Hassan El Aboubi - SAP Authorization Consultant

Frankfurt am Main, Germany

Experience

Jun 2025 - Jun 2025

1 month

Bad Oeynhausen, Germany

SAP Authorization Consultant

msg/Denios

Support for the DENIOS S/4HANA greenfield transformation. - Role development based on the organizational model and structure. - Creation of roles based on process and steps in swimlanes. - Derivation of catalogs, spaces, pages and sections from process IDs. - User assignment via the organizational structure. - Authorization administration in the S/4HANA landscape with a Fiori-first approach. - Consulting and development in the S/4HANA greenfield area.

Mar 2025 - Jan 2026

11 months

Mannheim, Germany

Remote

SAP Authorization Consultant

Fuchs SE

S/4HANA greenfield transformation to go with a focus on developing and implementing a company-wide authorization concept. - Creation of a new global S/4 authorization framework concept and the associated organizational structure. - SAP authorization and user administration including security, SoD and vulnerability analyses. - Design and definition of new authorization roles in compliance with requirements, as well as development and execution of test concepts. - Advising departments and role and process owners on granting and changing authorizations and coordinating requirements implementation. - Fiori authorization administration in the S/4HANA landscape with a Fiori-first approach. - SAP Cloud CALM authorization administration. - Consulting and development in the S/4HANA, Fiori, apps, spaces & pages environment.

Feb 2025 - Dec 2025

11 months

Hamburg, Germany

SAP Authorization Consultant

Otto Krahn

Participation in the "S/4HANA Conversion RFC987" project for the transformation to S/4HANA 2023 FPS02. - Analysis and optimization in the area of Identity & Access Management (IAM). - Analysis of existing authorization structures in the SAP ECC 6.0 EHP 8.0 landscape. - Identification and documentation of optimization potential in user and role management. - Development and implementation of a role-specific authorization concept for migration to S/4HANA. - Adjustment and management of roles and profiles according to new S/4HANA requirements including SU25 and SU24. - Review and cleanup of outdated authorizations and critical access rights. - Preparation of detailed technical documentation of the analysis results and the authorization concept for handover to the client. - Creation of training materials on authorizations and security policies in S/4HANA. - Consulting and support for the S/4HANA conversion and transformation/migration.

Mar 2024 - Dec 2024

10 months

Munich, Germany

SAP Authorization Consultant

BestSecret Retail

Implementation of S/4HANA in a greenfield approach with a focus on authorizations and access management. - Role development in close coordination with the departments. - Setup of an authorization concept, role concept and technical concept. - Fiori role development including apps, catalogs, spaces and pages, as well as "Fiorization" of GUI transactions. - Optimization of the approval process for purchase requisitions. - Maintenance of SU24 and management of transport management. - User maintenance and cleanup of SoD conflicts, ensuring segregation of duties. - Handling defects, error analysis and traces. - Creation and adjustment of AfO roles. - Incident management and support in daily operations using Jira and ServiceNow. - Support for the BC, FI, CO, SD, MM, EWM and Retail modules.

Jun 2023 - Dec 2023

7 months

Hanover, Germany

SAP Authorization Consultant

VHV Versicherung

Support for the SAP HANA transformation with a focus on authorizations and role development. - Role development in coordination with departments for the S/4HANA transformation with new authorization objects. - Maintenance of SU24 with variants. - ABAP role development (PFCG). - Cleanup of SoD conflicts and ensuring segregation of duties. - Use of the SAST GRC suite, among others for fallback users. - Handling defects and Jira tickets, Focused Build and Ivanti. - Support for the BC, FI, CO, ILM, FSCD, CML, SD and MM modules.

Dec 2021 - Apr 2023

1 year 5 months

Moringen, Germany

SAP Authorization Consultant

Piller Blowers & Compressors

Carried out SAP authorization projects with a focus on Fiori role development and system cleanup. - Developed S/4HANA Fiori roles (apps, catalogs, groups). - Developed ABAP roles using PFCG. - Conducted user traces and analyses. - Used Xiting XAMS Role Designer for evaluations and gained initial experience with the tool. - Cleaned up the system and removed conflicts, including removing SAP_ALL from several users and reassigning roles. - Supported the modules FI, CO, SD, MM, HCM, PP, and BW/BI. - Handled tickets via Jira.

Apr 2021 - Jun 2023

2 years 3 months

Ober-Ramstadt, Germany

SAP Authorization Consultant

DAW SE Deutsche Amphibolin-Werke

Supported the SAP HANA migration with a focus on authorizations and Fiori role development. - Migrated to S/4HANA and built an S/4HANA authorization concept. - Developed S/4HANA Fiori roles (apps, catalogs, groups). - Used S/4HANA web services and developed ABAP roles (PFCG) for backend and frontend landscapes. - Created an SoD risk matrix and cleaned up the system to remove conflicts. - Analyzed and resolved authorization issues. - Handled helpline tickets. - Supported the modules FI, CO, SD, MM, PP, and master data authorizations.

