Severstal-Infocom, the main customer being “Severstal”. Support of over 10 landscapes (3-4 systems per landscape) + GRC support. Summary: SAP Security Expert responsible for supporting over 10 SAP landscapes, each including 3-4 systems (ECC, S4 Hana, Fiori, BW/BI, GRC, BOBJ, BPC, CRM, SRM, etc.). Actively involved in all phases of the S4 Hana implementation project, ensuring secure and compliant role and authorization management, as well as role and account migration, which facilitated the successful launch and operation of the system. Lead SAP Governance, Risk and Compliance (GRC) processes and received multiple commendation letters and awards for high professionalism, reliability, and significant contributions to the company’s security. Successfully implemented SAP deployment projects for new company sites, demonstrating a high level of expertise in role management and actively supported internal and external audits to enhance security and optimize access. Key Responsibilities: S4 Hana Implementation Project Involvement: - Full project lifecycle participation - Consultation and control of project teams - Security concept development and transition planning - Mass user account management - Role creation, update and deletion (including GRC) - Supporting changes, testing and new developments - Role migration - Training documents setup Support Responsibilities: - Annual SAP security document updates - Enhancing role and account management processes - including FF - Role and access management in SAP - Role implementation, update, testing and auditing - User account management - Incident resolution and consulting Audit Responsibilities: - Conducting regular audits of SAP roles, authorizations and user access across various landscapes to ensure compliance with security policies and regulatory requirements - Reviewing user roles, authorizations, activity groups and access levels for adherence to regulatory requirements - Investigating and documenting security incidents, unauthorized access attempts and critical access issues to identify root causes and implement preventive measures - Working closely with internal and external auditors to provide necessary data and explanations, as well as to implement recommendations from audit findings Skills: SAP Security & Authorization S4 Hana Implementation Governance, Risk and Compliance (GRC) Role Design & Management (ECC,S4 Hana, Fiori, BW/BI, GRC, BOBJ, BPC, CRM, SRM etc.) Auditing & Compliance User Account Management SAP roles full cycle support Segregation of Duties (SoD) Consultation & Training

Supporting of more than 15 landscapes (4 systems for each). End-user support: - Incidents resolution; - Consultations; - Mass requests creation; - Role updates; - Mass communication; - User accounts support; Project activities (more involvement): - Design/creation/update/removal of service roles for 3rd party project teams and internal support teams; - Consultation of 3rd party project teams (documentation, role design, ways of working); - audit of roles/documentation for projects before implementation; - Role checking for critical auth and transporting it; - Mass requests creation; - Systems changes: lead, planning, support and estimate (involvement our team, work hours calculation etc.) - Supporting custom system for role assignment; - Involvement in process of new landscapes creation; - Test accounts support: mass creation, update, providing auth; - Service accounts support: creation, role design, updates, incidents resolution; - Replication of roles for new company codes (planning, scripts creation, role creation); - Involve to supporting HANA systems; - Involve in preparation and testing of GRC system;

- Scheduling activities for team and plans creation; - Review documentation of all new functional changes and setting security requirements (auth objects, values etc.); - organization of security testing for changes for verify compliance with the requirements, filling test documentation; - preparing documentation for updating roles (technical, functional); - coordination of full process of updating role: approvals, discussions with global governance team members, change mgmt, filling documentation; - coordination of working consultants; - preparing matrix of new roles (SoD checking, organization of meetings with business, controls and functional teams) - meetings with business experts, functional experts, managers etc.; - providing meetings/consultations for functional teams, key users, etc; - preparing/managing test roles, accounts etc.; - support SAP accounts for project team members, testers etc; - design ways of working; - organization and providing hypercare support; - New developments review (checking security requirements); - Organize access to new/updated t-codes and developments for users and support teams in SAP systems; - Supporting testing phases (access organization, defects solution etc); - Role design implementation; - GRC reports preparation; - Investigation for SoDs (jobs, end-users); - Supporting FFs access for project team; - Go-lives rollout preparation and hypercare support for new plants/areas (incidents solurion, change implementations etc.); - Preparation and providing trainings for Key users, role owners, project teams; - Implementation of new control points for SoD; - Supporting role approval process (role owners support, new roles activation in GRC); - JOB design support (creation, update, implementation); - Providing SAP/GRC reports for project teams on weekly basis; - Preparing status reports for project lead, project meetings, functional team leads, lead daily status calls, plans preparation.

- SAP user administration (creation, deletion, change, deactivation, activation); - SAP role change management (creation, deletion, change, transport creation etc.) Control and coordination of the process; - Checking new transactions for authorization check and add working on additional it to roles; - 2nd level SAP Security support (resolving authorization issues, granting sensitive access etc.); - Allocation of tasks to team(Group coordination); - Assist the security project team; - Organization testing of role changes; - Role matrix creation (with approvers) for GRC; - SoD checking process via GRC; - Reports creation for audit (via SAP, GRC, documentation, quarterly ITGC execution); - Documentation creation, quarterly review (instructions, processes etc.); - Quarter security controls completion and creation remediation plans for failed controls; - CAS implementation from security side in PO1C project: documentation creation, planning activities for CAS implementation, organization of support project/sustain, ITGC controls execution process preparation; -Implementation of automatic process for CAS access in IDM (with WF, approvals, automatization of user creation, CAS ITGC controls implementation, crossaplication SoD implementation automaticaly); - etc.

Come to company on position of System Administrator (01.12.2007), change position to SAP analist from 31.03.2009 The main activity - SAP Security, SAP technical support and coordination of SAP process between factories, warehouses, regional offices and Globe Center (Frankfurt) Activities: Users' accounts creation directly in SAP and using PRAM, updating users profiles in HR SAP modules, CUA modules, modifying users accounts, deletion users accounts, checking and fixing issues with authorizations. Preparing changes in SAP roles and variants, creation of variants according business requests, checking and testing roles after apply changes to system. Checking and correction issues with authorization in SAP. Analysis market role assignment, analysis assignments for SoD and correction them, providing policies according audit requirements, development and implementation of new polocies in conjunction with internal audit and Globe Centre, making Compliance reports, SAP reports (unloading for Business). Taking part in Integration of HP Service Manager in Russian Market, implementation of SAP to factories, warehouses of Russia and Kazakhstan.