SUMMARY:

• Over Ten 12 Years of IT experience including 10 Years of SAP R/3 application Security and SAPGRC experience in SAP R/3, ECC 6.0, SAPNetWeaver 04, 04s SAP BW/BI, BI 7.3, CRM, HCM, HCM Processes and Forms SRM,SCM,APO
• SEM, ESS, FI-CO, R2R, P2P, HR, EP, SAP CUA. And upto SAP GRC AC 5.2, 5.3 and 10.0
• Design, Develop and Implementation and working knowledge of GRC Access controls 5.X CC, AE, RE and FF and 10.0 ARA, ARM, EAM BRM
• Upgrade and Implementation of SAP GRC Access Control 5.3 CUP, RAR, SPM and ERM and 10.0 ARA, ARM, EAM BRM
• Having excellent hands on experience two full GRC Access Controls implementation, upgrade, and Integration experience.
• Working and Design knowledge of SAP Versions 4.5B, 4.6C, 4.7, 5.0, 6.0 Security Upgrade experience from 4.7 to ECC 5.0, ECC 6.0, HCM including Processes and Forms module. Also, Support Pack upgrade experience
• Business and/or configuration experience in SAP R/3 modules FI-CO, SD, MM, PP, PM, R2R, P2P, HR Processes and Forms ECC 5.0 and SAP BW, BI, BI 7.3
• Experience in Design, Developing, Testing and Implementing SAP Security Roles, Profiles and Authorizations for various landscapes using profile generator including position based Security.
• Prepare, Design, Develop, Implementation of New Analysis Authorization Concept for BI Component.
• Design, Develop, Testing and Implementation of Enterprise Portal User IDs.
• Design, Develop, Testing and Implementation of Enterprise Portal Roles, iViews.
• Creation and Modification of User Accounts using SU01 Transaction.
• Strong in SAP application Security development by taking business requirements and building Security using the SAPAuthorization Concept using Profile Generator tool PFCG . Expertise in analyzing and translating business requirements into technical specifications in collaboration with application developers
• Experience in user administration 7x24 on call production support, quick turn around for end user requests, and Helpdesk support for user administration.
• Working knowledge of Segregation of Duties SODs analysis and auditing requirements
• Strong in developing Security authorization roles and positions as defined by application managers for the end users using SAPProfile Generator tool
• Business Warehouse 3.0 experience implementing HR data security with Structural authorizations and position based security and defining BW custom reporting authorization objects
• Knowledge in creation of Multiple R/3 User IDs using ECATT Scripts during Go-Live period.
• Strong in enforcing consistent Security policies and procedures as laid out by the client requirements.
• Full trouble shooting support for the users authorization failures in all SAP applications and resolving the Security issues and support in integration testing of Roles/Profiles
• Setup instance initialization profiles and client copies. Scheduled background jobs for processing. Setting up Correction and Transport System CTS , Setting up OSS connection and Spool administration
• Good initiative and communication skills, able to carry out the duties with out much supervision.

PROFESSIONAL EXPERIENCE:

Confidential

Sr. SAP Security and GRC Access Controls SME

• SAP Security Role Redesign, GRC Access Controls 10.0 Project, Audit Support for SOX Compliance: Involved and played as a SME role in KRATON SAP Role Redesign, SAP Access Controls 10.0, SOX Audit support projects for Security and GRC and introduced the Enabler Roles concept to reduce the no of security roles as this is for global locations through world. SAP Security Role Redesign implemented and went live for North America, Europe 6 Countries , Brazil and Asia Pacific China and Japan . Successfully went live with smooth security operations for all global locations and now the project is in continuous post go-live support.
• Environment: SAP NetWeaver 2004s, SAP ECC 6.0with Modules, FICO, OTC, P2P, R2R etc., HCM and HCM Processes and Forms , BI 7.1, 7.3 XI, Solution Manager, APO, SAP GRC AC 5.3 CUP, RAR, SPM and ERM , SAP Access Controls 10.0 ARA, ARM, EAM BRM , Microsoft Outlook,Worksoft Tool, Footprints, Microsoft Active Directory LDAP .

