis, proposition of solution, SOD Analysis, remediation, deployment
and documentation
* Designing Approval matrix, Analyzing Creating and maintaining authorization and Roles including Single
role, Composite role and derived role under deployment of new affiliate
* Assistance for HR authorization: Structural restriction on managers and employee perimeter
* Generate specification document for each role using Macro
J2
J2EE Developer
Atos - Bordeaux, France - Master 1 Intership - 05/2010, 08/2010
* France Telecom :
J2EE Trainee on ETECH PIDI project for France Telecom where I Designed and developed new
functionality of the web service. PIDI and ETECH are the web services that manage the
technician interventions under France telecom's local loop
06/2009
-
08/2009
PHP-MySQL Developer
INCOMM
* INCOMM Trainee Web developer : Creation of (e-commerce site, portal site, showcase site) for
big corporate and residential Customers
big corporate and residential Customers
04/2008
-
06/2008
PHP-MySQL Developer
Banque du Maroc
* Enhancement of the management tools dotProject, used by the IT System department of the
central bank: Implementation of new modules, Reporting, dashbord and traceability to manage all
IT Projects
central bank: Implementation of new modules, Reporting, dashbord and traceability to manage all
IT Projects
Local Availability
Only available in these countries:
France
