1. RESUME
PERSONEL DETAILS
Full Name: Geetha Thannimalai
Nationality: Malaysian
NRIC No: 700730-02-5232
Address: No.3, Lrg. Batu Nilam 23A, Bdr. Bkt. Tinggi 2, 41200 Klang, Selangor, Malaysia
Mobile: +60 012 3887972
E-mail: tgeetha@hotmail.com
EDUCATION
Tertiary: Bachelor of Information Technology (BIT) (Hons.) (Year: 1991 – 1995)
Institution: University Utara Malaysia (UUM), Sintok, Kedah, Malaysia
Pre-university: Higher School Certificate (HSC) (Year: 1989 -1990)
Institution: Ibrahim Secondary School, Sungai Petani, Kedah, Malaysia
SAP PROFESSIONAL CAREER DETAILS
SAP Service Line/Capability: SAP Security & Authorizations (S&A)
SAP Consulting Experience 14 years
SAP Project Management 3 years
SAP Security and Governance Risk Compliance (GRC) 7 years
SAP BASIS 7 years
SAP QA, Audit & Risk Management 1.5 years
SAP Implementation Cycles 10 cycles
SAP CAREER DETAILS
Year Company Designation
1996 - 1998 BHP Information Technology (BHP IT) SAP Network Engineer
1998 - 2000 Ernst & Young Management Consultants (EYMC) SAP BASIS Consultant
2001 - 2002 Cap Gemini Ernst & Young (CGEY) SAP Security Team Lead
2003 - 2006 Teliti Computers SAP Technical Project Manager
2006 - 2010 HCL-Axon Solutions Managing Consultant
2010 - 2015 Steelcase Office Solutions IT Shared Services Manager
Steelcase Office Solutions (May 2010 – Jan 2015) – IT Shared Services Manager
Industry: Manufacturing
Attended knowledge transfer at global headquarters in Grand Rapids, Michigan. Visited the Corporate Data
Centre in Caledonia, Michigan. Tour of manufacturing plants in Kentwood, Grand Rapids, Michigan.
Manage IT teams SAP Netweaver BASIS, Database (Oracle & SQL), IT Security & Forensic Computing, Software
Quality Assurance in a shared services model responsible in the business during KL hours with support handover
and transition structure in place to other internal shared services centres in Europe and North America.
Global support structure roll-out for SAP Netweaver infrastructure solutions for the region and manufacturing
plants located globally. Incorporate global LEAN practices to the complex IT landscape and managing cost
effectiveness.
Responsible for IT resource management, performance review, pay determination of direct reports, learning and
development, technical resource skill matrix, coaching and mentoring.
Collaborate with global internal audit and IT Security, Governance and Risk Compliance (GRC) teams for SOX
(Sarbanes Oxley) control frameworks. The scope includes performing design, control, testing, risk assessment,
continuous process improvements, defining SOX policies and procedures.
Facilitate internal and external auditor compliance review sessions for timely remediation and resolving
deficiencies with multiple business stakeholders across different business functions located globally.
Ensure compliance to global IT security, audit and governance policies at all times for SAP Production Support
and Run The Business (RTB) environment.
2. Coordinate and implement Global IT Change Management controls and streamline processes with IT support
delivery and project teams located in various regions and time zones. Participate in global change process
reviews and continuous improvement initiatives.
Manage IT financials covering fiscal budget process, cost allocation, chargeback, resource utilization, overhead
analysis and tracking of budget.
Participate with internal vendor management team for external contracting service provider, partnering
arrangements with multi-sourced external supplier and IT outsourcing companies to optimise costing, quality,
performance and schedule. This includes reviewing Statement of Work (SoW) and contractual obligations with
external third (3rd) party service providers.
Close coordination with SAP support application teams within the organization to deliver solutions and quick
turnaround time for support issues and project implementation timeline.
Global Disaster Recovery (DR) implementation with various IT teams located at different locations globally.
Focal point in the event of a high priority (P1 & P2) and critical incidents that is disrupting business operations.
Manage next level call escalation and situation management with the Global Critical Incident Coordinator. Urgent
break-fix change notice online approvals to resolve technical issues. Facilitate conference calls for critical incident
investigation, incident reviews on root cause, trending and analysis as part of the end to end problem
management process. Ensure formal communication process via e-mail and corporate web updates are provided
through out the duration of the critical incident, action plans and process improvements.
