Nitesh Kumar

Senior Manager – SAP Security & GRC

New Delhi, India

Experience

Aug 2024 - Present
1 year

Senior Manager – SAP Security & GRC

Ernst & Young (EY)

  • Responsible for implementation of roadmap and project plans for Access Management domain.
  • Driving the SAP role redesign and remediation project for a consumer goods client.
  • Managing client stakeholder expectations in terms of quality and timeliness of deliverables.
Sep 2022 - Aug 2024
2 years

Product Owner (SAP I &AM & Cloud Identity Access Governance)

Ingka Services LLP (IKEA)

  • Led the implementation of Position based Roles and Fiori UX (Space & Pages) design for S4 HANA Program (S4, MDG, BI).
  • Led the implementation and monitoring of SAP Firefighter log review automation & ITGC, GDPR Framework.
  • Working in collaboration with process leads in streamlining and modelling of the Financial & Risk Management processes.
  • Led the automation & reporting of Segregation of Duties via SAP Analytics Cloud (SAC).
Jan 2021 - Aug 2022
1 year 8 months

GRC Manager

Maersk Global Service Centre

  • Working as SME in GRC Access Management & Process Control.
  • Managing the Risk Management & Audit issues across Maersk.
  • Defining & continuous monitoring of the ITGC control across access and change management and updating the same in Archer.
  • Driving the Automation & Power BI reporting of Segregation of Duties in SAP & Legacy system.
Jan 2020 - Jan 2021
1 year 1 month
Kuala Lumpur, Malaysia

Head (Risk & Compliance)

Petronas Digital Sdn Bhd

  • Leading a team and managing end-to-end solution delivery, from analysis, design to implementation in adherence to well defined quality processes and methods for Risk & GRC process under Group Digital.
  • Driving Program Management & Service Delivery function for SAP Practice; managed a large portfolio supported by a team of 13 members.
  • Heading project budgeting & resource planning for risk & compliance projects & system regulations projects.
  • Providing implementation, post-implementation, enhancement, and support to client for applications; acting as a Portfolio Manager for Anti Money Laundering Act (AMLA) & Anti bribery business rules roll out project.
  • Leading a strategic account planning process involving financial targets and critical milestones; working on RFP responses and provided cost effective & innovative solutions, managed RFP deliverables.
  • Providing functional inputs for financial modules and localization map; preparing requirement mapping template specific to localizations requirements supported by Risk & GRC standard functionality and recommending customization, if required.
  • Successfully implemented Business Process Management & ARIS roll out for finance processes.
  • Successfully implemented GRC Policy Management &SAP GRC CCM for month end activities related to GL & Accrual.
  • Successfully implemented GRC Rule set for S4 HANA System.
  • Collaborated with Business Teams & Common Services to ensure smooth unhindered implementation of new developments by managing cost, quality and release processes by mitigating potential risks.
  • Led the SAP role re-engineering work in business and transforming the culture of technical roles to business role culture.
  • Successfully designed Control framework in GRC AC / PC for Issue to Resolution Process & Purchase to Pay Process.
  • Acted as an ARIS BPM Subject Matter Expert for business process transformation for Group Finance.
  • Solution Architect for Process Mining Capability.
Oct 2018 - Dec 2020
1 year 3 months
Kuala Lumpur, Malaysia

Manager (SAP Security & GRC Project Services)

Petronas Digital Sdn Bhd

  • Leading a team and managing end-to-end solution delivery, from analysis, design to implementation in adherence to well defined quality processes and methods for Risk & GRC process under Group Digital.
  • Driving Program Management & Service Delivery function for SAP Practice; managed a large portfolio supported by a team of 13 members.
  • Heading project budgeting & resource planning for risk & compliance projects & system regulations projects.
  • Providing implementation, post-implementation, enhancement, and support to client for applications; acting as a Portfolio Manager for Anti Money Laundering Act (AMLA) & Anti bribery business rules roll out project.
  • Leading a strategic account planning process involving financial targets and critical milestones; working on RFP responses and provided cost effective & innovative solutions, managed RFP deliverables.
  • Providing functional inputs for financial modules and localization map; preparing requirement mapping template specific to localizations requirements supported by Risk & GRC standard functionality and recommending customization, if required.
  • Successfully implemented Business Process Management & ARIS roll out for finance processes.
  • Successfully implemented GRC Policy Management &SAP GRC CCM for month end activities related to GL & Accrual.
  • Successfully implemented GRC Rule set for S4 HANA System.
  • Collaborated with Business Teams & Common Services to ensure smooth unhindered implementation of new developments by managing cost, quality and release processes by mitigating potential risks.
  • Led the SAP role re-engineering work in business and transforming the culture of technical roles to business role culture.
  • Successfully designed Control framework in GRC AC / PC for Issue to Resolution Process & Purchase to Pay Process.
  • Acted as an ARIS BPM Subject Matter Expert for business process transformation for Group Finance.
  • Solution Architect for Process Mining Capability.
Jan 2018 - Oct 2018
10 months

Senior Manager - Strategy, Governance & Security

Creating Values Pvt. Ltd.