SAP GRC Access Controls 10.0 ARA, ARM, EAM and BRM :

• Responsible for review, validate the SAP system land scape for Access Controls capabilities i.e. ARA, ARM, EAM AND BRM.
• Responsible for gathering the requirements for complete GRC Access Controls capabilities.
• Responsible for validation of requirements to convert technical into Access Controls capabilities
• Responsible for review, design, develop, test and implementation of Access Controls capabilities.
• Responsible for support pack upgrades from lower to higher for open technical issues if require
• Responsible for GRC Access Controls 10.0 configuration and DEMO for BPOs, Key Stake Holders, super users etc.,.
• Responsible for Preparation of user requirements, technical, configuration, training documents
• Responsible for complete support on Access Controls Upgrade and implementation.

Access Controls Major Technical Tasks required for AC 10.0 implementation:

• Validation GRC AC 10.0 installation.
• Validation of GRC AC 10.0 plug-Ins installation
• Perform post installation tasks such as Client copy validation, Activate the GRC AC applications in clients, Checking and activating ICF services, Maintain system data, maintain plug-in settings.
• Activation of Access Controls BC Sets
• Creating system connectors for SAP and Non-SAP systems based on requirements
• Create and set up the initial users
• Design, develop, test the GRC Access Controls security roles using Role Maintenance tool.
• Review and configure the Access Controls standard settings using SPRO tool.
• Adding Connectors to SUPMG scenario
• Create Users and Assign roles for Emergency access
• Create and maintain the AC Owners
• Map the FFIDs to Owners and Controllers
• Assigning the Firefighters to FFIDs.
• Test, Run and validate the EAM log reports
• Verify ARA default configuration settings
• Adding Connectors to AUTH scenario
• Set up the SAP delivered rule and generate the rule set.
• Schedule and run all the required ARA back ground jobs and validate the data.
• Create and set up the Mitigation controls as per requirements.
• Review, Validate, Test and transport the generated rule set to QA and PRD.
• Adding Connectors to PROV scenario
• Verify and set up the default configuration settings for ARM.
• Configuration of all provisioning settings for Access requests
• Maintain MSMP Workflow. Process global settings, rules, Agents, Variables, Templates, Paths and generate versions etc.,
• Configuration of Provisioning settings
• Review, validate and testing of Access requests for New Account, Change accounts, delete, lock, unlock, emergency access, etc., based on requirements
• Assigning Connectors to ROLMG, AUTH PROV scenario
• Assigning connectors to connector groups
• Mapping the actions and default settings
• Configure the default configuration settings
• Maintain the role owners and assigning the roles
• Complete all requirement configuration and technical tasks of Access Controls 10.0 as per the requirements

SAP Security Role Redesign:

• Responsible for defining SAP Security Enterprise role redesign Design across all below mentioned systems
• Worked with Business Process Owners, Super Users, End Users In Resolving And Improving Security Aspects at KRATON.
• Maintained SLA's for all kind of tickets Problem/Incident/Request .
• Used Profile Generator to create, modify and customize User Authorizations, and Authorization Profiles in SAP Systems.
• Effectively analyzed systems trace ST01 and User Information System SU53 and tracked missing authorizations for user access problems and inserted missing authorizations.
• Specified the Auth Objects that are to be Maintained and modified for Various Custom Transactions using SU24 and SE93 in HR, BW and ECC Environments.
• Design, develop and implementation of HR General and Structural Authorizations.
• Design, develop and implementation of HCM P F Processes and Forms AS ABAP Security.
• Scheduled and Monitored Back Ground jobs Using SM37 Transaction.
• Worked with security related tables such as AGR TCODES, AGR USERS, AGR AGRS, USR02,AGR 1251 etc
• Defined Security Project Plan using MS Project by ASAP phases
• Defined security team daily activities/tasks
• Trained client resources on Security best practices
• Lead security requirements meeting with functional and technical teams
• Lead and defined all Security testing phases Unit, Integration, and User Acceptance across all applicable systems
• Defined Cut-Over/Go-Live and Post Go-Live tasks and processes
• Used RSECADMIN in BI for Creating, Maintaining and assigning of Analysis authorizations.
• Worked with Reporting Users, Power Users and Administration Users in Identifying And Resolving Authorization Issues in BI System.
• Created Queries and restricting access through Variable filled Authorizations in BI.
• Worked on SAP BI 7.0 Portal and Enterprise Portal user management.
• Created SECATT Scripts for mass upload of Users and Roles.
• Implemented and worked with SSO Single Sign-On on all the systems in landscape.
• Provided complete documentation for all areas of Security role design, GRC, IDM configuration etc
• Created Structural authorization profiles for client organizational structures and assigned to users.
• Created SECATT Scripts for mass upload of Users and Roles.
• Implemented and worked with SSO Single Sign-On on all the systems in landscape.
• Developed Single, Master Derived Roles and tested them in Various Clients and systems in the Landscape.

