MING J. LIN

  • SAP Security consultant
  • Glendale, CA
  • Member Since Mar 25, 2023

Candidates About

 

Ming j. Lin

 

SAP SECURITY CONSULTANT

 

PROFILE

                                                                                                                                      

I am a seasoned SAP security architect who is driven by providing SAP project sustainment, with a strong sense of process control, security profile change management, and technical safeguard to protect the data integrity for clients. To effectively sustain business data in SAP systems, I applied Approva BizRights, SAP GRC suites, to address the Segregation of Duties Management Process, Compliance Calibrator for Risk Recognition, Rule Building, Validation, Risk Analysis for Remediation Firefighter and Risk Terminator for Mitigation continuous Compliance.  I am equally at home on production support, security offshore team leadership, and detailed SDLC project management, and keep abreast with traditional and new-technology tools and approaches.

 

My experience involves implementation and production support of SAP application with infrastructure security. With over ten years in performing complex and conceptual analysis, consulting, project management, I provide recommendations in the areas of application security, business process control, information technology design, implementation and assessments of policies and procedures.  Technical background includes 13 years of demonstrated information technology management experience with strong working knowledge of SAP development methodology with full cycle deployments. I practice effective client relationship management and business systems analysis.  I manage security team with demonstrated leadership ability. Customer and team oriented with the ability to work and communicate effectively with staff at all levels. Strong oral and written communication skills, my specialization is in SAP Security Assessment review, Change control management, regulation compliance.  I possess general understanding of the business drivers of operating on the enterprise level, as well as its components in products, services, finances and strategies.

 

PROFESSIONAL EXPERIENCE

 

 

 

CalPortland Corporation                                                                          July 2017 – Current May

SAP Project (Version ECC 6.0) at Glendora, CA

SAP Security consultant

 

·         Manage service request tickets in SAP environment

·         Resolve daily SAP security related (HCM, SD, FI, MM) issues

·         Research SAP Market Place notes related to SAP security patches

·         Organize Helpdesk incidents in AD account, email setup, user identity management issues

·         Present weekly status on Change Control requests and review approvals

 

 

 

Costco Warehouse                                                                          August 2016 – Dec 2016 May

SAP Project (Version ECC 6.0) at Issaquah, WA

SAP Security Audit consultant

 

·         Provided the Logic to retrieve GRC EAM Controller information

·         Compile dAudit Requirement and deliver Swim Lane Visio Workflow documents

·         Managed Business and IT user roles with scalable segregation of role profile to meet compliance requirement

·         Resolved process control inquiries related to SAP security with Audit teams

·         Monitored GRC EAM daily scheduled jobs

·         Delivered SAP security SOP guidelines to address Business and SAP Security operation/administration tasks

·         Conducted Compliance controls in GRC user access review

 

 

Toyo Tire Holdings of America                                               Oct 2014  - May2016 May

SAP Role Redesign Project (Version ECC 6.0) at Cypress, CA

SAP Security Lead consultant

 

·         Provided the Security Weaver solution and implemented the SAP Role Redesign Project in 2015

·         Compiled User Requirement and Business transformation authorization objects

·         Configured Business and IT user roles with scalable segregation of role profile to meet compliance requirement

·         Remediated KPMG audit findings and provided resolutions and mitigation controls to resolve Segregation of Duties issues

·         Resolved process control inquiries related to SAP security with internal Audit teams

·         Delivered SAP security SOP guidelines to address Business and SAP Security operation/administration tasks in both user management and role management

·         Conducted Compliance controls in quarterly and annual user access review

 

 

 

Spirit Aero Systems                                                                   August 2012 – Oct 2014ctOct Aug

SAP Diamond Project (Version ECC 6.0) Kansas and Oklahoma sites

SAP Security Administration consultant

 

·         Produce gap analysis to identify alternate solutions specific to security requirements and provide technical recommendations on design or architecture improvements

·         Provide architectural framework for security and key integration components with     Enterprise Portal, Active Directory/LDAP and ECC systems

·         Upgrade GRC 10 Access control and Fire Fighter technical considerations

·         Manage BRM and MSMP workflow in GRC 10 Access Control

·         Lead monthly outage process and Block Point implementation

·         Manage the sustain working knowledge of Sarbanes-Oxley requirements

·         Practice solid understanding of assessing and designing SAP internal controls

·         Provide SAP technical assistance to support security related activity, security procedures in a regulatory environment

·         Execute elevated temporary access policy to address SAP emergency

·         Manage Solution Manager in user administration and ChaRM users set up

·         Apply technical understanding of security strategies, technologies, and risk concepts

