Rory S.

Goree SAP Security & Controls Analyst

Glendale, AZ 85301 (602) 510-6951 • rory.goree@yahoo.com
Top performing, highly qualified, goal focused SAP Security Administrator with 20+ years of comprehensive expertise in SAP
coordination, implementation, and support. An outstanding problem solver with a history of success developing solutions and
directing a wide range of IS initiatives, as well as planning and implementing systems solutions to contribute to the achievement
of immediate and long-term business objectives. An outstanding communicator, capable of building, training, and leading cross-
functional teams, and collaborating across all organizational levels. Expertise in a wide variety of modules, including (SAP ERP
Modules) FICO,MM, SD, HR, PP, PS, QM, PM. (SAP Business Suite Applications) CRM, SRM, PLM, HANA, GRC, SEM, VIRSA, CUA,
as well as Bizrights and Security Weaver GRC systems. Areas of Expertise include:
▪ SAP Information Security ▪ User/Role Management ▪ Staff Training & Mentoring
▪ SAP Authorizations ▪ Project Management ▪ Infrastructure Management
▪ Security Role Testing ▪ Process Improvements ▪ Sarbanes Oxley Requirements
▪ Security & Technical Advising ▪ Policy Development ▪ Performance Tuning
▪ SAP Security Assessments ▪ Quality Control ▪ System Implementation
▪ BW Analysis ▪ Complex Problem Resolution ▪ Requirements Definition

Professional Experience
INDEPENDENT SAP SECURITY/CONTROLS ANALYST • Glendale, AZ • 2012 – Present
Utilize extensive SAP Security knowledge across multiple contracts for a diverse clientele in the performance of SAP Financial
Reporting, Order-to-cash, Purchase-to-pay cycles, and preparation for/resolution of SAP SOX audits. Consistently promote
engagement of user community to identify and understand requirements to provide responsive and detailed SAP Security analysis
and solutions on time and on budget. Demonstrate expertise in assessing security, and building and maintaining authorizations
and roles. Strategically troubleshoot authorization issues, review GRC rule sets, determine access requirements, eliminate SOD
conflicts, and maintain SU24. Provide in-depth consultation regarding new implementation and upgrades.
Key Clients & Projects:
• Nustar Energy • San Antonio, TX • August 2017 – Present
o Collaborated with SAP security team to develop project plan for SAP GRC 10.0 – 10.1 upgrade and SAP
Security assessment.
o Assisting client review of other GRC products that might replace SAP GRC.
o Trained SAP security administrator in use of new licensing transaction SLAW2
• Compass Solutions • Washington, D.C. • December 2016 – May 2017
o Successfully completed extensive SAP security project on ECC, GRC and BW systems, with duties including
review of SAP security assessments and SAP GRC Rule Set to indentify GAPs, recommend upgrades (EHP4
– EHP8 and NW 7.01 – NW 7.5), and contribute to end analysis reports.
o Compared user access against proposed business roles, ensuring all users maintained access during
conversion from technical to business role assignments.
• Mobile Mini • Phoenix, AZ • October 2016 – December 2016
o Collaborated with business and internal audit teams to develop mitigating controls for SOD issues,
determine requirements and remove non-critical transactions, and develop test scripts to validate capability
daily function performance.
o Successfully resolved user IDs missing e-mail addresses, and reviewed all composite roles to ensure correct
single roles contained. Coordinated with development team to implement mass unused role delete program,
and set US licensing information on all user IDs.
• Lincoln Electric • Cleveland, OH • May 2016 – September 2016
o Served as SME in identifying, developing and implementing innovative techniques to improve engagement
productivity, increase efficiency, mitigate risks and resolve issues.
o Performed annual SAP license audits, and played a key role in resolving issues during annual transaction
audit. Supported resolution of SAP ECC, BW, CRM and HR security issues, as well as testing and go-live
phases of two new business units with SAP ECC, BW and HR.
• Tate & Lyle • Hoffman Estates, IL • February 2016 – March 2016
o Trained controls team on SAP security processes and tools, including SUIM, SU24 and GRC reports.
Facilitated Sarbanes-Oxley (SOX) audit activities to certify financial information accuracy. Identified and
eliminated over 90% of high SOD issues.
• Lincoln Electric • Cleveland, OH • July 2015 – January 2016

Continued…
Rory S. Goree
Page Two of Two

o Supported ECC, HR, CRM, BW, global rollout of new PLM, and testing phase of 2 new business units,
including security issue identification and resolution. Collaborated with HR business analysts to determine
access limits to sensitive data, updated customer transactions in SU24 per trace.
o Identified documents and transactions to be utilized during rollout of PLM/DMS project, and created a plan
of action to address issues reported during critical transaction audit. Resolved security issues for SAP (SU53,
ST01, RSECADMIN), and identified key issues for critical and SOX audits.