Managed software quality assurance team to undertake end-to-end SAP application functional testing for projects
and SAP Releases via HP Quality Centre Enterprise 12.0 for business process testing, defect management
according to specifications and standards.
Leading IT Security and forensic team in gathering, interpreting, and analysing large volume of data and applies
financial, statistical, accounting, computer forensics skills to provide proactive strategies and solutions in dealing
with irregularities and complex business issues.
Coordinate work transition for project and support delivery activities such SAP release management, SAP
upgrades, Oracle patch upgrades, SAP OS/DB platform migration and technology deployment of SAP HANA.
Global IT Infrastructure team member to plan, manage, deploy data centre consolidation and relocation from
various data centres in APAC, North America and EMEA to the Corporate Data Centre in the US. The global
project objective of this data centre consolidation is to reduce data centres operated in various locations globally,
to manage cost reduction and improve performance. The project scope includes closure of various data centres in
different countries upon staged completion of data centre migration and transition. Participated in project steering
committee meeting, project dashboard weekly status meetings, regional IT stakeholders and internal project
teams. Worked with the project team to manage risks and issues related to customer Data Center workload
migration projects.
Active Directory (AD) consolidation undertaken for servers migrated to the Global HQ data centre. Project scope
included deployment of multiple AD domains across several countries across Europe. The project strategy
includes redesigned AD architecture to enable to have a decentralized network, better control replication, effective
trust relationships between domains and reduction of physical servers (boxes).
Supported SAP products and modules: SAP Netweaver 7.4 (ECC 6.04) & SAP R/3 4.7, SAP NW Business
Intelligence (BI) 7.3, SAP BW Strategic Enterprise Management (SEM) 3.5, Exchange Infrastructure (XI)/PI
7.3,Enterprise Portal (AS/JAVA) 7.0, Supply Relationship Management (SRM) / Supply Synch (SuS) 7.0, Supplier
Relationship Management (SRM)/Enterprise Buyer Professional 7.0, SAP NW Trex 7.1, SAP Solution Manager
7.3, SAP NW MDM 7.1, SAP Business Objects 4.1, SAP Information Steward 4.1, SAP Customer Relationship
Management (CRM) 7.13 and Symmetry Control Panel GRC.
Supported operating system: HPUX, Windows & LINUX.
HCL-Axon Malaysia (Dec 2006 – March 2010) – Managing Consultant
Industry: Energy & Utilities (E&U) (2006 – March 2010)
Managed transition for SAP Security & Authorization (S&A) offshore support for Energy & Utilities (E&U) clients: -
Arizona Power (US) – ECC & ISU/CCS
Aquarian Water (US) – ECC & ISU/CCS
Oklahoma Water Utility Trust Company, OCWUT (US) – ECC, ISU/CCS, BI, CRM
Texas Utilities TXU (US) – ECC, ISU/CCS, BI, CRM & Enterprise Portal
Thames Water (UK) – ECC, SRM, BI & Enterprise Portal
3. SAP user provisioning in SAP Solution Manager for 1st & 2nd level S&A offshore support.
Portal role assignments for BI and CRM portal users.
Creations of business partners in CRM org structure and integration for new CRM users.
Offshore SAP role development, role testing, role assignments and role revisions for project implementation.
Resolving SAP Security issues escalated via support tickets in HP Service Desk Manager.
Managed Service Level Agreements (SLAs) for ageing and turnaround time for S&A support tickets.
Undertook knowledge transfer for SAP Security team members for offshore S&A support.
Coordination with Service Delivery Managers and Transition Managers for new and existing (E&U) accounts.
Managed team for Knowledge Transfer (KT) sessions specific to ISU/CSS and overview of (E&U) industry.
Mobilization of S&A resources onsite support and knowledge transfer activities for City of Palo Alto (CoPA).
Transition of offshore SAP role development and working on defects using HP Quality Centre Manager (HPQC).
Coordination with other SAP application support teams for faster turnaround time for support issues.