 

 

 

 

Johnson Controls                                                                               Nov 2011 – August 2012 Aug

SAP PSES Project (Version ECC 6.0) at Milwaukee, WI

SAP Security Architect consultant

 

·         New implementation of SRM/PI/APO/PLM project

·         Managed BOBJ and BI integrated authorization objects technical aspects

·         Led off shore support staffs to follow Global Enterprise Security guidelines and policy

·         Managed portal user access to PLM cFolder with functional iViews

·         Responsible for system architect overall security considerations with emphasis on eliminating the operation gaps

·         Enhanced audit check list with SAP validation effort in addressing the non-human account users and GRC SPM (Fire Fighter) access

·         Managed CUA, Solution Manager, global GRC connection and user administration

·         Led Security Oversight on Compliance mitigation and remediation

 

T-Mobile (second engagement)                                                             July 2011 – Nov 2011

SAP SCM APO Project (Version ECC 6.0) at Seattle, WA

SAP Security Lead consultant

 

·         New implementation of SCM/APO DP/SNP project

·         Managed APO and BI integrated authorization objects technical aspects

·         Delivered APO user roles with strong segregation of role profile technology to meet business requirement

·         Managed PwC audit requirements and provided resolution to the related SOD issues

·         Drafted SAP security interface guidelines to address Security operation and administration tasks

 

 

Hewlett Packard                                                                            July 2010 – June 2011

SAP Security Practice (Version ECC 6.0) at Irvine, CA

SAP senior Security Manager

 

·         Led the world wide COMPASS security administration

·         Initiated Special Security Projects on MS Project to track consultants’ activities in deployment, monitoring, maintenance, upgrade, and support of Project Plan

·         Managed SAP Practice security staff, including recruitment, supervision, scheduling, development, evaluation, and foster talents actions

·         Developed IT Internal Controls Assurance strategies

·         Adapted SAP NetWeaver Identity Management to provide end-to-end support for user provisioning

·         Assisted scheduling release of GRC 5.3 RAR, SPM Implementations with portal and SSO for current fiscal year

·         Enabled business process-driven identity management to integrate with SAP Business Suite

·         Applied Identity service models to deliver service–enabled identity management for SOA environment

·         Enabled business-driven identity governance model and achieved sustainable prevention of SOD violations and delivered compliant identity management

·         Coordinated monthly SOD scheduled meetings, reviewed quarterly Audit report, monitor risk mitigation control documentation, conducted enterprise-wide risk analysis, and manage user role provisioning

·         Managed security user/role matrix, profile generator design, coordinate with updated business requirement

·         Led Security practice to achieve faster resolution of auditor observations with SAP BusinessObjects GRC Access Control

·         Hosted bi-weekly COMPASS project regional security leads meetings, shared concerns in sustain support, planning projects, and organizing and negotiating the allocation of resources

 

                                                                                               

 

Foster Farms                                                                                 August 2009 – March, 2010

SAP QM & Security Redesign Project (Version ECC 6.0) at Livingston, CA

SAP Security Lead consultant - Contract

 

·         Resolved QM configuration issues related to Record Inspection Result and Chang Inspection Result in terms of authorization objects technical aspects

·         Delivered QM user roles with strong segregation of role profile technology to meet business requirement

·         Managed E&Y audit findings and provided resolution to the related SOD issues

·         Drafted SAP security policy and guidelines to address Security operation and administration tasks

·         Managed security redesign project, led security team to establish the project baseline, user access history, user role assignment, customized transaction and reports, and published redesign strategy

·         Applied user provisioning, workflow, and approvals in BizRights and upgraded to Approva/BizRights 4.5 version for security role redesign effort to meet SOX compliance and SOD sustainment

 

 

Smith Micro Software Inc                                                                        May 2009 – July 2009

Project New SAP Implementation (version ECC 6.0) at Aliso Viejo, CA

SAP Security Lead - Contract

 

  • Accelerated and mapped security requirements with SME and Business owners
  • Accomplished MM, PP, SD, FI security requirements via profile generator for client’s user role assignment
  • Coordinated integration test results, gap analysis, and provided proper remediation
  • Documented user authorizations, trained staff
  • Provided Password management, role and entitlements, reporting and auditing in the components of SAP NetWeaver Identity Management
  • Furnished GRC RAR implementation strategy to project lead, including pre-installation and post-implementation checklist

 

 

Ceradyne, Inc (Second Engagement)                                                 January 2009 – May 2009