INDEPENDENT SAP SECURITY/CONTROLS ANALYST (continued)

• Discount Tire • Phoenix, AZ • May 2014 – June 2015
o Trained and mentored junior SAP security team member, and designed and implemented BW roles and
analysis authorizations. Wrote documentation and resolved issues to support functional unit testing and
final go-live testing, assisted in troubleshooting ECC role issues, and gathered requirements for BW support
roles.
• JBS USA • Greely, CO • April 2014 – May 2014
o Evaluated SAP security resources and created and effective training plan. Established GRC rule set and
reviewed landscape on required skill set to improve team performance. Reviewed 2013 SOX audit to
outstanding issues.
• Lincoln Electric • Cleveland, OH • October 2013 – February 2014
o Created and implemented BW roles and authorizations for Japan Project, and provided direct support for
testing and go-live activities. Created new global printer roles, and played a key role in GRC upgrade to verify
firefighter use. Tested and verified GRC rule set and resolved authorization issues.
• Love’s Travel Stops & Country Stores • Oklahoma City, OK • July 2013 – October 2013
o Delivered stopgap SAP security support, and collaborated with development teams to determine project
requirements. Designed, configured and deployed project access to CRM, ECC, and BW HANA systems, and
defined CRM display roles for business users.
• NuStar Energy • San Antonio, TX • December 2012 – June 2013
o Successfully trained junior SAP support member, and removed unused roles from system landscape. Built
new firefighter roles and new SAP security roles for business unit sold to third party. Ensured efficient
response to SAP security requests, and developed/improved security controls.

ADDITIONAL EXPERIENCE
SAP Security Analyst for GLOBAL CROSSING (Phoenix, AZ, 2002 – 2012), and Independent SAP Security/Controls Analyst (1999
– 2002) for clients including: Pratt & Whitney (Hartford, CT), Roche Diagnostics (Indianapolis, IN), Teijin Films (Richmond, VA),
Lincoln Electric (Cleveland, OH) DuPont Corporation (Newark, DE), ACS Technology Solutions (Phoenix, AZ).

UPGRADES & IMPLEMENTATIONS:

GRC: Lincoln Electric 5.3 – 10.0 Upgrade • Lincoln Electric 10.0 – 10.1 Upgrade • NuStar Energy 10.0 Implementation
BW/BI: Global Crossing 3.5 Implementation • Global Crossing 7.0 Implementation • Discount Tire 7.4 Implementation
SAP: DuPont 3.1H Implementation • PetSmart 4.0 Implementation • Discount Tire 6.0 Implementation • Global Crossing 4.5b –
4.6c Upgrade • Lincoln Electric 31h – 3.1i Upgrade • Roche Diagnostics 4.6c – 4.7 Upgrade • Lincoln Electric 3.1I – 4.6C
Upgrade • NuStar Energy 7.01 – 7.5 Upgrade

Education & Training

Cryptologic Technician Basic, Cryptologic Combat Support, VMS Administration
UNITED STATES NAVY
Certified SAP Professional, SAP HANA, Modeling & Administration, License #90594
SAP Certified Application Associate, SAP Authorization & Auditing for NetWeaver 7.31
SAP Certified Application Associate, SAP Business Objects Access Control 10.0
SAP EDUCATION CENTER: GRC300 SAP BusinessObjects Access Control 10, HA240 Authorization, Security & Scenarios – HANA,
ADM960 Security in SAP System Environment, GRC200 Intro Virsa Compliance Calibrator, BC325 Workbench Organizer,
Transport System & Upgrade, CA940 Authorization Concept, SAP 50 R/3 Basis Technology, BC940 Security & Technical Auditing