Jun 2020 - Dec 2020

7 months

Lübeck, Germany

SAP Authorization Consultant

Drägerwerk

Supported the migration to S/4HANA with a focus on SAP authorizations, SAST, and role development. - Developed S/4HANA Fiori roles and ABAP roles (PFCG). - Created and implemented an S/4HANA authorization concept. - Used the SAST Akquinet tool for risk and authorization analysis. - Managed VIM roles and Pro-X. - Analyzed and resolved authorization issues in FI, CO, SD, MM, PP, and BW. - Used ChaRM, Footprint, and ServiceNow for change and incident management.

Aug 2018 - Dec 2020

2 years 5 months

Frankfurt, Germany

SAP Authorization and GRC Consultant

DZ Bank

Coordinated projects in SAP authorizations, role administration, and GRC risk evaluation. - Performed SIEM-based reviews of SAP systems for access risks. - Evaluated systems for critical authorizations and roles, cleaned up roles, and created roles (PFCG). - Implemented requirements according to BaFin (MaRisk, BAIT), DSAG, and BSI. - Maintained and updated the GRC ruleset and supported IT governance. - Handled audit findings and review reports, including technical documentation. - Analyzed and resolved authorization issues. - Conducted GRC ARA evaluations and SoD conflict analyses in FI, CO, CML, SD, MM, and EWM. - Communicated with business units and coordinated team tasks in SAP authorizations. - Used ServiceNow, Jira, and ChaRM for changes and tickets.

Feb 2018 - Jul 2018

6 months

Rottendorf, Germany

SAP Authorization Consultant

S.Oliver

Administered SAP roles and authorizations in the newly set up Solution Manager 7.2. - Set up authorization roles for ChaRM and ITSM. - Assigned permissions for RFC users to trusted systems. - Maintained Fiori Launchpad catalogs and access permissions. - Troubleshot authorization issues and provided daily support. - Managed database admin and developer roles via HANA Studio. - Handled tickets via RFS (Request Fulfilment Service).

Aug 2016 - Dec 2017

1 year 5 months

Einbeck, Germany

SAP Authorization Consultant

KWS Saat

Administration of SAP roles, authorizations, and user management in ERP, HCM, BI, CRM, PI, and Solution Manager 7.2. - Use of SAP GRC 10.1, including UAM, Firefighter, and role and approver maintenance. - Implementation of the KPMG business roles concept with workspace rules via composite, single, menu, and module roles. - Cleaning up systems based on auditor recommendations from E&Y and Deloitte. - Checking SAP systems for access risks and critical authorizations and roles. - Conducting internal control audits and system assessments. - Analyzing and resolving authorization issues, and creating the authorization concept and documentation. - Working with SAP Solution Manager 7.2 and SAP HANA Cloud authorizations, including Fiori. - Using the ticket systems SolMan and MS Service Manager Console. - Transferring knowledge to internal staff.

Apr 2014 - Jul 2016

2 years 4 months

Cologne, Germany

SAP Authorization Consultant

Lufthansa AG

Adapting and implementing the authorization concept and documenting it across ERP, BW, and SRM. - Developing and adjusting roles, including add-ons. - Maintaining authorizations with PFCG (Profile Generator). - Managing authorizations in the BW data warehouse, including BI-specific analysis authorizations (RSECADMIN). - Handling tickets with SAMOA and Jira. - Troubleshooting and developing solutions for authorization issues using SU53, SUIM, ST01, STAUTHTRACE, SU01, SU10, SU24, SE16. - Maintaining authorizations in BW data warehouse, RSECADMIN, AWARDs, and workflow maintenance in PPOM. - Conducting internal control audits and system assessments. - Assigning roles by cost center (OKEN, OKKS, KS13). - User management and user administration (SU01), including migration, test, and emergency users. - Transferring knowledge to colleagues in Poland.

Oct 2012 - Apr 2014

1 year 7 months

Erlensee, Germany

SAP Authorization Consultant

Honda

Adapting and implementing the authorization concept across modules. - Developing and adjusting roles using APM Atlantis (Real Time). - User management in Solution Manager. - Maintaining authorizations with PFCG (Profile Generator) in ERP and Solution Manager. - Supporting the Vehicle Management System (VMS) with VELO, VELORO, VELORU, V_CLVC19, V_CLVC23, V_CLVC36 transactions and table maintenance. - Providing international support, handling tickets (SNOTE, IBM Infonotes), and troubleshooting authorization issues using SU53, SUIM, ST01, SU24, SE16. - Planning and monitoring jobs (SM37, SM36) and maintaining jobs (J5HEN, J5HBN). - Using QuickViewer (SQ00, SQVI). - User management and administration (UAM by CSC) with SU01, AL11, and SU10. - Transferring knowledge to IBM India outsourcing colleagues.