Project Logistics Implementation (version ECC 6.0) at Lexington, Kentucky

SAP Security Lead - Contract

 

  • Collected and mapped security requirements from Business owners
  • Constructed MM, PP, SD security knowledge to client’s user role assignment
  • Led Security in blueprint, realization, test and implementation tasks
  • Conducted integration test results, gap analysis, and provided proper remediation
  • Identified SAP GRC 5.3 Access Control tool and Solution Manager to meet IT audit compliance
  • Managed HCM HR-IS development work in Query authorizations
  • Documented user authorizations, train staff, and paved ‘building block’ for third phase and future enterprise implementation

 

 

GTECH Corporation                                                           September, 2008 – November, 2008

Project Security Remediation (version 4.70) at West Greenwich, Rhode Island

SAP Security Consultant - Contract

 

  • Re-designed security collected requirements from Business owners
  • Applied HR, BW/SEM, SD, MM, FI/CO security knowledge to user role assignment
  • Formulated ESS/MSS configurations to support project analysis in working hours accumulation and resources consolidation
  • Designed with Basis team to initiate security logs in Solution Manager
  • Initiated Security re-design and execution tasks for the newly acquired division
  • Devised and Established integration test results, gap analysis, and provided remediation
  • Reviewed GRC CUP package with intention for next HR phases to do user role provisioning and termination process
  • Documented user authorizations, trained staff,  and prepared for next Audit review
  • Maintained Structural authorization parameters in authorization profile maintenance
  • Applied Evaluation Path concept to assign Organizational authorized users
  • Provided proper organizational restrictions for the authorized access of personnel administration data
  • Addressed SAP HR Application security issues, suggested recommendation in the configuration of SAP Roles, security, PD Profile Relationship, Profile Generator, SOD, Org unit access, Variants updates for all the Personnel Areas with appropriate access for all the HR and PY Roles

 

 

Ceradyne, Inc                                                                                           May 2008 – July 2008

Project FI Implementation (version ECC 6.0) at Costa Mesa, CA

SAP Security Lead - Contract

 

  • Mapped security requirements with Business owners
  • Applied FI/CO security knowledge to client’s user role assignment
  • Launched Security design and execution tasks
  • Tested and reviewed integration test results, gap analysis, and provided remediation
  • Wrote Security Management policy and Guidelines
  • Expanded out HCM implementation, HR Payroll and ADP interface
  • Introduced SAP GRC suites package and implementation strategy to PMO
  • Documented user authorizations, trained staff,  and prepared for second phase implementation

 

 

DirecTV                                                                                                   May 2008 – May 2008

Project BI Upgrade (BI version 7.0) at Los Angeles, CA

SAP Security Consultant - Contract

 

  • Reviewed BI security processes with Business owners
  • Presented BI security knowledge to client’s user role assignment
  • Migrated BW 3.5 authorizations to BI 7.0 analysis authorization
  • Accomplished and reviewed integration test results
  • Served as a functional lead to address APPROVA issues
  • Reviewed and upgraded Virsa Compliance Calibrator 5.0 to meet the enterprise access control and audit compliance, coordinated with APPOVA upgrade team to discuss upgrade schedule
  • Negotiated BI new analysis authorizations impact to developers
  • Applied Structural authorizations in Organizational Management, configured and maintained structure authorizations and assigned them to appropriate users
  • Configured Evaluation Path to determine all related objects stored under the root object ID in the structure – Org Unit, positions, and persons

 

 

Raytheon Company   (Second Engagement)                                              Oct 2007 – May 2008

Project PRISM SAP system (version 4.7) at Dallas, Texas

SAP Security Consultant - Contract

 

  • Collaborated security processes with Business owners requirement and Change management workflow  
  • Implemented CUA security knowledge to redesign client’s user role assignment
  • Delivered APO Demand Planning on planning book and assign users with different accesses, design authorization to interaction with SCM and BW data, and supplied master and transaction data through CIF interface in real time
  • Developed and delivered APO Supply Network Planning to calculate quantities to be delivered to client’s sites to match client’s demand and maintain the desired par level
  • Managed Integration test defects and updated authorization objects and roles
  • Generated Training system and coordinated with trainer and training documentation
  • Assisted in implementation of the APPROVA and Solution Manager to meet the enterprise access control and audit compliance
  • Aligned security guidelines with developers and Business SME for project deliverables

 

 

SAP America, Chicago Metro Water District                                             July 2007 – Oct 2007

Senior Security Consultant (version 4.7, ECC 5.0, ECC 6.0) at Palo Alto, CA

 

