Sap Security Identity Access

Location:

Houston, TX

Posted:

April 15, 2025

Contact this candidate

Resume:

SATISH ARKATALA, CISSP Email: ************@*****.***

SAP Principal Security, GRC, and BTP Consultant Contact: +1-404-***-****

OBJECTIVE:

Experienced SAP Security & GRC consultant with a strong background in designing, implementing, and managing security solutions for SAP environments. Seeking opportunities to contribute my expertise in securing critical data and ensuring compliance within complex organizations.

PROFESSIONAL SUMMARY

Highly accomplished SAP Security and GRC consultant with extensive experience in successfully leading SAP solutioning efforts spanning six end-to-end full life cycle security implementations and various rollouts/deployments of Fortune 100 clients with 17+ years of experience.

Got implementation experience designing security and architecture on SAP BTP platform and SAP Analytics Cloud (SAC). Designed Hana cloud security with HDI containers and schemas and created new roles, collections, trusts, and users in the BTP cockpit of the SAP cloud foundry. Set up authorization for XS advanced applications. Handled users, teams, and roles and assigned roles and user permissions in SAP SAC.

Worked on setting up user provisioning and de-provisioning in SAP IAG by integrating with IAS and IPS and building SAP security roles using SAP Cloud Identity Access Governance (IAG). I worked on the access request to utilize self-service access request forms for users and role provisioning in Cloud applications. Used SAP IAG cloud bridge to connect and integrate the ARIBA, SAC, IBP and Workzone cloud systems.

Implemented SSO setup in IAG using IAS services and configured Privileged Access Management (PAM) in SAP IAG to monitor and control access to the privileged data.

Used Access Certification service in the Cloud Identity Access Governance (IAG) provides the option to certify access. Finally, the Access Analysis service was used to analyze access risks across cloud applications and refine or remediate access according to the auditory requirements.

Got strong experience with SAP BTP user and member management on platform users and business users. Setting up authentication using IAS. Managing authorization and assigning using SAP Cloud Identity Access Governance service. Managing authorization in global accounts, directories, and sub-accounts. Giving access rights to platform users.

Connected SailPoint to HANA DB. Integrated SailPoint to S/4 HANA On-Premises, S/4 HANA Cloud (includes S/4 HANA & ABAP security-based apps)

Have got strong experience in designing security for SAP Success Factor Employee Central using the Role-Based Permission (RBP) framework. Worked on setting up granted users, granted roles, granted permissions and target user mapping.

Got a strong hands-on implementation exposure of the S4 HANA product portfolio on S4 HANA multiple Domains. Implemented security and authorization for S4 Hana on premise 1809/1909/2020/2021 and S/4 HANA cloud 2102/2202 on FI/CO, O2C, P2P, SD, Logistics / WM (S4 embedded), PP, MM, SRM, CRM, Success Factors, Ariba, BPC (embedded).

Implemented security solutions on SAP cloud applications such as IBP. Created users, roles, permission filters and attribute permissions. Helped set up security best practices for ongoing implementations.

Got strong experience with Catalog security, Ariba user administration including user creation, user group assignment, user groups and user roles creation and management.

worked on user creation, group creation, role creation and group and role assignment in SAP ARIBA for both upstream and downstream. Strong understanding of catalog security and Ariba MDG integration. Got a strong knowledge of MDG authorization objects. Got a basic understanding of Keelvar sourcing optimization integration and Icertis contract management integration with SAP ARIBA.

Exposed to SAP Logistics Business Network (LBN) and tight integration with the SAP TM (Transportation Management) to connect multiple business partners for inter-company logistics collaboration. Designed, implemented, and configured HANA security, integrated with BOBJ and BPC, integrated HANA with SAP GRC AC 12.0 for management of SOX/SOD, and with SAP GRC PC 12.0 for Continuous Control Monitoring (CCM). Implemented HANA security, including Data masking, auditing, and data security.

Developed and managed deployments to the SAP Business Technology Platform with experience in SAP Fiori design experience and UI Theme design experience.

Strong understanding of the SAP environment, including SAP UI5, Fiori, OData, CE, and Fiori on the SAP Cloud and Enterprise Portal. I have a good understanding of emerging SAP technology and product roadmaps for both on-premise and cloud offerings.

Planned, architected, and implemented the entire GRC 12.0 implementation, including sizing, installation, configuration, backend, and front-end system requirements involving the following: Designing Business Process Controls, Designing Organizational Hierarchy and Local Process Controls, Designing the User Interface, and work Center, Design of Multistage and multi path (MSMP) workflow, BRF+ initiator rules, setting up Continuous Control Monitoring (CCM) using a data source and rules.

