
MING J. LIN
- SAP Security consultant
- Glendale, CA
- Member Since Mar 25, 2023
Ming j. Lin
SAP SECURITY CONSULTANT
PROFILE
I am a seasoned SAP security architect who is driven by providing SAP project sustainment, with a strong sense of process control, security profile change management, and technical safeguard to protect the data integrity for clients. To effectively sustain business data in SAP systems, I applied Approva BizRights, SAP GRC suites, to address the Segregation of Duties Management Process, Compliance Calibrator for Risk Recognition, Rule Building, Validation, Risk Analysis for Remediation Firefighter and Risk Terminator for Mitigation continuous Compliance. I am equally at home on production support, security offshore team leadership, and detailed SDLC project management, and keep abreast with traditional and new-technology tools and approaches.
My experience involves implementation and production support of SAP application with infrastructure security. With over ten years in performing complex and conceptual analysis, consulting, project management, I provide recommendations in the areas of application security, business process control, information technology design, implementation and assessments of policies and procedures. Technical background includes 13 years of demonstrated information technology management experience with strong working knowledge of SAP development methodology with full cycle deployments. I practice effective client relationship management and business systems analysis. I manage security team with demonstrated leadership ability. Customer and team oriented with the ability to work and communicate effectively with staff at all levels. Strong oral and written communication skills, my specialization is in SAP Security Assessment review, Change control management, regulation compliance. I possess general understanding of the business drivers of operating on the enterprise level, as well as its components in products, services, finances and strategies.
PROFESSIONAL EXPERIENCE
CalPortland Corporation July 2017 – Current May
SAP Project (Version ECC 6.0) at Glendora, CA
SAP Security consultant
· Manage service request tickets in SAP environment
· Resolve daily SAP security related (HCM, SD, FI, MM) issues
· Research SAP Market Place notes related to SAP security patches
· Organize Helpdesk incidents in AD account, email setup, user identity management issues
· Present weekly status on Change Control requests and review approvals
Costco Warehouse August 2016 – Dec 2016 May
SAP Project (Version ECC 6.0) at Issaquah, WA
SAP Security Audit consultant
· Provided the Logic to retrieve GRC EAM Controller information
· Compile dAudit Requirement and deliver Swim Lane Visio Workflow documents
· Managed Business and IT user roles with scalable segregation of role profile to meet compliance requirement
· Resolved process control inquiries related to SAP security with Audit teams
· Monitored GRC EAM daily scheduled jobs
· Delivered SAP security SOP guidelines to address Business and SAP Security operation/administration tasks
· Conducted Compliance controls in GRC user access review
Toyo Tire Holdings of America Oct 2014 - May2016 May
SAP Role Redesign Project (Version ECC 6.0) at Cypress, CA
SAP Security Lead consultant
· Provided the Security Weaver solution and implemented the SAP Role Redesign Project in 2015
· Compiled User Requirement and Business transformation authorization objects
· Configured Business and IT user roles with scalable segregation of role profile to meet compliance requirement
· Remediated KPMG audit findings and provided resolutions and mitigation controls to resolve Segregation of Duties issues
· Resolved process control inquiries related to SAP security with internal Audit teams
· Delivered SAP security SOP guidelines to address Business and SAP Security operation/administration tasks in both user management and role management
· Conducted Compliance controls in quarterly and annual user access review
Spirit Aero Systems August 2012 – Oct 2014ctOct Aug
SAP Diamond Project (Version ECC 6.0) Kansas and Oklahoma sites
SAP Security Administration consultant
· Produce gap analysis to identify alternate solutions specific to security requirements and provide technical recommendations on design or architecture improvements
· Provide architectural framework for security and key integration components with Enterprise Portal, Active Directory/LDAP and ECC systems
· Upgrade GRC 10 Access control and Fire Fighter technical considerations
· Manage BRM and MSMP workflow in GRC 10 Access Control
· Lead monthly outage process and Block Point implementation
· Manage the sustain working knowledge of Sarbanes-Oxley requirements
· Practice solid understanding of assessing and designing SAP internal controls
· Provide SAP technical assistance to support security related activity, security procedures in a regulatory environment
· Execute elevated temporary access policy to address SAP emergency
· Manage Solution Manager in user administration and ChaRM users set up
· Apply technical understanding of security strategies, technologies, and risk concepts
Johnson Controls Nov 2011 – August 2012 Aug
SAP PSES Project (Version ECC 6.0) at Milwaukee, WI
SAP Security Architect consultant
· New implementation of SRM/PI/APO/PLM project
· Managed BOBJ and BI integrated authorization objects technical aspects
