Assisted Business/Client with the technical separation of GAS and Electricity.
Facilitated design workshops with the business to define Newco business role requirements for both projects and BAU environment.
Completed both Retainco and Newco build
Set up users in GRC as risk owners, role owners, mitigation monitor or approver.
Split Customers, Vendors, etc. as per MDG design
Provided Risk Analysis per business roles
Supported ELS, SIT, TSA, UAT and regression testing
Determined and reported if any risks were introduced by simulating the addition of transactions, Roles, or Profiles to a User ID.
Worked with KPMG, PwC, Deloitte functional Consultants and auditors for audit findings etc..
Performed and supported multiple cutover activities
Produced SoD Analyticol Reports against Users, User Groups, Roles and Profiles
Day to day technical support and resolution of Security Issues.
Providing information for the ISO27001 audit and documenting the procedures for access controls
National Grid
Birmingham
4 years 10 months
2016-10 - 2021-07
Supporting role design and re-design
SAP Security/Authorizations & GRC Consultant
SAP Security/Authorizations & GRC Consultant
Supporting role design and re-design for project work for global rollout
Designing composite, Derived and Single roles and user privileges
Troubleshooting authorization errors using transactions SU53, ST01 and STAUTHTRACE
Delivering workshop to business for role access and GRC FF process
Carrying out user analysis for critical access and sensitive access
UAT testing and positive and negative testing
Working with KPMG auditors for audit findings
Gathering and documenting role design and user matrix
Supporting users on authorisation failure and role remediation
Running ARA report for SoD analysis and mitigation controls
Designed and built single, composite, parent and derived roles using PFCG including complex design restrictions and updated the role with the relevant Organizational units as per the business requirement.
User administration (creating, maintaining, deleting, locking and unlocking user accounts and assigning roles) Managing user login parameters and password parameters.
Troubleshooting authorization errors using transactions SU53, ST01 or STAUTHTRACE
Run analysis reports using SUIM for users, roles, profiles, authorizations, authorization objects as well as change documents for users, roles and objects.
Worked extensively with SEOI, SE09 & SE10 in managing mass transport, Used Rev-track for transporting changes through the landscape.
Worked with Basis to create RFC connection between GRC and source system and performed the Synchronisation.
Performed the synchronisation of roles into GRC and associated the attributes to the synchronised roles via the role import in NWBC.
Performed risk analysis on both role and user level, to identify any critical action or SOD conflict.
Scheduled background jobs for risk analysis.
Created a mitigation control in GRC against various risks associated with roles and users.
Created functions, risks and assigned functions to risk.
Maintained the GRC ruleset offline by executing program GRAC_DOWNLOAD_RULES, updated GRC with the ruleset changes by executing GRAC_UPLOAD_RULES.
Creation, maintenance, and configuration of Fire Fighter user IDs for IT and Project Users.
Set up users in GRC as risk owners, role owners, mitigation monitor or approver.
Responsible for gathering requirements in both projects and BAU.
Extensively worked with team members to perform unit, regression and integration testing.
Assisted the Controls and Compliance team and auditors when information was requested for operated Business or IT Controls
Optimum Aim Solutions
8 months
2012-08 - 2013-03
Running customer records providing analytic reports
Finance Clerk
Finance Clerk
Responsible for running customer records providing analytic reports to management for weekly monthly and quarterly stats for finance. Taking Inbound and outbound calls for customer queries and chasing customers for payment
Using SAP for running AR customer master data list
AR customer balance reports
AR Customer Line items
AR customer open items
AR Customer payment history
Fuel Card Services
2 years 8 months
2009-10 - 2012-05
Monitored multiple databases keeping track
Self Employed Courier
Self Employed Courier
Followed the requirements and regulations for dangerous goods handling.
Documented waybill data and dimensions and weights of cargo in computer database.
Monitored multiple databases keeping track of all company inventory.
Delivered on outstanding level of service to each customer by listening to concerns and answering questions.
Researched and updated all required materials needed for firm and partners.
Verified shipments against documents to maintain accuracy and records.
Export and Import Ltd
1 year 11 months
2007-09 - 2009-07
Instructional strategies
AQA Teacher
AQA Teacher
Communicated frequently with parents, students and faculty proving feedback and discuss instructional strategies.
Collected, analysed and tracked data on student progress.