  • Assessed security upgrade from 4.7 to ECC 6.0 with infrastructure architect knowledge 
  • Applied Role based security practice to redesign client’s user role assignment
  • Practiced BI 7.0 analysis security and updated authorization objects and roles
  • Called upon SEM BPS security with clients related to best practices and standards
  • Served as a principal consultant and contributed best practices to enhance SAP GRC 5.3 implementation strategy
  • Led design and oversaw development of complex, cross-functional, multi-platform processes and application systems
  • Advised clients and developed complex technical architecture and design
  • Advised client on complex systems management plans and issues
  • Designed and documented administration policies and procedures to meet SOX compliance
  • Reviewed the HR Structural authorization setup and configuration
  • Maintained and assigned HR structure authorizations to end users
  • Applied PPOME, HR specific transactions and table to sustain the HR Organizational Management

 

 

Ingram Micro                                                                                       April, 2007 – June, 2007

Global Financial Initiative SAP Project (ECC 6.0) at Santa Ana, CA

SAP Security Administration - Contract

 

  • Participated in infrastructure architect for SAP security 
  • Gathered authorization objects and roles for FI/CO and OTC
  • Experienced with eFax OCR software to integrate with SAP A/P user access
  • Presented blueprint design in establishing the security procedures for SAP systems 
  • Led the process of data classification and sensitive data interface matrix
  • Evaluated and selected SAP GRC suites to meet the enterprise access control and audit compliance
  • Designed and documented security administration policies and procedures for the production environment to meet SOX compliance

 

 

Phelps Dodge Mining Company                                                   October, 2006 – March, 2007

RedPoint Moly SAP Project (ECC 6.0) at Phoenix, Arizona

SAP Security Architect - Contract

 

  • Participated in requirements gathering, assessment, design, configuration and testing activities for SAP security 
  • Configured authorization objects and roles for MM, PP, APO, FI/CO, and OTC
  • Managed the Solution Manager security aspects in the establishment of SAP landscape
  • Installed standard APO scenarios by reference to the SAP Best Practices for Supply Chain Management (SCM)
  • Delivered APO Demand Planning based on planning book, Budget Entry, Forecasting Planning, Projection, and assign users with different accesses; design authorization to interaction with OTC and BW data, and supplied master and transaction data through CIF interface in real time
  • Implemented SAP security using best practices and standards for SAP security
  • Provided support in establishing and maintaining the security and security procedures for SAP systems 
  • Led the process, training, and change management teams to implement appropriate role-based security for the production environment including role definition and job/position mapping
  • Enforced SOD concept in deploying security roles and established basic compliance procedures for role simulation after implementation
  • Designed and documented security administration policies and procedures for the production environment to meet SOX compliance

 

T-Mobile Wireless Company                                                 January, 2006 – September, 2006

Project SOX Compliance (Version 4.7) at Seattle, Washington            

SAP Security Redesign Team Lead - Contract

 

  • Led Role Redesign effort of SAP security roles for  FI/CO, and other modules of BW, SEM, EBP, HR, and SD
  • Designed governance activities to ensure compliance with SAP applications 
  • Deployed company rule sets in Virsa Compliance Calibrator
  • Led the implementation of user ID migration on FI/CO processes for mapping new application requirements to infrastructure guidance
  • Led technical and engineering teams to develop and maintain architecture and standards for Application Development, Delivery, and Deployment
  • Delivered SAP application standards, Virsa (4.0 version) Fire Fighter to review with auditors on IT controls, Segregation of Duties, and Sarbanes Oxley compliance
  • Evaluated complex technical issues and recommended appropriate actions to address the SOD violations

 

 

Raytheon Missile Company                                                           April, 2005 – October, 2005

Project PRISM SAP system (Version 4.7) at Tucson, Arizona                          

SAP Security Architect Lead - Contract

 

  • Responsible for creation of security roles for SCM, FI/CO, BW, SEM, Depot, MM, WM, IM, PS, HR, PM, GPD, SD
  • Provided auditors on subjects of IT access controls, Segregation of Duties, and Sarbanes Oxley compliance
  • Performed unit and integration test cycles with functional teams to refine the configuration of roles
  • Prepared Production Go Live procedures, coordinated hyper care and SCR sustain effort with Help Desk support
  • Validated IMG configuration setup with Business Process Team
  • Attended Change Control Meetings with functional teams, analyzed and designed the requirements of the post-implementation procedures

 

Deloitte & Touche, LLP                                                            September, 2004 – March 2005