Successfully upgraded the GRCAC module for GRC10.1 to 12.0 with a key focus on the following functionalities: Access Risk Analysis (ARA), Emergency Access Management (EAM), Business Role Management (BRM), and Access Request Management (ARM).

Designed Catalog and group-based Access roles in the NetWeaver gateway system to give access to the custom Fiori apps.

Proficient in creating BI/BW analysis authorization tools using Transaction (RSECADMIN, RSD1, RSA1, and RSRT), Designed Total vs. aggregate authorizations, and Hierarchical authorizations.

Have worked and configured security design on BPC 10.0 NW (EPM) systems. Designed roles, task profiles, and access profiles and performed user administration on the BPC web admin console in version 10.0 over various environments.

Extensively worked on EWM (Extended Warehouse Management), MDG (Master data Generator), and MEI/MII NWBC-based security design. Created and maintained authorizations and roles in SNC (Supply Network Communications.

Actively involved in the design of internal controls and authorization as per SOD and anchored various audit/compliance workshops across top client management.

Created customized SRM roles for employee, Manager, Purchasing Assistant, Purchase Manager, Optional Purchaser, Strategic Purchaser, content manager, Component Planner, Bidder, Vendor, Administrator, etc. using the BBP* transactions.

Experience in advanced frameworks: BOL, BOPF, BRF Plus, CDS etc.

KEY TECHNICAL SKILLS

SAP SECURITY GRC HANA ENTERPRISE PORTAL ESS-MSS S/4 HANA SOLUTION MANAGER NWDI NWDS SAP GRC SAP IBP SAP SAC SAP RELEASE MANAGEMENT CUSTOMER ENGAGEMENT GLOBAL TEAM COORDINATION CUSTOMER TRAINING SUPER USER TRAINING SAP BOBJ SAP BPC OPEN TEXT SAP CPS SAP BTP SAP IAG SAP MDG SAP IBP SAP SAC SAP IAG SOD SAP AVM ARIBA INTEGRATION WORKFLOW MOBILITY WORKZONE CPI DATASPHERE ARIBA FIELDGLASS SAP TM SAP LBN

INDUSTRY AREAS OF KNOWLEDGE

OIL & GAS ENERGY & UTILITY CHEMICAL MANUFACTURING RETAIL FIN TECH IT SERVICES PSU Pharmaceuticals

SELECTED ACCOMPLISHMENTS

●Leveraged GRC Process Controls and semi-annually reduced ~30% of operational resource time by automating ITGC controls.

●Integrated HANA DB with GRC and enabled EAM, ARA, and Auto provisions for IT and Business users.

●Successfully acted as a Point of contact for both Functional and Security teams. I succeeded in preparing the roles for post-production and giving training to the end users in a short time.

●Bombardier awarded me an applause for my excellent client service commitment and hard work on multiple SAP security implementation projects.

●Automated multiple manual controls such as UAR / FF log review by reducing ~25% of the resource time.

●Redesigned roles to reduce segregation of duties (SoD) risk and Sensitive Access (SA) risks by ~30%

●Applause award from Baker Hughes in one of the SOD remediation projects.

PROFESSIONAL EXPERIENCE DETAILS

Company : Newmont Mining January 2024 – Present

Location : Denver, CO

Industry : Mining

Designation : SAP Security Architect – S4 HANA, GRC, IAS, IAG, SuccessFactors RBP Consultant

SuccessFactors Implementation - Key Responsibilities:

Good understanding and experience with COBIT, COSO, ISO270012, SAS, SOX, and privacy regulations.

Led and actively supported teams of Security and business analysts in the implementation, use, and maintenance of GRC continuous compliance tools to address Security, authorization, provisioning, Segregation of Duties (SOD), and other compliance issues within SAP.

Integrated IDM with SAP HCM System, SAP Backend Systems (ECC, BI, SRM, CRM), non-production SAP Systems including Legacy Systems.

Experience performing Proof of concept SAP Cloud Identity Access Governance (IAG) 2105/2108 version extending User Access Review (UAR) for cloud solutions to SAP Access Control through the AC-IAG Bridge Scenario.

Good Understanding of implementation of Hybrid Identity & Access Governance SAP Cloud SAP IAG Bridge functionality that connects SAP Access Control (GRC) on-premises solution with SAP Cloud Identity Access Governance (IAG) to extend access governance functionality into the cloud.

