SAP Security and GRC Consultant

We have designed and delivered transformational SAP and IT Security solutions to internal technical support teams for Canada's largest Energy Company comprising of upstream, midstream and downstream operations with over 12,000 employees across Canada. Trained, supervised, evaluated, mentored, and advocated for SAP Security team of 12 analysts. Supervised day-to-day operations in support of long-term business goals and minimization of risk. Identified gaps and launched improvements to the processes and procedures of the SAP Security team.

Managed workload handoff between internal and external departments, suppliers, and vendors. Prioritized project flows, guided task implementation, and maintained supervisory authority in a high-pressure team environment, acting as escalation and mediation point for critical incidents. Evaluated customer requirements and maintained and reported on SAP support service, gap analysis, incident resolution, problem management, and disaster recovery trends and statistics. Represented team on IS Change Approval Board.

Participated as a Subject Matter Expert during GRC 10.0 Implementation and support project. This involves gathering specific clients' business requirements in developing appropriate documentation for implemented SAP GRC business processes to ease the task of performing Segregation of Duties (SOD) reviews with Risk Analysis and Remediation (RAR) tool from SAPGRC Access Control suite to ensure roles are conflict free and SOX compliant.

Involved also in engagements to scope, facilitate, and perform procedures to prepare clients for external financial audits and compliance with the Sarbanes-Oxley Act (SOX) by overseeing the performance of risk analyses, documenting control gaps, developing action plans to address control gaps, and designing and executing test procedures based on the COBIT framework.