SAP Security Project Lead / Senior Consultant
- Verfügbarkeit einsehen
- 0 Referenzen
- auf Anfrage
- Österreich
- Europa
- de | en | fr
- 02.09.2023
Kurzvorstellung
- 10+ years experience in SAP security / SoD / GRC
- 4+ years experience in Identity & Access Management
Qualifikationen
Projekt‐ & Berufserfahrung
4/2017 – offen
Tätigkeitsbeschreibung
Project "ROSA" (Roll Out SAP Authorizations)
Scope
Roll out of job-oriented role concept (“Arbeitsplatz-Konzept”) as well as IAM & SoD process across all departments and subsidiaries.
Responsibilities
- Functional workshops with business key users
- Definition & technical implementation of job roles using SAP standard as well as XAMS tools (XAMS Role Designer, XITING Times, XITING Role Profiler, Role Replicator,...)
- Ensure and implement technical integration of jobs roles with Quest One Identity Manager (Q1IM) as well as HR process integration
- Go Live preparations and support using XITING Protected Go Live
- Training of business key users on role concept and identity & access management processes
SAP BusinessObjects (BO), SAP CRM, SAP ECC, SAP Sicherheit (allg.), SAP APO, SAP BW, SAP HANA, SAP HR / SAP HCM, SAP Retail, SAP Berechtigung / User Verwaltung, SAP Rollout, Sap Solution Manager, Schulung / Training (IT), Projekt - Start-Up-Workshop, Workshop - Kundenorientierung
5/2016 – 12/2017
Tätigkeitsbeschreibung
Project "PreRo" (Preparation Roll Out)
Scope
- Upgrade of Quest One Identity Manager (from V6.02 to V7.02)
- Integration of remaining 8 SAP systems to Quest One Identity Man-ager (SAP BW & BW on HANA, APO, CRM B2C & B2B, PWS, Solu-tion Manager, SAP Russia)
- Integration of remaining Active Directory & 3rd party systems to Quest One Identity Manager
- Final replacement of SUN Identity Management System and SAP Central User Administration with Quest One Identity Manager (V7)
- Definition of SAP authorization concepts for all SAP systems using XAMS Security Architect
Responsibilities
- Definition of functional concepts for IAM integration of SAP systems including replacement of existing CUA by Q1IM
- Definition & technical implementation of SAP authorization concepts within XAMS Security Architect
- Definition & technical implementation of SAP emergency user pro-cess using XAMS Xiting Times functionality
- Functional testing of IAM process functionality with Q1IM V7
SAP CRM, SAP ECC, SAP R/3, SAP Sicherheit (allg.), SAP APO, SAP BW, SAP HANA, SAP HR / SAP HCM, SAP Retail, SAP Berechtigung / User Verwaltung, SAP Rollout, Sap Solution Manager, Projekt - Start-Up-Workshop
6/2014 – 4/2016
Tätigkeitsbeschreibung
Project "IO Excellence 2.0"
Scope
Design and implementation of:
- Identity & Access Management process landscape within Quest One Identity Manager (version 6.02)
- SoD ruleset as well as SoD support processes within Quest One Identity Manager (version 6.02)
- job-oriented role concept (“Arbeitsplatz-Konzept”) for pilot departments AS/SAP Retail and HR/SAP HR with automatic authorization management
Responsibilities
- Definition & technical implementation of SoD rules and functions down to authorization object level as well as critical authorizations
- Definition of identity & access management processes with regard to internal and external compliance
- Definition & technical implementation of job-oriented role concept us-ing SAP standard as well as XAMS Tools (XITING Times, XITING Role Profiler, Role Replicator,...)
- Deliver Quest One Identity Manager trainings for end users
SAP R/3, SAP Sicherheit (allg.), SAP HR / SAP HCM, SAP Retail, SAP Berechtigung / User Verwaltung, Sap Solution Manager, Schulung / Training (IT), Projekt - Start-Up-Workshop, Workshop - Kundenorientierung
5/2013 – 5/2014
Tätigkeitsbeschreibung
Project "OZON"
Scope
Design and implementation of new SAP authorization concept as well as optimization of existing roles & authorizations for:
- Logistics (SAP SD, MM, LE), Finance (SAP FI, CO)
- Planning (SAP APO DP & SNP)
- Reporting (SAP BW incl. structural authorizations)
- HR Personnel Administration (SAP HR)
- Solution Manager / Central User Administration
Responsibilities
- Analysis of existing roles & authorizations concept including admin-istration process to highlight weaknesses/areas of improvements
- Identification of critical authorizations (transactions/objects/field val-ues) and segregation of duties conflicts
- Role specifications incl. authorization objects and field values according to internal and external compliance requirements as well as organizational requirements
- Conduct business workshops for requirement gathering as well as knowledge transfer of new concept (role owner concept)
- Role & authorization testing (positive/negative tests)
- Role to user mapping, user setup and administration as well as as-signment of roles to HR organizational structure objects
- Troubleshooting incl. authorization trace
SAP Sicherheit (allg.), SAP APO, SAP BW, SAP HR / SAP HCM, SAP Retail, SAP Berechtigung / User Verwaltung, Sap Solution Manager, Workshop - Kundenorientierung
7/2012 – 4/2013
Tätigkeitsbeschreibung
Design and implementation of SAP authorizations for:
- SAP Retail (EHP 7 for ERP 6.0) incl. FI-CA (“Vertragskontokorrent”)
- SAP SCM (EHP 3 for SCM 7.0)
- SAP BW 7.3
- SAP CRM (EHP 3 for CRM 7.0)
- SAP PWS (ECC 6.0)
- SAP Solution Manager 7.1
- SAP HR (EHP 5 für ERP 6.0)
- Quest One Identity Manager (V 6.02, 7.02)
- Xiting Authorization Management Suite SP11 & SP12
SAP CRM, SAP ECC, SAP APO, SAP BW, SAP HR / SAP HCM, SAP Retail, SAP Supply Chain Management, Sap Solution Manager
9/2011 – 2/2012
Tätigkeitsbeschreibung
Scope
Optimization/Re-Engineering of existing SAP Authorisation concept to:
- Meet internal and external audit requirements
- Simplify technical maintenance
Responsibilities
- Analysis of existing SAP roles & authorisations and user setup pro-cess to highlight weaknesses/areas of improvements (using SUIM, SU01D, AGR* tables, etc.)