Involved in implementing Core EC Modules and adapted SuccessFactors Cross Platform 2H 2022 release features: extensively utilized Core Hybrid and Full Cloud Deployment Models.

Conducted periodic security reviews and audits in accordance with regulatory and audit compliance standards, identifying and mitigating IAM risks and ensuring compliance with security policies.

Involved in designing security design for SAP on-premise and Cloud environment(s), including SAP SuccessFactors and SAP Ariba

SAP ECC User maintenance (creation, deletions, and maintenance of users, mass users’ maintenance).

Participated in the accurate creation of configuration workbooks. Configured and implemented SuccessFactors Employee Central to meet business requirements.

SAP SF Experience creating RBP Security Strategies working with workbooks for Employee Central, HRIS, Talent, Recruiting, On-Boarding, and Compensation.

Designed and Developed Security Roles and Permissions for SuccessFactors Suite - Employee Central Recruiting and Onboarding, Compensation, Performance & Goals, and Work Force Planning and Analytics.

Attended Workshops with the Technical and Functional team on EC to SAP ECC Field Mapping Process.

Extensively worked on Role-Based Permission (RBP) framework in SuccessFactors that controls data access for different users and also on legacy permissions framework called Administrative Domains.

Proposed recommendations and remediation action items with Business users and Internal Audit.

Worked with Technical and Functional Leads to identify Sensitive Access risk remediation, mitigation controls, and monitoring.

Role-Based Permissions (RBP): Oversee the design and implementation of RBP configurations, safeguarding system security by controlling access based on user roles and responsibilities.

Workflow and Business Rules Configuration: Configure and maintain complex workflows and business rules within SuccessFactors Employee Central, ensuring efficient and accurate HR processes.

Security Audits: Conduct regular audits of RBP settings to ensure compliance with security protocols and industry standards and identify and address potential vulnerabilities.

System Integrity: Maintain the integrity of the SuccessFactors Employee Central system by performing routine checks and updates, ensuring that all configurations align with organizational policies.

Organized Working Sessions and workshops with Functional leads and owners to gather business prerequisites and Identify risks within SuccessFactors (Employee Central).

Identified relevant SAP Notes and Upgraded to GRC AC 10.1 SP18 and SP19 for SuccessFactors Connector Type.

Created Functions, Risks and generated the SuccessFactors Access Rules for SoD Ruleset for SuccessFactors.

Customize and configure the GRC ruleset within or between SuccessFactors and ECC for the Access Risk Analysis (SOD and Sensitive Access).

Designed cross-system functions and risks in SAP Access Control for SAP HCM and SAP SuccessFactors.

Involved in UAT Testing of SAP Access Control changes to ensure new cross-system SuccessFactors risks are detected and mitigated.

Worked on SuccessFactors Administrator Permissions and enabled additional security on the following modules - Compensation, Dashboards and Reports, Calibration, Job, and Skill Profile Visibility.

Worked on creating users in BTP sub-accounts, created roles and role collections

Worked on setting up users in ARIBA under core administration in both parent and child realms.

Integrated SAP IAG with Sail Point as POC. Integrated SAP IAS with Success Factor.

Worked on setting up user provisioning and de-provisioning in SAP IAG by integrating with IAS and IPS and building SAP security roles using SAP Cloud Identity Access Governance (IAG). Worked on the access Request to utilize self-service access request forms for user and role provisioning into the Cloud applications. Used SAP IAG cloud bridge to connect and integrate the ARIBA, SAC, IBP and Workzone cloud systems.

Implemented SSO setup in IAG using IAS services and configured Privileged Access Management (PAM) in SAP IAG to monitor and control access to the privileged data. Set up PAM ID, user, PAM approver and reviewer in IAG.

Used Access Certification service in the Cloud Identity Access Governance (IAG) provides the option to certify access. Finally, used the Access Analysis service to analyze access risks across cloud applications and refine or remediate access according to the auditory requirements.

Developed Many Ad-hoc Security Reports for Internal Audit and other Managers as needed –

RBP User to Role Report

RBP Permission to User Report

RBP User to Group Report

RBP Permission Roles Report

Experience creating a Success Factors ruleset categorizing SF Function Groups and Identifying which Permissions create SoD and remediate the risks.

Designed and Developed Field-Level Permissions in the Permission Roles (e.g., View, Edit, correct, delete, etc.) that can be controlled for each field as per business requirements.