· Led off shore support staffs to follow Global Enterprise Security guidelines and policy
· Managed portal user access to PLM cFolder with functional iViews
· Responsible for system architect overall security considerations with emphasis on eliminating the operation gaps
· Enhanced audit check list with SAP validation effort in addressing the non-human account users and GRC SPM (Fire Fighter) access
· Managed CUA, Solution Manager, global GRC connection and user administration
· Led Security Oversight on Compliance mitigation and remediation
T-Mobile (second engagement) July 2011 – Nov 2011
SAP SCM APO Project (Version ECC 6.0) at Seattle, WA
SAP Security Lead consultant
· New implementation of SCM/APO DP/SNP project
· Managed APO and BI integrated authorization objects technical aspects
· Delivered APO user roles with strong segregation of role profile technology to meet business requirement
· Managed PwC audit requirements and provided resolution to the related SOD issues
· Drafted SAP security interface guidelines to address Security operation and administration tasks
Hewlett Packard July 2010 – June 2011
SAP Security Practice (Version ECC 6.0) at Irvine, CA
SAP senior Security Manager
· Led the world wide COMPASS security administration
· Initiated Special Security Projects on MS Project to track consultants’ activities in deployment, monitoring, maintenance, upgrade, and support of Project Plan
· Managed SAP Practice security staff, including recruitment, supervision, scheduling, development, evaluation, and foster talents actions
· Developed IT Internal Controls Assurance strategies
· Adapted SAP NetWeaver Identity Management to provide end-to-end support for user provisioning
· Assisted scheduling release of GRC 5.3 RAR, SPM Implementations with portal and SSO for current fiscal year
· Enabled business process-driven identity management to integrate with SAP Business Suite
· Applied Identity service models to deliver service–enabled identity management for SOA environment
· Enabled business-driven identity governance model and achieved sustainable prevention of SOD violations and delivered compliant identity management
· Coordinated monthly SOD scheduled meetings, reviewed quarterly Audit report, monitor risk mitigation control documentation, conducted enterprise-wide risk analysis, and manage user role provisioning
· Managed security user/role matrix, profile generator design, coordinate with updated business requirement
· Led Security practice to achieve faster resolution of auditor observations with SAP BusinessObjects GRC Access Control
· Hosted bi-weekly COMPASS project regional security leads meetings, shared concerns in sustain support, planning projects, and organizing and negotiating the allocation of resources
Foster Farms August 2009 – March, 2010
SAP QM & Security Redesign Project (Version ECC 6.0) at Livingston, CA
SAP Security Lead consultant - Contract
· Resolved QM configuration issues related to Record Inspection Result and Chang Inspection Result in terms of authorization objects technical aspects
· Delivered QM user roles with strong segregation of role profile technology to meet business requirement
· Managed E&Y audit findings and provided resolution to the related SOD issues
· Drafted SAP security policy and guidelines to address Security operation and administration tasks
· Managed security redesign project, led security team to establish the project baseline, user access history, user role assignment, customized transaction and reports, and published redesign strategy
· Applied user provisioning, workflow, and approvals in BizRights and upgraded to Approva/BizRights 4.5 version for security role redesign effort to meet SOX compliance and SOD sustainment
Smith Micro Software Inc May 2009 – July 2009
Project New SAP Implementation (version ECC 6.0) at Aliso Viejo, CA
SAP Security Lead - Contract
Ceradyne, Inc (Second Engagement) January 2009 – May 2009
Project Logistics Implementation (version ECC 6.0) at Lexington, Kentucky
SAP Security Lead - Contract
GTECH Corporation September, 2008 – November, 2008
Project Security Remediation (version 4.70) at West Greenwich, Rhode Island
SAP Security Consultant - Contract
Ceradyne, Inc May 2008 – July 2008
Project FI Implementation (version ECC 6.0) at Costa Mesa, CA
SAP Security Lead - Contract
DirecTV May 2008 – May 2008
Project BI Upgrade (BI version 7.0) at Los Angeles, CA
SAP Security Consultant - Contract
Raytheon Company (Second Engagement) Oct 2007 – May 2008
Project PRISM SAP system (version 4.7) at Dallas, Texas
SAP Security Consultant - Contract
SAP America, Chicago Metro Water District July 2007 – Oct 2007
Senior Security Consultant (version 4.7, ECC 5.0, ECC 6.0) at Palo Alto, CA
Ingram Micro April, 2007 – June, 2007
Global Financial Initiative SAP Project (ECC 6.0) at Santa Ana, CA
SAP Security Administration - Contract
Phelps Dodge Mining Company October, 2006 – March, 2007
RedPoint Moly SAP Project (ECC 6.0) at Phoenix, Arizona
SAP Security Architect - Contract
T-Mobile Wireless Company January, 2006 – September, 2006
Project SOX Compliance (Version 4.7) at Seattle, Washington
SAP Security Redesign Team Lead - Contract
Raytheon Missile Company April, 2005 – October, 2005
Project PRISM SAP system (Version 4.7) at Tucson, Arizona
SAP Security Architect Lead - Contract
Deloitte & Touche, LLP September, 2004 – March 2005