  • Managed the Microsoft upgrade project for financial firm providing Securities Services to Domestic & Foreign Institutions.
  • Direct report to COO of the Financial Firm regarding the project status & deliverables.
  • Managed &led the project portfolio for SAP Security Assessment and Roles Re - design in S/4 HANA for a Ceramic client.
  • Participated in Pre – Sales of SAP GRC and Security Assessment Service for multiple customers.
  • Organized SAP Security / GRC & GDPR webinars for Indian domestic companies highlighting the need of Security in Cyber Space.
Jan 2016 - Dec 2017
2 years
Sydney, Australia

SAP Security/GRC Access Control-Project Manager

Accenture Services Pvt. Ltd.

  • Project undertaken for Caltex.
  • Spearheaded the offshore SAP Security/GRC AC delivery model for the customer; monitored project budgets; tracked expenses and project budget; managed project related changes; identified issues & risks and developed contingency plans.
  • Played a key role in setting up of the connection b/w SUN IDM my Access with the GRC 10.1 to support the user provisioning landscape for SAP.
  • Managed the design & preparation of Client blueprint and Weekly Management reporting of the current status of the project and attending GATE review meeting with the key stake holders.
  • Part of Change Approval Board for changes related to Security & Governance.
  • Participated in SOX Risks remediation Project and completed it successfully.
  • Led the implementation of GRC 10.1 Access Control (ARM.ARA, EAM, BRM).
  • Led the implementation of SAP Security for EMEA/LATAM/ASIA/NORAM regions.
  • Led the implementation of Support SAP GRC Policy Management.
  • Solution Environment: SAP ECC 6.0, SAP Net Weaver BI 7.0, SAP Enterprise Portal 7.0, WIN XP, GRC Access Control 5.3, GRC 10.0, GRC10.1 CHARM (Sol Man 7.0).
Jan 2015 - Dec 2015
1 year

SAP Security/GRC Access Control-Project Manager

Accenture Services Pvt. Ltd.

  • Project undertaken for DuPont.
  • Spearheaded the offshore SAP Security/GRC AC delivery model for the customer; monitored project budgets; tracked expenses and project budget; managed project related changes; identified issues & risks and developed contingency plans.
  • Played a key role in setting up of the connection b/w SUN IDM my Access with the GRC 10.1 to support the user provisioning landscape for SAP.
  • Managed the design & preparation of Client blueprint and Weekly Management reporting of the current status of the project and attending GATE review meeting with the key stake holders.
  • Part of Change Approval Board for changes related to Security & Governance.
  • Participated in SOX Risks remediation Project and completed it successfully.
  • Led the implementation of GRC 10.1 Access Control (ARM.ARA, EAM, BRM).
  • Led the implementation of SAP Security for EMEA/LATAM/ASIA/NORAM regions.
  • Led the implementation of Support SAP GRC Policy Management.
  • Solution Environment: SAP ECC 6.0, SAP Net Weaver BI 7.0, SAP Enterprise Portal 7.0, WIN XP, GRC Access Control 5.3, GRC 10.0, GRC10.1 CHARM (Sol Man 7.0).
Nov 2013 - Jan 2015
1 year 3 months
Sulzbach, Germany

SAP Security/GRC Access Control-Project Manager

Accenture Services Pvt. Ltd.

  • Project undertaken for Clariant.
  • Spearheaded the offshore SAP Security/GRC AC delivery model for the customer; monitored project budgets; tracked expenses and project budget; managed project related changes; identified issues & risks and developed contingency plans.
  • Played a key role in setting up of the connection b/w SUN IDM my Access with the GRC 10.1 to support the user provisioning landscape for SAP.
  • Managed the design & preparation of Client blueprint and Weekly Management reporting of the current status of the project and attending GATE review meeting with the key stake holders.
  • Part of Change Approval Board for changes related to Security & Governance.
  • Participated in SOX Risks remediation Project and completed it successfully.
  • Led the implementation of GRC 10.1 Access Control (ARM.ARA, EAM, BRM).
  • Led the implementation of SAP Security for EMEA/LATAM/ASIA/NORAM regions.
  • Led the implementation of Support SAP GRC Policy Management.
  • Solution Environment: SAP ECC 6.0, SAP Net Weaver BI 7.0, SAP Enterprise Portal 7.0, WIN XP, GRC Access Control 5.3, GRC 10.0, GRC10.1 CHARM (Sol Man 7.0).
Jun 2010 - Nov 2013
3 years 6 months
Kuala Lumpur, Malaysia

SAP Security/GRC Access Control-Project Manager

Accenture Services Pvt. Ltd.