Assisted in developing student-led after-school tutoring programme to teach under-privileged students.
Preserved and served the data protection Act
Met with parents to resolve conflicting educational priorities and issues.
Maintained lesson materials, bulletin board displays and demonstrations.
Created lesson plans and scheduled each day to promote maximum student learning and enrichment
Enforced the school's code of conduct to deal with problem situations.
Alfurqan Primary School
Aus- und Weiterbildung
Aus- und Weiterbildung
2 years 1 month
2012-01 - 2014-01
Banking, Finance and Management
Master, Markfield Ins of Higher Education, Leicestershire
Master
Markfield Ins of Higher Education, Leicestershire
1 year 1 month
2008-01 - 2009-01
Information Technology
NVQ Level 2, Matthew Boulton College
NVQ Level 2
Matthew Boulton College
01/2007
Baccalaureus: Arabic and Islamic Studies
Arabic and literature Faculty, Damascus
CERTIFICATIONS
(CC) Certified In Cybersecurity
SAP GRC 12.0 AC Certified
SAP S/4 Hana Security & Fiori Certified
Privacy and Data Protection
ISO/IEC 27001:2013, Information Security Management Systems
Code of Ethical Business Conduct
Data Privacy
HACCP Level 2 Achievement
Certificate: Safeguarding Young People
CISM - Certified Information Security Management
Position
Position
SAP Security and GRC Consultant | Information Security
Senior SAP Security and GRC consultant with more than nine years of experience strengthening access control, governance and compliance across large SAP landscapes. I support end to end security design and lead security workstreams for global S4HANA and GRC programmes. I focus on authorizations, SoD, risk management and controlled access that aligns with business needs and regulatory expectations.
I have delivered security solutions and supported operations across key SAP platforms including ECC, S4HANA, Fiori, BW and GRC. I also support ISO27001, SOX and GDPR requirements through clear access governance and audit-ready controls. I work with project teams, auditors and stakeholders to build secure designs, resolve access issues and maintain strong governance throughout the lifecycle
Einsatzorte
Einsatzorte
Deutschland, Schweiz, Österreich
möglich
Projekte
Projekte
4 years 6 months
2021-07 - now
SAP Security/Authorizations & GRC
Assisted Business/Client with the technical separation of GAS and Electricity.
Facilitated design workshops with the business to define Newco business role requirements for both projects and BAU environment.
Completed both Retainco and Newco build
Set up users in GRC as risk owners, role owners, mitigation monitor or approver.
Split Customers, Vendors, etc. as per MDG design
Provided Risk Analysis per business roles
Supported ELS, SIT, TSA, UAT and regression testing
Determined and reported if any risks were introduced by simulating the addition of transactions, Roles, or Profiles to a User ID.
Worked with KPMG, PwC, Deloitte functional Consultants and auditors for audit findings etc..
Performed and supported multiple cutover activities
Produced SoD Analyticol Reports against Users, User Groups, Roles and Profiles
Day to day technical support and resolution of Security Issues.
Providing information for the ISO27001 audit and documenting the procedures for access controls
National Grid
Birmingham
4 years 10 months
2016-10 - 2021-07
Supporting role design and re-design
SAP Security/Authorizations & GRC Consultant
SAP Security/Authorizations & GRC Consultant
Supporting role design and re-design for project work for global rollout
Designing composite, Derived and Single roles and user privileges
Troubleshooting authorization errors using transactions SU53, ST01 and STAUTHTRACE
Delivering workshop to business for role access and GRC FF process
Carrying out user analysis for critical access and sensitive access
UAT testing and positive and negative testing
Working with KPMG auditors for audit findings
Gathering and documenting role design and user matrix
Supporting users on authorisation failure and role remediation
Running ARA report for SoD analysis and mitigation controls
Designed and built single, composite, parent and derived roles using PFCG including complex design restrictions and updated the role with the relevant Organizational units as per the business requirement.
User administration (creating, maintaining, deleting, locking and unlocking user accounts and assigning roles) Managing user login parameters and password parameters.
Troubleshooting authorization errors using transactions SU53, ST01 or STAUTHTRACE
Run analysis reports using SUIM for users, roles, profiles, authorizations, authorization objects as well as change documents for users, roles and objects.
Worked extensively with SEOI, SE09 & SE10 in managing mass transport, Used Rev-track for transporting changes through the landscape.