Created and updated custom roles for SAP ERP, SAP S4 Hana, and UBOS applications by using PFCG to ensure users have access only to the transactions and functions required for their roles, adhering to the principle of least privilege.

Configured and optimized SAP role menus using SU24 to map transaction codes to roles, ensuring alignment with security policies and maintaining compliance with segregation of duties (SOD) requirements.

Participates in and understands all types of test phases (System Test, Integration, Functionality Testing, and UAT).

Experience mapping ECC data to Permissions in SuccessFactors.

Designed and Implemented security for SAP Human Resources (HR) Structural Authorizations.

Maintained Authorization Main Switches and customer-specific authorization objects.

Create Structural Authorization Profiles and assign them to positions and User IDs as per the organizational structure.

Created Personnel Master Records (PA40) and assigned them to Positions.

Company : Par Pacific June 2015 – February 2024

Location: Houston, Texas

Industry : Oil and Gas

Designation : SAP Security & GRC Architect (Full-Time)

Key Responsibilities:

Good understanding and experience with COBIT, COSO, ISO270012, SAS, SOX, and privacy regulations.

Delivered full life cycle SAP GRC 12.0, S4/HANA, native Hana, Hana Cloud, Fiori, ECC, Portal, ESS/MSS, SRM, CRM, BPC, BW, and BOBJ, IBP, BTP, and IAG Security implementations.

Led the design and implementation of end-to-end security solutions for SAP HANA landscapes, ensuring data confidentiality, integrity, and availability. Conducted comprehensive risk assessments and vulnerability analyses to identify security gaps and develop effective mitigation strategies.

Designed and enforced authentication and authorization models, including role-based access controls (RBAC) and attribute-based access controls (ABAC). Implemented encryption mechanisms for data in transit and at rest, enhancing data protection across the SAP HANA environment.

- Collaborated with cross-functional teams to establish security policies, procedures, and guidelines aligned with industry standards and best practices.

Proficient in developing IDM solutions and integrating with complex heterogeneous landscapes.

Experience developing complex access request processes for multiple customer bases.

Knowledge and experience with SAP Access Control 10.0 / Process Control 10.0 / Risk Management 10.0.

Involved in Integration with Active Directory, SAP GRC, and implemented SAP IDM 7.2 with integration with SAP ECC, Active Directory.

Involved in Configuration and support of SAP IDM 7.2 /8.0 integration with SAP and non-SAP repositories.

Manage engagement teams and provide technical leadership in the strategy, design, and implementation of SAP Security and GRC 12 Access Control Implementation.

Review and suggest recommendations for designing and building Security for S/4 HANA and Fiori to help address the client's access requirements.

Led the IT Controls & Compliance team and Planned the SOX Audits, performing walkthroughs, assessing the internal control environment, testing controls, remediation activities, and reporting to management.

Worked with business and technology leads to develop business roles for different business areas.

Knowledge and understanding of GRC Access Control 10.0 Architecture and Landscape.

Actively Involved in GRC discussions and new processes and led training workshops on GRC security topics.

Involved in SAP GRC v10.0 / v10.1 - BRM, ARA, ARM, SPM - Installation Verification and Post Installation Tasks. Experience in workflow, configuration, and custom field development for GRC 10.1.

Did SOD remediation at user and role level by using a GRC risk analyzer. Created risks, actions, and permissions and worked on updating the rulesets.

Worked on updating custom rulesets by creating the custom risks, functions, and remediations in S/4 HANA CFIN, ECC, Fiori, and CRM systems.

Working on creating custom paths for GRC 12.0 workflow (MSMP/BRF+)

Working on configuring Centralized Firefighter reporting (risk analysis, EAM log, owner, and controller reporting logs)

Working on the security administration in Cloud systems like BTP and IBP.

Involved in Configuring Shared GRC Settings – Post-installation Tasks, Integration Framework, Creating and Maintaining Connectors, and Shared Access Control Settings and Identify Business Configuration (BC) Sets, BRFplus Function Mapping and Emergency Access Management Configuration.

Involved in Creating Rules – Initiator, Agent, and Routing Rules in the Business Rule Framework (BRF), defined workflow-related MSMP (Multi-Stage Multi-Path) Rules and Periodic Access Review Process.

Hands-on Experience with GRC Business Roles, creating and maintaining BRF Rules.

GRC AC upgrade from 5.3 to 10.0 and currently 10.0 to 10.1. Service pack upgrade from SP9 to SP13.

Involved in implementing SOD Rule Set Remediation and Conflict Resolution with other Functional teams.

