Candidates About

 

Ayaz Kapadia

SUMMARY:

Over 19 years of professional SAP Security working experience, Design high-level strategy for SAP Security (Architecture), Policies/Procedures. Extensive experience in all SAP versions from R2 to ECC6, Portal Security, XI Security, BI, BOBJ, BW/SEM/APO/Crystal Reports Security, Core Modules, GRC – AC, PC, RM, SOX-Audit VIRSA-CC, FF, AE, RE, APPROVA-BizRights, HR Structural Security, IS Healthcare/Aviation/Export Sales/Real Estate/IS Oil/IS Auto DBM, SAP FIORI, Simplify Finance authorization, HANA Security. Entrepreneurial professional capable of maximizing resources through comprehensive business analysis, leadership and excellent Project Management Skills  

 

Apart from modules & ASAP certification I have been involved in more than 13 full life cycle implementations & 11 upgrades projects. Extensive experience in developing strategic, operational and departmental plans for domestic and international companies based in Middle East, Europe & North America.

 

Objective:

Started with older version (Virsa 4.0) to GRC 10, with extensive SAP Security working knowledge from SAP 3.OF version itself and been trained in 7 modules of SAP along with an Executive MBA Degree in IT, I have a full understanding of the product.

 

In my previous SAP roles, I have successfully lead and assisted my clients from:

• Requirement gathering 
• Installing and configuring SAP GRC (AC, PC & RM)
• Implemented Access Risk Analysis, Business Role Management, Emergency Access Management, Access Request Management
• Product selections - Identifying the right product
• Setting up the change management
• Business buy in’s to be part of the implementation
• Compliance roles and responsibilities
• Build Policies and Procedures
• Trainings

Also have worked with the likes of:

• Al-Futtaim – Dubai, U.A.E.
• KPMG – Toronto, Canada
• Saudi Aramco – Dhahran, K.S.A
• Saudi Electric – Dammam, K.S.A
• SABIC – Jubail, Riyadh K.S.A
• National Research Center – Ottawa, Canada
• BC Gas – Vancouver, Canada
• Ontario Power Generation – Toronto, Canada
• Qatar Petroleum – Doha, Qatar
• CN Railways – Montreal, Canada
• Tenneco Packaging – Chicago, U.S.A
• Micron – Idaho, U.S.A
• Rothmans - Toronto, Canada
• Forest City – Cleveland, U.S.A
• Saudi Airlines – K.S.A.
• Cameco – Saskatoon, Canada
• GEMS Education – Dubai, U.A.E.
• Qatar Aluminum – Doha, U.A.E

 

 

 

 

SAP Experiences

 

                                               

                                               

                                                Client:       PwC – Dubai, U.A.E

                                                Role:         SAP Senior Manager

                                                Clients:     Qatar Aluminum, GEMS Education

                                                Sept 2015 --- Current

 

·         Manage and delivered large SAP GRC and Microsoft Dynamics programs for key Customer accounts

·         Delivery including; budget, quality, customer satisfaction and solution assurance.

·         Ensured related resource planning, deliverables and team expectations are appropriately managed

·         Worked with customers to understand and analyze business requirements turning opportunities into contracted statements of work

·         Work extensively with onsite and offshore teams to ensure successful delivery

·         Managed strategic, operational and financial aspects of SAP project delivery

·         Managed client interaction and expectations

·         Communication and Stakeholder Management with the customer to ensure project delivery is, in line with expectations

·         Project billing

·         Verification of Project Plans developed to ensure satisfactory delivery

·         Adhere to PMO Program Quality Management Plan and deliver Program Artifacts 

·         Aggressively manage issues escalation and risk mitigation strategies 

 

                                                Client:       Al Futtaim Group – Dubai, U.A.E

                                                Role:         Senior Manager

                                                June 2013 --- Sept 2015

 