  • Project undertaken for BHP Billiton.
  • Spearheaded the offshore SAP Security/GRC AC delivery model for the customer; monitored project budgets; tracked expenses and project budget; managed project related changes; identified issues & risks and developed contingency plans.
  • Played a key role in setting up of the connection b/w SUN IDM my Access with the GRC 10.1 to support the user provisioning landscape for SAP.
  • Managed the design & preparation of Client blueprint and Weekly Management reporting of the current status of the project and attending GATE review meeting with the key stake holders.
  • Part of Change Approval Board for changes related to Security & Governance.
  • Participated in SOX Risks remediation Project and completed it successfully.
  • Led the implementation of GRC 10.1 Access Control (ARM.ARA, EAM, BRM).
  • Led the implementation of SAP Security for EMEA/LATAM/ASIA/NORAM regions.
  • Led the implementation of Support SAP GRC Policy Management.
  • Solution Environment: SAP ECC 6.0, SAP Net Weaver BI 7.0, SAP Enterprise Portal 7.0, WIN XP, GRC Access Control 5.3, GRC 10.0, GRC10.1 CHARM (Sol Man 7.0).
Jun 2008 - Jul 2009
1 year 2 months

Operations Specialist (SAP Security)

Tenneco India Engineering Shared Services

  • Managed the Implementation of SAP CUA.
  • Worked with external and internal auditors to managing the internal audit.
Oct 2007 - Jun 2008
9 months

Associate (IT Auditor)

Outsource Partners International

  • Designed the IT and Security Control elements in SAP R/3 and mapping it with ITGC.
  • Worked with KPMG, US Team to evaluate controls & designs in order to prepare the TOD & TOE.
  • Review of deliverables to help ensure that agreed upon quality standards are met.
May 2006 - Oct 2007
1 year 6 months

Senior Process Associate

Tata Consultancy Services

  • Administration of SAP user’s production, development & quality requests.
  • Used in-house developed tools, VRAT & SAP tools for analyzing SOD conflict, mitigating controls and roles assignments to users.
May 2005 - May 2006
1 year 1 month

Customer Service Officer

Standard Chartered Bank

  • Handled calls and resolving the queries of customers relating credit cards, Keeping the track of high-risk transactions.
  • Processing loans on credit cards.

Summary

Senior IT Professional offering more than 19+ years of global experience in Application (ERP) Security, Risk Management, IT Functional Consulting, IT Risk & Project Process Improvement, Project Management, Application Development & Compliance Execution & Support across SAP security and GRC Access/Process Control/Risk Management

Led projects through aggressive project governance processes including Solution Information Security & Risk Management, Business Continuity and Application Risk Assurance on multiple clients; presented changes, issues, risks and contingency plans to Portfolio Steering committees to balance project resources, schedules and scope

Led initiatives such as business blueprinting, requirements gathering, process design & development, enhancement specification, installation/operational/production qualification, training of users, post go-live support, and operational enhancements

Successfully led the SAP GRC AC& PC 10.1 upgrade to SAP GRC AC& PC 12.0; acted as a Design Lead for SAP GRC Access Control and Process Product Technical Control Integration Implementation &Functional

Capable of analyzing information system needs, evaluating end-user & deployment requirements, custom designing solutions and troubleshooting for Consulting information systems management

Facilitated continuous improvement and implementation of changes at Audit Performance process level, to ensure excellence in delivery; reduced overall Total Cost of Management Tuning Ownership (TCO), through process improvements

Excellence in building & retaining high performance teams, implementing continuous improvement programs and partnering with multiple global stakeholders.

Languages

Hindi
Advanced
English
Elementary

Education

Visvesvaraya Technological University

Bachelor of Engineering, Electrical & Electronics · Electrical & Electronics · India

Certifications & licenses

Certified ISO27001:2005 Lead Auditor

Certified Information System Auditor

Certified Professional Scrum Master I

ITIL (3.0) Certified

SAP Business Object Access Control(C_GRCAC_10)