Experience in configuring MSMP & BRF Plus rules in GRC Access Control 10. Designed and implemented complex workflows for business scenarios like user management and emergency users.

Worked on GRC Common and NetWeaver Components – GRC Master Data, Workflow, Reports, and Dashboards. And also Access Risk Analysis Analytical Reports.

Hands-on Experience with Auth. Objects - GRFN_API, GRFN_REP, GRFN_CONN.

Upgraded GRC 5.3 to GRC AC 10.0 - SP11 (Emergency Access (EAM), Access Risk Analysis (ARA).

Provided hypercare support and handled the issues reported via the ticketing system.

Handled the semi-annual UAR process using GRC access control.

Integrated SAP IAG with GRC 12.0 using the identity bridge. Connected SAP Cloud systems, i.e., SAP IBP, SAP Success Factors, SAP SAC, and ARIBA with IAG. Worked on setting up SSO using SAP IAS services.

Worked on designing the upstream and downstream roles S/4 HANA, MDG/FIORI roles in Source to Pay (PTP), Inventory to Deliver(ITD), Order to Cash (OTC), and Central Finance(CFIN) scenarios.

Worked on building security roles/teams in SAC and roles, permission filters, and attribute permissions in IBP.

Worked on creating users in BTP sub-accounts, created roles and role collections

Worked on setting up users in ARIBA under core administration in both parent and child realms.

Integrated SAP IAG with Sail Point as POC. Integrated SAP IAS with Success Factor.

Worked on setting up user provisioning and de-provisioning in SAP IAG by integrating with IAS and IPS and building SAP security roles using SAP Cloud Identity Access Governance (IAG). Worked on the access Request to utilize self-service access request forms for user and role provisioning into the Cloud applications. Used SAP IAG cloud bridge to connect and integrate the ARIBA, SAC, IBP and Workzone cloud systems.

Implemented SSO setup in IAG using IAS services and configured Privileged Access Management (PAM) in SAP IAG to monitor and control privileged data access. Set up PAM ID, user, PAM approver and reviewer in IAG.

Used Access Certification service in the Cloud Identity Access Governance (IAG) provides the option to certify access Finally used the Access Analysis service to analyze access risks across cloud applications and refine or remediate access according to the auditory requirements.

SAP FIORI UI5 / Personas Security Implementation

Involved in Proof of Concept and Conducted workshops with Stakeholders for finalizing Security design and apps.

Involve in Developing scope and technical architecture of the client’s SAP FIORI landscape.

Involved in Fiori / UI5 Gateway Role Design to include Catalogs, Groups and OData for Fiori Launchpad. Backend role design to include OData, Webdynpro with Authorizations.

Involved in Trace Error Log Analysis using ST01, STAUTHTRACE, /IWFND/ERROR_LOG, SM20, SLG1 and HTTP Trace for missing Services and Backend Authorizations.

Involved in Building roles in the SAP Gateway (Frontend) and an SAP ABAP system (Backend).

Involved in multiple concurrent projects with Fiori Development, specifically Analytical Dashboards Apps and Catalog Target Mappings.

Gathering requirements and documenting S/4 HANA Security Strategy and framework.

Designing and building roles for S/4 HANA (Transactional and MDG) and Fiori Gateway Systems. Building roles for GRC 12.0, BW/4HANA, HANA DB, MDG, and various other systems.

Working with Fiori Config team to identify the areas where the inactive apps are generating frontend or backend authorization issues and customizing the catalogs to remove inactive apps.

Documenting and implementing cut-over tasks for the S/4 HANA go-live. Troubleshooting and identifying the missing OData Services and Authorization Issues in /IWFND/ERROR LOG and notifying the Basis and Fiori Configuration team to activate them.

Extensively involved in troubleshooting authorization issues with Fiori apps.

Involved in identifying the root-cause of Fiori Authorizations issues - research on Missing Services, Tiles, Groups or Inactive Services and Missing Authorization Objects.

Created Fiori roles the relevant technical catalog, groups and object restriction for the identified Apps.

SAP BTP / IAS / S4 HANA Implementation

Worked on User Account Aggregation, User group aggregation, user group provisioning, turn Account Provisioning on/off. Unlock Account Provisioning, Change Account Password, Add Entitlement(s), remove Entitlement(s). Using SailPoint’s SAP HANA Database connector. Integrated SailPoint with S/4 Hana cloud.

Handled SOD violations and mitigations using SAP Access Violation Management (AVM) tool. Worked on integration of AVM SI with Ariba and Oracle. Summarized the financial impact of access violations.