·         Senior Manager – SAP GRC and Security

·         Design, Co-ordinate, Assign, Implement Work Strategies 

·         Written/Reviewed SAP Access Controls Policies & Procedures

·         GRC requirement gathering

·         Product Selection – Help identify the right product for GRC

·         Design, Co-ordinate, Assign, Implement Work Strategies 

·         Written/Reviewed SAP Access Controls Policies & Procedures

·         Implemented IS Auto for Al Futtaim Motors and other affiliates

·         Implemented DBM authorizations and customizations build into IS Auto

·         Manage SAP Security resources

·         Primary contact for Audits and prepare responses for Internal and External Audits

·         Worked intensively with Functional teams to understand security needs & helped them build Role Matrix

·         Reviewing business and functional requirements and help them build Role Matrix

·         Implemented SAP FIORI security for HR ESS & MSS

·         Successfully did POC for Simplified Finance for Retail business

·         Successfully audited SAP Licensing tool

·         Worked extensively with Internal/External auditors to implement the recomendations

·         Setting up change management roles and responsibilities

·         Help IT management to buy in from Business to be part of GRC project

·         Provide team leadership by establishing clear direction, a productive culture, and measurable goals in pursuit of the overall security strategic roadmap

·         Work with business leaders to understand requirements and create security solutions that reduce risk and enable secure business operations

·         Partner with teams to provide threat intelligence, incident response, and network security, to identify, automate and eliminate threats to the company

·         Manage security vendors from selection to ongoing operations

·         Understand, develop, support, and apply a risk management framework

·         Develop and manage a risk assessment process including awareness and training

·         Coordinate with internal audit to create risk-based programs that achieve appropriate auditing, validation, and checks and balances

·         Develop metrics & dashboards to highlight risk levels for internal visibility

·         Manage open audit issues and drive to closure to meet commitments

·         Responsible for everything from operation of infrastructure and applications to the overall orchestration and support of AFG SAP solutions

·         Ensures stable operation and high customer satisfaction

·         Plans, directs and coordinates the operations of an organisation for specific customer account / accounts.

·         Coordinates, manages and monitors the workings of various departments within the organisation to meet SLA’s

·         Reviews financial statements and data. Utilizes financial data to improve profitability. Prepares and controls operational budgets. Plans effective strategies for the financial well-being of the operation.

·         Plan the use of resources. Establishes functional structures. Delegates tasks and accountability's. Monitors and evaluates performance

·         Makes recommendations to peers to improve business results

·         Improve processes and policies, in support of organisational goals. Formulates and implements departmental and organisational policies and procedures to maximize output

·         Monitors adherence to rules, regulations and Procedures

·         Identify GAPS to improve processes

 

 

 

                                                Client:       Qatar Petroleum – Doha Qatar

                                                Role:         Senior SAP Security GRC/Lead

                                                January 2011 --- June 2013

 

·         Implemented GRC 10 - Access Controls Module

·         Integrated LDAP Sync with CUA

·         Lead BI Security upgrade project – Migration to Analysis Authorizations (ver 7.2)

·         Developed ASAP Roadmap for project work & developed support strategies

·         Responsible for developing SAP Security Roles/Authorizations

·         Developed User Access Reviews for end user business reviews

·         Primary contact for Audits and prepare responses for Internal and External Audits

·         Worked intensively with Functional teams to understand security needs & helped them build Role Matrix

·         Responsible for development, maintenance and support of security roles in the SAP BI & Business Objects - BOBJ

·         Technical expertise in core skills of SAP BI 7.0 security analysis authorization concept.  

·         Comprehensive experience with SAP Profile Generator Tool

·         Reviewing business and functional requirements and help them build Role Matrix

·         Design, Co-ordinate, Assign, Implement Work Strategies 

·         Written/Reviewed SAP Access Controls Policies & Procedures

 

Client:       Saudi Electric – Al Khobar

                                                Role:         SAP Security Lead

                                                August 2010 --- January 2011

 

·         Team lead for Security & Authorizations

·         Design, Co-ordinate, Assign, Implement Work Strategies 

·         Written/Reviewed SAP Access Controls Policies & Procedures

·         Conduct Training for Site Authorization Administrators

·         Implemented ASAP business plan

·         Involve in technical design of SAP Authorization to fit the  Site Specific requirement & Structure

·         Integrated Portal Roles with SAP Roles

 

 

                                                Client:       CN Railways – Montreal, Canada

                                                Role:         SAP Security Lead Architect

                                                December 2009 till June 2010

 

·         Co-ordinating role across the SAP delivery in general, giving a wide contact to many skilled specialists throughout the company

·         Manage SAP Security, Basis Helpdesk resources

·         Responsible for everything from operation of infrastructure and applications to the overall orchestration and support of AFG SAP solutions

·         Ensures stable operation and high customer satisfaction

·         Plans, directs and coordinates the operations of an organisation for specific customer account / accounts.