Confidential

Sr. SAP Security and GRC Lead

• BWI DAY2 Project: Involved and played as a lead role in BWI DAY2 Global SAP implementation project for Security and GRC and introduced the Enabler Roles concept to reduce the no of security roles as this is for global locations through world. Implemented and went live for Mexico, North America, Luton-UK, Krosno-Poland, Krakow-Poland, Shanghai-Chaina, Fhangsan-China, India. Successfully went live with smooth security operations for all global locations and now the project is in continuous post go-live support.
• Environment: SAP NetWeaver 2004s, SAP ECC 6.0 HR, BI 7.1, XI, Solution Manager, SAP EP, SRM - EBP, APO, SAP GRC AC 5.3 CUP, RAR, SPM and ERM , IBM Lotus Notes, Quality Center, Sun One LDAP .

Responsibilities:

• Responsible for defining SAP Security Enterprise Design across all below mentioned systems
• Worked with Business Process Owners, Super Users, End Users In Resolving And Improving Security Aspects at BWI Group.
• Maintained SLA's for all kind of tickets Problem/Incident/Request .
• Used Profile Generator to create, modify and customize User Authorizations, and Authorization Profiles in ECC.
• Effectively analyzed systems trace ST01 and User Information System SU53 and tracked missing authorizations for user access problems and inserted missing authorizations.
• Specified the Auth Objects that are to be Maintained and modified for Various Custom Transactions using SU24 and SE93 in HR, BW and R/3 Environments.
• Scheduled and Monitored Back Ground jobs Using SM37 Transaction.
• Worked with security related tables such as AGR TCODES, AGR USERS, AGR AGRS, USR02,AGR 1251 etc
• Defined Security Project Plan using MS Project by ASAP phases
• Defined security team daily activities/tasks
• Trained client resources on Security best practices
• Lead security requirements meeting with functional and technical teams
• Lead and defined all Security testing phases Unit, Integration, and User Acceptance across all applicable systems
• Defined Cut-Over/Go-Live and Post Go-Live tasks and processes
• Used RSECADMIN in BI for Creating, Maintaining and assigning of Analysis authorizations.
• Worked with Reporting Users, Power Users and Administration Users in Identifying And Resolving Authorization Issues in BI System.
• Created Queries and restricting access through Variable filled Authorizations in BI.
• Worked on SAP BI 7.0 Portal and Enterprise Portal user management.
• Created SECATT Scripts for mass upload of Users and Roles.
• Implemented and worked with SSO Single Sign-On on all the systems in landscape.
• Provided complete documentation for all areas of Security role design, GRC, IDM configuration etc
• Created Structural authorization profiles for client organizational structures and assigned to users.
• Created SECATT Scripts for mass upload of Users and Roles.
• Implemented and worked with SSO Single Sign-On on all the systems in landscape.
• Developed Single, Master Derived Roles and tested them in Various Clients and systems in the Landscape.

Confidential

Sr. SAP GRC AC Lead.

Environment: SAP NetWeaver 2004s, SAP GRC AC 5.3 SP10 CUP, RAR, SPM and ERM , SAP ECC 6.0, BI 7.1, XI, Solution Manager, SAP EP, SRM - EBP, APO, Google mail, Quality Center, Sun One LDAP .