Delivered full life cycle SAP GRC 12.0, S4/HANA, native Hana, Hana Cloud, Fiori, ECC, Portal, ESS/MSS, SRM, CRM, BPC, BW, and BOBJ, IBP, BTP, and IAG Security implementations.

Collaborated with cross-functional teams to establish security policies, procedures, and guidelines aligned with industry standards and best practices.

Provided guidance and training to internal teams on SAP HANA security measures, promoting a culture of security awareness Implementation of HANA cloud security with HDI containers and schemas, best practices to implement in HANA cloud during role development that will make the role objects transportable.

Implemented building security roles, including attributes and scopes, teams, and users, and assigning roles and user permissions in SAC (SAP Analytics cloud). Setting up application security in SAP XS Advanced.

Implemented GRC Access Control 12.0 (ARA, EAM, ARM, BRM) and IDM 7.2 / 8.0 applications and all its components and configuration of 3rd party Identity Providers (IDP) to operate with SAP security solutions. Configured the MSMP workflow and designed the BRF+ workflow to automate user administration activities. Worked on Ruleset customization in GRC12.0 for various S/4 HANA modules. Used BRM to configure role management by creating single, composite and derived roles.

Created employees/business users in S/4 HANA systems by importing them from success factors on a.CSV file. Exported the business users from the S/4 HANA cloud system and imported them into SAP Cloud Identity Authentication Service (IAS). Created a communication system in S/4 HANA cloud and set up IAS as a source system in SAP Cloud Identity Provisioning Service (IPS).

Designed, developed, and supported SAP BTP applications. Played a key role in overall solution design, end-to-end process maps, landscape setup, application security, system integration, and technology future roadmaps.

Worked on SAP BTP - SAP Cloud Foundry & SAP NEO platform. Got a strong understanding of the SAP cloud platform and IAS and IPS services along with

SAP BTP and IAG. Worked on SAP Cloud integrations with SAP and Non-SAP systems.

Did SAP UI5 development on the SAP cloud platform using Restful and web services. Integrated S/4 Hana using SAP cloud connector, SAP cloud SDK (Java/node.js) with SAP BTP (Cloud Foundry).

Good understanding of SAP Cloud application development using SAP UI5, Hana XSA & SAP BAS. Worked on

Worked on SAP Cloud API Management (APIM) and SAP CPI (Cloud Platform Integration).

Implementing HANA Database security analytic authorization. Worked on creating custom roles and analytic privileges (static & dynamic) and helped create design time roles.

Implemented Application Security (HANA, ABAP, FIORI, JAVA…), including the associated mobile applications and accesses and Infrastructure Security on TM-EM security authorizations, roles, and access controls.

Designed security approach(es) for On-premises and Cloud environment(s), especially in SAP Supply Chain Management applications, particularly TM-EM, ECC, SRM, CRM, IBP, BOBJ, and Portal Security implementations. Implemented security solutions on SAP cloud applications such as IBP. Created users, roles, permission filters and attribute permissions. Helped set up security best practices for ongoing implementations.

Single handedly performed the security design and the build for SAC Migration. Created custom mapping for BW and BOBJ roles with SAC teams. Set up users, roles, and Teams in SAC.

Designed and Implemented S/4 security solutions for overall core finance (GL, AP, AR, AM, CO, and basic Cash Mgmt.). Understood the surround finance solutions, particularly where they fit in and how they integrate, like Treasury, BPC, FSCM and FSBA to propose a security role design framework. Extensively designed security roles and authorizations in Payment card data for SD/MM/FICO (GL, AP, AR, AM, CO, and basic Cash Mgmt.) areas. Designed security roles for data storage security for bank customer accounts, accruals, deferrals, loan management, cash management, bank account management, and credit management.

Developed and managed the Roles and Authorizations approach, strategy, and delivery plan across Finance, Sales, Operations, Logistics, and Procurement. Provided ongoing support and maintenance of the roles and authorizations plan by working closely with the Business.

Worked seamlessly with business delivery and IT workflows to understand the “to-be” business processes and end-to-end SAP S4 HANA solution. Developed the SAP S4 HANA Business Roles design across FICO, SD & MM environments and mapped them to the business users by creating an R2PM (role to position mapping) matrix.

Worked closely with the Process/Control counterparts to ensure the profiles were correctly reflected in the system, and the Business/IT roles were audit and Sox-compliant. Also defined the security/controls testing strategy framework for integration and user acceptance testing.

Contact this candidate