Professional Documents
Culture Documents
Mohammed Humair: SAP Security and GRC Consultant
Mohammed Humair: SAP Security and GRC Consultant
Professional Summary
Over 7+ years of IT experience with excellent experience in SAP ECC Security, FIORI, GRC, and S4
HANA.
Excellent working experience in GRC Access Control (AC), ARA, ARM, EAM, BRM
Excellent Experience in multiple Implementations, Support, upgrades, and rollouts Projects.
Strong Experience in User and Role Administration, troubleshooting authorization issues,
ticketing tools.
Worked with auditors to support audit, execute risk analysis on the roles and fix them or
recommend compliance team to implement mitigating controls.
A good team player with strong interpersonal and communication skills, excellent problem
solving and troubleshooting abilities.
Education
Masters Degree in Management Information Systems (MIS),
Concordia University Wisconsin, Wisconsin, USA.
Core Competencies
SAP Security Authorizations (ECC, FIORI, GRC, Netweaver Gateway, Enterprise Portal, and S4
HANA)
GRC Access Control (ARA, EAM, ARM and BRM).
1
Professional Experience
Responsibilities:
Designed and implement roles for ECC, FIORI, GRC, and S4 HANA.
Discussed the requirements with the Business for Fiori Applications using Fiori Library and create
roles accordingly.
Worked on GRC tool and executed SOD reports through GRC tool.
Documented major transactional processes for SOX compliance assessment.
Formulized SOX change management process for related documentation to ensure update reviews.
Checked SOD risks through GRC.
Assisted users in creating, raising request through GRC for user authorization.
Assigned temporary privileges to users through Fire Fighter.
Discuss the requirements for custom transactions with the Functional and Development team and
ensure that appropriate authorization checks are developed and update custom authorization
objects in SU24.
Create Master Roles for various functional teams and derive country specific roles restricted by
organizational values.
Create Single Roles in case where the Derive Roles concept does not support the Role Design.
Provide authorization support for missing authorization using ST01 or STAUTHTRACE
Work with various functional teams to ensure all the newly created roles, role changes are
successfully tested in Test Environment.
Transport newly created Roles across landscape using Charm.
Conduct workshops and discuss the requirements with the Business and Functional team for S4
HANA and FIORI Roles.
Prepare detailed Security Concept for S4 HANA and FIORI to get the sign-off from the client.
Coordinate with the different functional teams to identify different custom, Z transaction and map
them to the appropriate roles.
Environment:
S4 HANA, ECC, SAP NetWeaver, Solution Manager, SAP Enterprise Portal, SAP HANA Studio, SAP HANA
COCKPIT, SAP HANA DB, Oracle, Linux, Windows NT
2
Websphere Administrator
Client: AT&T, St Louis, MO.
Duration: May 2007 to Aug 2009
Responsibilities:
Responsible for installation, configuration and Administration WebSphere Application Server
7.0/6.1, WebSphere Network Deployment Manager 7.0/6.0, IBM HTTP server 7.0/6.1 software
on AIX, LINUX, Solaris, HP-UX, and Windows platforms.
Participated in walk through and review meetings with Project manager, Business Analyst and
development teams to know about their existing business process and accommodate their
process in WebSphere technologies.
Participated weekly defect meeting with the project team including all stakeholders (QA team,
Development team, business stakeholders, project management).
Installed Refresh Packs, various Fix Packs and cumulative fixes as per the IBM specification for
both WebSphere and IHS.
Installed and configured IBM HTTP Server 6.1/6.0, created web server definition and
regenerated the web server plug-in on WAS to route the traffic from web server to Application
Server tier.
Migrated the application server from WebSphere v6.0.2.17 to v6.1.0.15 using WASpreUpgrade
and WASpostUpgarade command line tools.
Installing and maintaining certificates (iKeyman), virtual hosts, key database, Web Server plug-
in, log rotation for Web Servers.
Setup clusters and core groups in Deployment Manager.
Successfully implemented Work Load Management (WLM) using clustering (vertical and
horizontal) and cloning to make the application highly available.
Monitored the CPU/Memory utilization, file systems, processes (httpd, JVM, Node Agent, dmgr)
using Tivoli Performance Viewer and Wily Introscope.
Interacted closely with developers, database administrators, and OS administrators for resolving
issues related to applications.
Performed heap dumps and thread dumps to analyzed using heap and thread analyzers to find
out the bottleneck of the application server hung and out of memory exceptions.
Escalating Issues to IBM opening the Problem Management Records (PMR).
Environment:
WebSphere Application Server 7.0/6.0/5, BEA Weblogic 9.0/8.1, WebSphere MQ 6.0/5.3, IBM HTTP
Server 2.0.47/1.3.19, Tivoli Performance Viewer, Wily Introscope, IIS, Oracle 10g/8i, DB2, AIX 5.3, Linux,
HP-UX, Sun Solaris, Windows NT/2003, DHTML, XML, JSP, Servlets.