·         Coordinates, manages and monitors the workings of various departments within the organisation to meet SLA’s

·         Reviews financial statements and data. Utilizes financial data to improve profitability. Prepares and controls operational budgets. Plans effective strategies for the financial well-being of the operation.

·         Plan the use of resources. Establishes functional structures. Delegates tasks and accountability's. Monitors and evaluates performance

·         Makes recommendations to peers to improve business results

·         Improve processes and policies, in support of organisational goals. Formulates and implements departmental and organisational policies and procedures to maximize output

·         Monitors adherence to rules, regulations and

·         Procedures

·         Identify GAPS to improve processes

·         Migrated BW Authorization from 3.5 to BI Analysis Authorizations by running the migration program

·         Developed new Analysis Authorizations using ASAP methodologies

·         Developed support roles for project and team members

·         Activated authorization objects to make them authorization relevant

·         Created hierarchy node variables (Query Designer) for BI queries.

·         Researched and applied OSS Notes (SNOTE) to resolve hierarchy node security, and RSECAUTH / RSECADMIN performance issues.

·         Maintained authorization fields (SU20) for the authorization object R_PM_NAME (Planning Folder) in BI.

·         Troubleshoot and supported BW and BPS security roles and analysis authorizations.

·         Conduct testing of new BI Security

·         Re-designed BW Security/Authorizations

·         Traced user authorization errors (ST01, SU53, SM19, SM20, and RSECADMIN).

·         Maintained Assignment of Authorization Objects (SU24).

·         Maintained program authorization groups (Report RSCSAUTH) and table authorization groups (SE54) to protect access to programs and tables.

 

 

 

Client:       Rothmans Canada

                                                Role:         SAP GRC/BI Security Lead Architect

                                                April 2009 --- November 2009

 

·         Migrated to BI Security using Analysis Authorizations Concept from BW 3.5 to 7.0

·         Work with internal & external auditors to review checks & balances

·         Reviewed Security Policies & Procedures

·         Performing detailed technical vulnerability assessments on SAP environments

·         Conducting SAP risk analysis and advising clients on appropriate mitigating actions to address the highlighted risks

·         Performing SAP security internal audits and reporting on
findings and recommendations

·         Redesigned SAP Roles to meet the client requirements

·         Designed/Implemented BW/SEM Security

·         Assigned authorization profiles for each user for given Info Objects

·         BW Hierarchy Authorizations ODS used as input to generate authorization profiles for Hierarchies/SBU/ Company Code Level

·         Linked User IDs with business roles, for smoother process integration, easier access management, and

Comprehensive enterprise governance

·         Implemented Identity Management as a user provisioning solution

·         Performing detailed technical vulnerability assessments on SAP environments

·         Conducting SAP risk analysis and advising clients on appropriate mitigating actions to address the highlighted risks

·         Performing SAP security internal audits and reporting on
findings and recommendations

·         Reduced the security risks faced by implementing Identity Management with SAP GRC Access Control to provide an integrated solution for Identity and Access Management, ensuring and monitoring for compliant provisioning

·         Implemented complete GRC Suite 5.3

·         Implemented ASAP Methodologies

 

 

 

Client:       NRC-CNRC National Research Council Canada

                  (Ottawa – Canada)

                                                Role:         SAP BI Security/GRC Architect

                                                December 2008 --- March 2009

 

·         Designed, developed, and maintained roles for HR / FI , BI / BW

·         User maintenance based on Position Based security for the support team during the security role testing phase.