May 2010 - Jun 2012

2 years 2 months

Würzburg, Germany

SAP Authorization Consultant

E.ON IT

Coordinating the team, including planning and managing authorization tasks. - Implementing authorization concepts, developing and adjusting roles. - Managing users in project and production systems for FI, CO, SD, and MM modules across all E.ON companies worldwide. - Creating test, migration, and system users. - Handling tickets with Remedy. - Archiving using Livelink ECM (IXOS). - Working in the ABAP, FI, CO, SD, and MM environment.

Jun 2009 - Dec 2009

7 months

Eschborn, Germany

SAP Authorization Application Support

Commerzbank (Eurohypo Bank)

Application support for SAP authorizations for about 1,500 users in FI, CO, and MM modules. - Supporting project audits for critical authorization combinations (SoD violations) using audit catalogs (BC, FI, CO, MM) and the DSAG audit guide. - Handling change requests and role error fixes (second/third level support). - Analysis using authorization trace (SU53, ST01) and ABAP debugging. - Correcting and testing roles (PFCG). - Quality assurance of roles and transport management (STMS). - Analyzing lock entries and posting failures (SM12, SM13) and syslog analysis (SM21). - Designing business roles and creating IT guidelines and QA measures. - Conducting audit-related QA analyses of business area requirements. - Working in the SAP R/3, ECC 6.0, FI, CO, MM, IS-B, and BC environment.

Sep 2008 - Jan 2009

5 months

Zurzach, Switzerland

SAP Application Support - Authorizations

Triumph International

User and authorization administration in SAP ERP 2005 (SAP R/3). - SAP role design based on business requirements. - First and second level support. - Password administration, user creation, maintenance of runtime data and role assignment (SU01, SU10). - Troubleshooting and testing of roles (PFCG, SUIM). - Performing authorization traces (ST01). - Role design according to department guidelines and review of critical authorization content in roles and user accounts.

Apr 2008 - Dec 2010

2 years 9 months

Frankfurt, Germany

SAP Application Support - Authorizations

BHI

Managed development of the BHI Compliance Manager, a database application for identifying critical authorization combinations in user masters based on SoD matrices for BC, FI, CO, MM, SD, and IS-U. - Led the Compliance Manager service department. - Installed the application at customer sites, supported implementation, redesigned authorizations, and prepared audits with the Compliance Manager. - Scheduled and allocated resources and provided 2nd-level support for the Compliance Manager and authorization administration. - Used the BHI Compliance Manager to create audit reports in SAP systems according to SoD matrices, considering legal requirements (SOX, 8th EU Directive, Basel II, KonTraG). - Worked in the BC, FI, CO, MM, SD, and IS-U modules.

Apr 2008 - Aug 2008

5 months

Düsseldorf, Germany

SAP Application Development

Metro AG

Development in Central User Administration (CUA) under SAP ERP 2005. - Created reports for mass user creation in CUA. - Developed programs for mass corrections and mass updates. - Applied OSS notes. - User administration including user creation and role assignment (SU01, SU10). - ABAP development in ABAP, BC, FI, MM, and SD areas.

Skills

Expertise: S/4hana, Ecc And Fiori Authorizations, Sod Conflicts – Matrix And Remediation, Authorization Roles And User Administration, Sap Compliance And Authorization Including Implementation Measures, Sap Grc 12, Xiting Xams, Sast-akquinet, Implementation Of Authorization Concepts In An International Environment, Quality Assurance, Knowledge Transfer And Coaching In An International Setting
Project Type: Sap Consulting For Authorizations, Grc And User Administration
Industry Experience: Financial Services, Medical Technology, Automotive Industry, Automotive Suppliers, Mechanical Engineering, Energy Providers, Apparel Industry, Retail, Aviation, Agriculture, Paint And Construction
Sap Skills: S/4hana, Fiori, Sap Erp, Hana, Grc, Ecc, Fi/co/mm/sd, Cml, Cms, Is-u, Crm, Bi, Solman 7.2
Methods/tools: Servicenow, Jira, Helpline, Focused Build, Ivanti, Apm, Ms Office, Uml, Erm, Case Tools Rational, Rose, Visio
Programming Languages: Abap, Html, Javascript, Pl/sql, Sql, Vba, Cobol, Smalltalk, Shell
Operating Systems: Windows