- Identification of critical authorisations (transactions/objects/field values) and segregation of duties conflicts
- Assessment of user access according to job description/process responsibilities
- Role specifications incl. authorisation objects and field values according to internal and external compliance requirements (using PFCG, SU25/AUTH_SWITCH_OBJECTS, etc.)
- Analysis and re-definition of SAP technical Parameters for SAP log-in/password security (via RSPARAM)
- Consulting and documentation on how to best secure Z-Transactions and Z-Tables
- Definition of company specific, easy to use SoD matrix
- Definition of SAP security policy and role testing templates
- Definition of governance processes, segregation of duties and security policies
SAP ECC, SAP Sicherheit (allg.), SAP APO, SAP BW, SAP Berechtigung / User Verwaltung, SAP Supply Chain Management
9/2009 – 9/2011
Tätigkeitsbeschreibung
Scope
- Business Separation and Full Life Cycle SAP Implementation
- SAP ECC modules FI, CO, SD, MM, LE, QM, PP, PM
- SAP SCM APO modules DP, SNP
- SAP BI
- SAP XI
- Non-SAP Applications
- RICEFs
Responsibilities
SAP Security Senior Consultant
- Role specifications incl. authorisation objects and field values according to internal and external compliance requirements (PFCG)
- Role & authorisation testing (positive/negative tests)
- User setup and administration (SU01, SU10)
- Role to user mapping
- Implementation of mitigating controls for access risks
- Troubleshooting incl. authorisation trace (SU53, SU56, SUIM, ST01)
SAP Consultant for Procurement to Invoice (MM)
- Workshops, Fit/Gap-Analysis and detailed process design (master data, Planning, Procurement of stock and consumable materials, Consignment, Subcontracting, Logistics Invoice Verification, integra-tion to APO SNP)
- Business process analysis and optimization
- Detailed design of functional specifications and interfaces
- Data migration
- Testing, Training
- Go-live support and troubleshooting
SAP ECC, SAP Sicherheit (allg.), SAP BW, SAP Beratung (allg.), SAP Berechtigung / User Verwaltung, SAP Supply Chain Management, Sap Solution Manager, Schulung / Training (IT), Workshop - Kundenorientierung
Zertifikate
Ausbildung
Linz
Über mich
Then somebody came who didnt know that and just did it.'
'If you think an expert is expensive, think of what an amateur can cost you'
Weitere Kenntnisse
o Authorization design for different organizational structures
o Authorization design for specific business processes
o SoD (Segregation of duties) compliant authorization design
10+ years of experience in the SAP security implementation:
o Role maintenance via SAP standard or 3rd Party tools e.g. XAMS
o CUA (Central user administration), Identity & Access Management
o Analysis & Trace using SAP standard/3rd Party tools e.g. XAMS
o Systems: SAP ECC, SAP IS-R (Retail), SAP BW (incl. BEX & Portal), SAP APO, SAP HCM,
SAP Solution Manager, SAP CRM, SAP BO (Business Objects), SAP HANA
10+ years of experience in compliance with special focus on:
o Definition of critical transactions and authorizations
o Definition of critical system parameters and settings
o Definition of segregation of duties rule set
o Authorization optimization due to audit requirements
Knowledge in SAP GRC Access control 10.0
Knowledge in SAP NW Identity Manager as well as Quest One Identity Manager
Certified SAP Solution Consultant for MM and PP with 4+ years of expe-rience as business analyst and SAP consultant in full life cycle projects
8+ years of experience in business process analysis and specification
o Certification for SAP Integrated Processes
o Specialization on ‘Procure to Pay’, ‘Plan to Production Execution’
o Profound process knowledge in SAP APO, SRM, CRM
6 years of experience in ARIS consulting and synchronization between ARIS and SAP Solution Manager
Persönliche Daten
- Deutsch (Muttersprache)
- Englisch (Fließend)
- Französisch (Gut)
- Spanisch (Gut)
- Italienisch (Grundkenntnisse)
- Tschechisch (Grundkenntnisse)
- Europäische Union
- Schweiz
- Vereinigte Staaten von Amerika
Kontaktdaten
Nur registrierte PREMIUM-Mitglieder von freelance.de können Kontaktdaten einsehen.
Jetzt Mitglied werden