·         User creation in portal using User Management Engine (UME) during the role testing phase.

·         Transported roles within clients (SCC1) for unit testing.

·         Troubleshoot and supported HR security for Go-Live and post Go-Live.

·         Maintained the security Role Design Database.

·         Created Analysis Authorizations (RSECADMIN / RSECAUTH) to restrict BI reporting users.

·         Optimized the authorization relevant checks on InfoObjects in BI.

·         Created (RSA1) the DSO (ODS) objects, Source system, Data sources, Transformations, and DTP (Data Transfer Process) for automated Generation of Authorizations to support the hierarchy node based security for BPS.

·         Created hierarchy node variables (Query Designer) for BI queries.

·         Researched and applied OSS Notes (SNOTE) to resolve hierarchy node security, and RSECAUTH / RSECADMIN performance issues.

·         Maintained authorization fields (SU20) for the authorization object R_PM_NAME (Planning Folder) in BI.

·         Troubleshoot and supported BW and BPS security roles and analysis authorizations.

·         Mapped BPS to Portal roles.

·         Developed ECATT scripts (SECATT) to create custom authorizations in BW and assign users to the custom authorizations (RSECADMIN).

·         Traced user authorization errors (ST01, SU53, SM19, SM20, and RSECADMIN).

·         Maintained Assignment of Authorization Objects (SU24).

·         Maintained program authorization groups (Report RSCSAUTH) and table authorization groups (SE54) to protect access to programs and tables.

 

 

                                                Client:       Cameco – Saskatoon (Saskatchewan)

                                                Role:          SAP Security Architect / Audit Control

                                                September 2007 --- November 2008

                                               

·         Design MM Security Release Strategy using HR Structure

·         Design MM workflow strategy to automate user access requests

·         Implemented MM Workflow security by using the standard workflow solutions with minimal changes to MM Release strategy configuration tables based on that the roles were redesigned and reduced from 2000 roles to close to 100 roles ONLY.

·         Integrated MM Workflow release strategy roles with HR org structures based on that the amount was set for each requisition approval & automate email was setup as well

·         Daily monitoring & troubleshoot authorization issues

·         Meet with function leads to address new enhancements/modification

·         Installed Approva – Biz Rights 3.5 with standard rule sets in 2 different environments DEV/QA and Production

·         Created Compensating Controls based on SOD analysis and business requirements

·         Technical upgrade of BizRights from 3.5 to 4.0 to integrate new reports/tabs

·         Implemented FI/CO, MM, HR rule sets

·         Scheduled background jobs and integrated workflow for approvals such as user request forms

·         Implemented BizRights security for various team members to have access to reports

·         What-If analysis reports ran to identify any SOD issues against roles & users

·         HR position based security review & analysis

·         Work with internal & external auditors to review checks & balances

·         Reviewed Security Policies & Procedures

·         Performing detailed technical vulnerability assessments on SAP environments

·         Conducting SAP risk analysis and advising clients on appropriate mitigating actions to address the highlighted risks

·         Performing SAP security internal audits and reporting on
findings and recommendations

 

 

                                                Client:       Forest City – Cleveland (OHIO)

                                                Role:          SAP Security / Audit Lead

                                                October 2006 --- August 2007

 

·         Team lead for Security & Authorizations

·         SAP Technical Structure and promote to Production Strategy

·         Involved in evaluation of business processes

·         Design high-level strategy for SAP Security (Architecture)

·         Worked on Portal Security - UME

·         Design/Implemented BW/SEM Security

·         Assigned authorization profiles for each user for given Info Objects

·         Migrated to BI Security using Analysis Authorizations Concept

·         Assigned authorization profiles for each user for given Info Objects

·         BW Hierarchy Authorizations ODS used as input to generate authorization profiles for Hierarchies/SBU/ Company Code/Profit Center Group Level

·         Implemented SOX – VIRSA & set SOD rules – GRC tools

·         Worked on Virsa Compliance Calibrator, Virsa Firefighter,  Role Expert, Audits

<span style="color:#000000;font-size:12pt;font-fam