Offshore business development work for SAP security outsourcing services on other Energy and Utilities (E&U)
Senoko Power, Singapore (SAP Governance Risk & Compliance (GRC) implementation)
TUAS Power, Singapore (SAP Security 3rd level S&A support outsourcing services)
Hydro Quebec, Canada (ISU/CCS technical upgrade (Unicode compliant))
Macau Electric (ISU/CCS technical upgrade)
Industry: Oil & Gas (O&G)
Client: BP Oil Trading Ltd (2007 – 2008)
Attended knowledge transfer at BP Oil Trading Ltd, Canary Wharf, London UK for pre go-live support for SAP R/3
4.7 (IS-Oil) implementation.
Post go-live S&A support issue escalation raised in Remedy for BP Europe and Africa users.
Early Life SAP Support (ELS) onsite at BP Oil Trading Singapore.
Offshore go-live SAP S&A support for BP Oil Americas, Chicago, Illinois, USA.
Managed transition of SAP S&A 2nd & 3rd level support to offshore team.
Coordination with IS-Oil, FICO, Logistics, XI, ABAP and BASIS teams for faster SAP issue resolution.
Conducted intensive training for internal 1st level S&A support for BP IT Service Management team at BP Oil
Trading Singapore Ltd.
Coordination with BP SAP business process owners and BP Service Management Team for SAP authorization
change management activities.
Escalation of SoD issues and conflicts using the SAP Virsa Compliance Calibrator (SAP GRC).
Undertook S&A change management activities of role development in SAP Business As Usual (BAU) and
project SAP system landscapes.
Coordination with onshore and offshore BASIS team on technical landscape and transport routes required for S&A
change management activities.
Worked with the functional, process, training and change management teams to design the appropriate role-
based security for the production environment inclusive of role definition and job/position mapping.
Worked with corporate HQ for assess, design or implement SAP GRC Access Control suite of programs, including
user provisioning, segregation of duty management, emergency access, and role management
Worked with corporate SAP functional stakeholders on complex governance requirements and provide clients with
leading practice recommendations of governance as it relates to SAP Security, Segregation of Duties, Role
Management, and Super User Access.
Joint managed services with regional teams (EMEA, Americas & APAC) on SAP GRC Access Process Control,
Manual vs Automated Controls, Control Assessment Overview, Control Evaluation Setup and Overview, Process
Control Audit Consideration, Risk Intelligent Management in the business organization.
Experience using and implementing SAP GRC Access Control Suite products including Risk Analysis and
Remediation, Compliant User Provisioning, Super User Privilege Management, SAP Identity and Access
Management and Enterprise Role Management.
Leverage on GRC tools in the creation and maintenance of security roles.
Industry: FMCG
Client: SHS Group Ltd, Belfast, Northern Ireland (2006)
4. SHS Group is a privately owned company in the FMCG sector dealing with consumer goods sector.
Offshore SAP Security Implementation for ECC, BI and CRM and third (3rd) level support.
Offshore role revisions undertaken defects raised created after unit testing, user acceptance test and post go-live.
User provisioning in all CUA non-production environments for various SAP teams (project team, testing team,
integration team and training team).
SAP User provisioning for pre go-live (Active Directory to LDAP synchronization) to the CUA (Central User
Administration) via SAP Solution Manager 4.0.
Post go-live support for SHS SAP users located across the British Isles.
Industry: Logistics & Transportation
Client: Kuehne & Nagel (K&N) UK (2007)
K&N is the world’s leading logistics provider for Sea freight, Airfreight, Road & Rail Logistics and Contract
Logistics.
Offshore SAP Security support for K&N (Heineken UK roll-out) for SAP ECC6 Financial and Logistics.
Coordination with BASIS team on separate production client creation for Heineken UK project implementation.
Coordination with onsite project team and K&N internal SAP support for the new project SAP landscape and
transport routes. Collaboration with the onshore project team on new SAP role development and role testing.
Post go-live support and handling of issues under warranty period.
Third level (3rd) S&A offshore support as per support contract obligation.
Client: Northern Rail (NR), UK (2008 – March 2010)
Northern Rail is a joint venture between Serco Group Plc (international services company) and Abellio (a
subsidiary of NS Dutch Railways) with SAP users are located in York and Manchester, Northern England.