Worked with Basis to create RFC connection between GRC and source system and performed the Synchronisation.
Performed the synchronisation of roles into GRC and associated the attributes to the synchronised roles via the role import in NWBC.
Performed risk analysis on both role and user level, to identify any critical action or SOD conflict.
Scheduled background jobs for risk analysis.
Created a mitigation control in GRC against various risks associated with roles and users.
Created functions, risks and assigned functions to risk.
Maintained the GRC ruleset offline by executing program GRAC_DOWNLOAD_RULES, updated GRC with the ruleset changes by executing GRAC_UPLOAD_RULES.
Creation, maintenance, and configuration of Fire Fighter user IDs for IT and Project Users.
Set up users in GRC as risk owners, role owners, mitigation monitor or approver.
Responsible for gathering requirements in both projects and BAU.
Extensively worked with team members to perform unit, regression and integration testing.
Assisted the Controls and Compliance team and auditors when information was requested for operated Business or IT Controls
Optimum Aim Solutions
8 months
2012-08 - 2013-03
Running customer records providing analytic reports
Finance Clerk
Finance Clerk
Responsible for running customer records providing analytic reports to management for weekly monthly and quarterly stats for finance. Taking Inbound and outbound calls for customer queries and chasing customers for payment
Using SAP for running AR customer master data list
AR customer balance reports
AR Customer Line items
AR customer open items
AR Customer payment history
Fuel Card Services
2 years 8 months
2009-10 - 2012-05
Monitored multiple databases keeping track
Self Employed Courier
Self Employed Courier
Followed the requirements and regulations for dangerous goods handling.
Documented waybill data and dimensions and weights of cargo in computer database.
Monitored multiple databases keeping track of all company inventory.
Delivered on outstanding level of service to each customer by listening to concerns and answering questions.
Researched and updated all required materials needed for firm and partners.
Verified shipments against documents to maintain accuracy and records.
Export and Import Ltd
1 year 11 months
2007-09 - 2009-07
Instructional strategies
AQA Teacher
AQA Teacher
Communicated frequently with parents, students and faculty proving feedback and discuss instructional strategies.
Collected, analysed and tracked data on student progress.
Assisted in developing student-led after-school tutoring programme to teach under-privileged students.
Preserved and served the data protection Act
Met with parents to resolve conflicting educational priorities and issues.
Maintained lesson materials, bulletin board displays and demonstrations.
Created lesson plans and scheduled each day to promote maximum student learning and enrichment
Enforced the school's code of conduct to deal with problem situations.
Alfurqan Primary School
Aus- und Weiterbildung
Aus- und Weiterbildung
2 years 1 month
2012-01 - 2014-01
Banking, Finance and Management
Master, Markfield Ins of Higher Education, Leicestershire
Master
Markfield Ins of Higher Education, Leicestershire
1 year 1 month
2008-01 - 2009-01
Information Technology
NVQ Level 2, Matthew Boulton College
NVQ Level 2
Matthew Boulton College
01/2007
Baccalaureus: Arabic and Islamic Studies
Arabic and literature Faculty, Damascus
CERTIFICATIONS
(CC) Certified In Cybersecurity
SAP GRC 12.0 AC Certified
SAP S/4 Hana Security & Fiori Certified
Privacy and Data Protection
ISO/IEC 27001:2013, Information Security Management Systems
Code of Ethical Business Conduct
Data Privacy
HACCP Level 2 Achievement
Certificate: Safeguarding Young People
CISM - Certified Information Security Management
Position
Position
SAP Security and GRC Consultant | Information Security
Senior SAP Security and GRC consultant with more than nine years of experience strengthening access control, governance and compliance across large SAP landscapes. I support end to end security design and lead security workstreams for global S4HANA and GRC programmes. I focus on authorizations, SoD, risk management and controlled access that aligns with business needs and regulatory expectations.
I have delivered security solutions and supported operations across key SAP platforms including ECC, S4HANA, Fiori, BW and GRC. I also support ISO27001, SOX and GDPR requirements through clear access governance and audit-ready controls. I work with project teams, auditors and stakeholders to build secure designs, resolve access issues and maintain strong governance throughout the lifecycle
Vertrauen Sie auf Randstad
Im Bereich Freelancing
Im Bereich Arbeitnehmerüberlassung / Personalvermittlung