Undertook transition of S&A support (ECC, SRM & BI) from onshore project delivery team.
Resolved all internal support issues escalated by the client for further analysis and problem solving.
Worked closely with BASIS on SAP Landscape Optimization in a multi-client environment. The focus on
redundant SAP client and effective management of complex SAP system landscape.
SAP clients in non-production environment and clients not synced with the production client. The scope of S&A
offshore work included role verification and SAP IDs for the redundant clients and followed by client deletion with
prior approval from the Northern Rail IS Dept.
Role synchronization and consistency across existing clients in ECC, SRM and BI.
Worked with BASIS on re-configured CUA (Central User Administration) with selected clients in the revised SAP
system landscape. SAP Security verification of system copy from production clients to new QA clients after post
re-configuration of CUA (Central User Administration).
Industry: Aerospace and Defence (A&D)
Client: Boeing Shanghai Aviation Services (BSAS) – (2007 – March 2010)
Boeing Shanghai Aviation Services Co., Ltd. (BSAS) is a joint venture between The Boeing US Company,
Shanghai Airport Authority and Shanghai Airlines. BSAS offers the advantages of an MRO (Maintenance, Repair
and Overhaul) with the skills, quality and knowledge of the original equipment manufacturer. It leverages Boeing's
best practices, quality standards, information technology and applications for efficient, cost effective operations.
Full offshore SAP Security and Authorization implementation for Financials, Human Resource (Payroll: China),
MRO (Maintenance, Repair and Overhaul), Sales and Billing, Supply Chain Management.
Coordinated all offshore transport requests, service request and change requests for SAP Security &
Authorizations.
Coordination with BASIS on all client refresh and support packs activities for BSAS SAP systems.
Coordination with functional teams based onsite and offshore for Financials, Human Resource (Payroll: China),
MRO, Sales and Billing, Supply Chain Management for daily SAP support.
Client: SAP US
i-MRO (Industry Solution for Maintenance, Repair and Overhaul) – (2009 – March 2010)
5. Security and authorization for i-MRO product development that is built as an add-on to SAP ECC6 and the
discrete industry solution add-on.
The i-MRO product leverages on development platform to SAP ‘s internal development standards including user
interface, accessibility and back-end integration standards such as using SAP’s enterprise service repository and
business application programming.
The scope of security and authorization work is to ensure users of SAP ERP will be able to seamlessly run i-MRO
transactions without logging onto a separate application, re-using SAP user authorizations, menus, navigation,
master data, transactions data and business processes.
The authorization testing undertaken is to ensure this new SAP product is used without the need to switch
between SAP ERP screens and i-MRO screens, apart if they can spot the user interface improvements in i-MRO.
Worked with i-MRO development team on package and namespace security requirements this product is heavily
customized and bespoke.
Industry: Retail
Client: CarpetRight Plc (2007 – March 2010)
Carpetright Plc is Europe’s leading specialist floor covering retailer, selling a wide range of carpets, rugs, vinyls
and laminates together with associated accessories. CarpetRight product offering extended to selling beds
following the acquisition of Sleepright with trading from 695 stores organized in the UK & Northern Ireland and the
rest of Europe (The Netherlands, Belgium & Poland).
Offshore S&A support covering 2nd & 3rd level S&A support for ECC5 and BW (SEM/BCS).
Undertook system measurement for SAP User Licensing Management for CarpetRight SAP systems.
Worked with client key-user on the SoD audit issues raised by external auditor Price Waterhouse Coopers (PWc)
recommendations, SAP Security authorization revamp undertaken to ensure no SoD issues are faced by SAP
users in the production environment.
Industry: Investment Trading
Client: Liquidnet Holdings, US (2007 – March 2010)
Liquidnet is the premier institutional investment community, bringing together the world’s largest asset managers
and public companies on a single network that directly connects traders, portfolio managers, analysts and
corporate issuers. Liquidnet Holdings operates in US, Europe, Canada, Asia, Australia and Japan.
Scope of support to move all clients (production and non-production) in the CUA environment.
User provisioning for ECC6 and SAP Supplier Relationship Management (SRM) users from the CUA.
Integration of SRM users into the SRM org structure.
Industry: Professional Services – Consulting
Client: KPMG Ireland (2008 – March 2010)
KPMG Ireland is a leading provider of professional services with 80 partners and 1700 people in offices in Dublin,
Cork, Galway and Belfast. KPMG works with clients in all sectors of Irish business providing a range of Audit, Tax
and Advisory services.
Transition of SAP Security support from KPMG Ireland internal S&A to full offshore mode.
Resolved SAP Security issues due to major re-structuring in KPMG Ireland.
Worked with SAP HR consultants and HR key business users on HR Org Structure changes, SAP role
assignments changes as a result of corporate restructuring.
Testing for KPMG ESS/MSS portal IDs in test environment as a result of HR authorization changes prior any
changes in production environment.
Teliti Computers (2003 – 2005) – SAP Technical Project Manager
Industry: Oil & Gas
Client: Petronas Holding (2003 – 2004)
6. SAP R/3 Upgrade undertaken for this state-owned national petroleum company in-line with the business mission
to be leading oil and gas multinational of choice. This Fortune-500 company has a strong workforce of 20,000
dealing with the spectrum of business Upstream, Exploration, Downstream, Oil – Production, Gas – Processing,
Liquefaction, Transmission & Distribution, Petrochemical, Logistics & Maritime, Property Investment &
Development, Technology Resource Management and Education.
The SAP R/3 technical upgrade scope involved 28 SAP R/3 modules, IS- Oil & Gas and IS - Real Estate for 5000
SAP end-users involving 75 operating units and 30 overseas business units.
The R/3 Authorization cycle covers the Evaluation, Implementation, Operations and Continuous Improvement
phases were undertaken.
The SAP R/3 upgrade strategy involved the design, development and migration of role based profiles in-line with
IT Security Policies and Procedures.
Development SAP Security Plan involving revamp of the existing security setup, mitigating controls and risk
management.
Development of Change Management Security policies for IT Coordinators, SAP profile coordinators, business
process owners and key functional users.
Development of SAP Security Framework that addresses secure R/3 upgrade and post go-live activities achieving
the ease of maintenance on role-based profiles.
Development of revamp activities for Business Process Orientation, Segregation of Duties, Job Task Analysis,
resolving audit discrepancies and issues.
Development of knowledge transfer plan for SAP Security team and overview of SAP Corporate Governance
policies and procedures.
Migration of profiles and user masters for Property Investment and Development operating units as a result of the
merging of the SAP productive clients.
MySAP Security Management was undertaken for SAP R/3 – Three productive clients, Advanced Planning and
Optimizer (APO), Business Information Warehouse (BIW), Customer Relationship Management (CRM), Corporate
Financial Management (CFM), Enterprise Buyer Professional (EBP), Strategic Enterprise Management (SEM).
Industry: Agricultural
Client: Felda Agricultural Services (FAS) – (2004–2005)
SAP Authorization Team Leader for Felda Agricultural Services dealing with plantation and supporting agricultural,
farm products, marketing services and agro-based primary industries.
Facilitated SAP R/3 authorization review on role based activity groups, user profiles, authorization objects and
classes with functional team leaders implemented across core SAP R/3 core modules (FI, CO, TR, MM, SD &
HR).
The Authorization implementation includes Design, Construction, Test, Acceptance and Going Live & Support
phases based on ValueSAP methodology.
Developed knowledge transfer plan for SAP BASIS team, key functional users and business process owners.
Industry: Engineering & Construction
Client: Felda Engineering Services (FES) – (2004–2005)
SAP R/3 4.6C implementation for this privatized local engineering firm, a subsidiary of Felda Holding dealing with
construction, engineering services, properties, industrial supplies and air-control pollution.
Team Leader for SAP Security & Authorization for the development of role based profiles (FI, CO & HR) modules.
Worked with functional team on the interfacing to the third party systems (IFCA) from SAP R/3 for reporting
purposes.
Industry: Guard Security Services
Client: Felda Security Services (FSS) – 2004 - 2005
SAP R/3 4.6C implementation for a privatized local security firm, a subsidiary of Felda Holdings providing guard
services to the parent company, subsidiaries and external companies across Malaysia.
7. Team Leader for Authorization and SAP System Security (FI, CO, MM & HR modules) responsible for the set up
and maintenance of access control (data/applications/physical) in compliance with the security guidelines and
standards in order to ensure appropriate system and service security.
Managed system security incidents, problems and requests related to security aspects for this client during go-live
and post go-live implementation.
Industry: Transportation:
Client: Felda Transport Services (FTS) – (2004 – 2005)
Felda Transport Services (FTS), a subsidiary of Felda Holdings is a privatized transportation firm providing
logistic, transportation and courier services to the parent company, subsidiaries and external companies
nationwide. This fully equipped logistics service provider focuses on fleet management of transportation of
tankers, articulated cargoes and container trucks.
Team Leader for SAP Authorization 4.6C in coordinating the development the role based profiles (FI, CO, TR, MM
& HR) modules, development of SAP strategy, procedures, standards and implementation, driving efforts to
ensure SAP security and audit requirements are met.
Cap Gemini Ernst & Young (2000 – 2002) – SAP Security Team Lead
Industry: Public Sector & Government
Client: Felda Group (2000–2002)
Project Management for this government land development authority with plantation, manufacturing, land and
settlers management operations with over 20,000 employees and 600 remote sites across Malaysia.
Other business operated included downstream agro based process manufacturing, oleo chemicals, eco – tourism,
horticulture, logistics, marketing, trading and engineering.
MySAP & IXOS technical implementation consisting 18 modules for 25 Felda subsidiaries across Malaysia.
Project Management task undertaken focuses on Issue Management, Risk Management, Quality Management,
Knowledge Coordination, Organization Change Management, Business Continuity Planning and Disaster
Recovery.
Quality Audit and Assurance was undertaken for the MySAP and IXOS technical implementation for SAP R/3,
Enterprise Portals, Business Intelligence, Enterprise Buyer Professional, Knowledge Management, IXOS
Document Management System and IXOS Cold Archiving.
MySAP Technology Quality Assurance was undertaken for the upgrade of existing WAN & LAN environment
leveraging on CISCO powered Gigabit Ethernet technology and Voice-Over-IP to cater for the new SAP
environment.
Dealt with a hybrid of mix platforms for this MySAP Technical Implementation:
• SAP R/3 (AS/400-DB/400)
• Enterprise Portals (AS/400-DB/400)
• Knowledge Warehouse (WIN2K-SAPDB, WIN2K-SQL Server 2000)
• Business Intelligence (WIN2K-SQL Server 2000)
• Enterprise Buyer Professional (WIN2K-SQL Server 2000)
• IXOS (WIN2K – Oracle 9)
• SAP Web Application Server –WIN2K
Lead and manage in the selection of vendors or tools and provide input to Project Mgmt Team to support supplier
management efforts.
Contractor Management with MySAP Technology Hardware partners & service providers.
Ernst & Young Management Consultants (1998 – 2000) – SAP BASIS Consultant
Industry: Energy & Utilities (E&U)
Client: Sabah Electricity (SESB) - 1998
Team member for SAP R/3 technical implementation for Sabah Electricity (SESB).
SAP modules implemented (FI, CO, MM, SD, HR, PM, SM & ISU/CCS) on SAP R/3 4.0b, platform on SUN
SOLARIS, Unix/Oracle 8.
8. Client: Sarawak Electricity (SESCO) – 1999
System selection project for SAP R/3 4.6 and ISU/CCS to replace legacy system.
Mapping of “As Is” Business process from the legacy system and “To Be” on the proposed new MySAP system.
Development of a Request for Proposal (Rfp) for the new SAP system to be issued for MySAP implementation
partners on behalf of SESCO.
BHP Information Technology (1996 -1998) – SAP Network Engineer
Industry: Manufacturing & Heavy Industry
Client: BHP Steel Ltd (1996 – 1998)
SAP R/3 Technical implementation for a Fortune 100 multinational steel manufacturing company.
Platform SAP R/3 4.6b on AIX Unix/Oracle 8. SAP core functional modules (FI, CO, MM, SD, PM and SM).
Technical implementation and go-live support, systems administration, project audit and project review.
Provide technical leadership, management and direction to ensure security objectives meet SLA.