Project Name : SAP GRC PHOENIX Project

• Project Goal : This goal of this project is to implement the SAP GRC Access Control suite
• v5.3 SP10 software solution from SAP GRC. This suite includes the following latest packaged applications from SAP GRC: Compliant User Provisioning aka Access Enforcer , Risk Analysis and Remediation aka Compliance Calibrator , and Superuser Privilege Management aka Firefighter .
• Completion of this goal will effectively replace:
• The current Virsa Compliance Calibrator XT CCXT solution currently being used to provide SoD analysis / reporting and to provision / manage SAP user accounts
• The current eSAARF for SAP solution currently being used to approve and store GMP-related user access requests
• Project Scope :The following are the major activities involved in this project as a scope.
• Design, develop and implementation of workflows for auto provisioning for SAP Backend Systems.
• Design, develop and implementation of workflows for auto provisioning for SAP EP system.
• Design, develop and implementation of workflows for auto provisioning for LDAP system Sun One .
• Design, develop and implementation of workflows for auto assignment of Firefighter IDs.
• Design, develop and implementation of workflows for automation of SOD Remediation.
• Design, develop and implementation of workflows for automation of Mitigations.
• Design, develop and implementation of workflows for automation of Risks Maintenance.
• Design, develop and implementation of workflows for Role Reaffirmation UAR .
• Design, develop and implementation of workflows for SOD Reaffirmation SOD Review
• Design, develop and implementation of workflows for auto de-provisioning for SAP, EP, LDAP, FF.
• Prepare the training materials for End Users and Approvers Manager, Role Owner, AMT, SEC etc.,
• Train the End Users and Approvers Manager, Role Owner, AMT, SEC and Basis Admins.
• Prepare, update and get the approval of all the documents i.e. URS, TS, Configuration document etc
• The following are the detailed high level technical tasks implemented:

Compliant User Provisioning:

• Perform and Completion of Post Installation Tasks on CUP.
• Configuration of Compliant User Provisioning as per the GENE's requirements.
• Design, develop and Create/Maintenance of Initiators 9 Initiators .
• Mapping Role and Action of Role attributes for Initiators.
• Design, develop and Create/Maintenance of Stages 10 Stages .
• Design, develop and Create/Maintenance of WF Paths 9 WF Paths ..
• Design, develop and create/maintenance of all non-workflow configurations.
• Scheduling Background Jobs for Email Dispatcher, Email Reminder, Escalation, Stale Requests and Role Reaffirmation.
• Integration of CUP to RAR.
• Risk Analysis and Remediation:
• Perform and Completion of Post Installation tasks on RAR.
• Design, develop and implementation of RAR configuration.
• Design, develop and Activation of Rule Set.
• Scheduling Background Jobs for Synchronization and Risk Analysis.
• Real Time Risk assessment.
• Simulation and Remediation.
• Create/Maintenance and documentation of Mitigation Controls.
• Maintenance or summary of all Risk Analysis and Remediation reports.
• Integration of RAR with CUP
• Super User Privilege Management:
• Perform and Completion of Post Installation tasks on SPM.
• Design, develop and create/maintenance of SPM Configuration for all satellite backend systems and Front End.
• Scheduling Background Job for Logs.
• Design, develop and implementation of Reason Codes.
• Providing/working on Log reports to support Auditing regarding Superuser Access.
• Integration of SPM with CUP

Confidential

Sr. SAP Security and GRC AC Administrator

Environment: SAP NetWeaver 2004s, SAP GRC AC 5.3 SP7 CUP, RAR, SPM and ERM , SAP ECC 6.0, GTS, CRM, BI, XI, SCM, EP, SRM, SCM, IBM Lotus Notes, ARS Remedy.

Responsibilities:

• Projects involved:Business Transformation BT Project involved the SAP Security,SAP GRC 5.2 Implementation, SAP GRC 5.3 Upgrade and SAP GRC 5.3 Consolidation and Integration,
• Design, Develop, Testing and Implementation of SAP GRC Access Controls capabilities of version 5.2
• Upgrade the SAP GRC Access Controls capabilities from Version 5.2 to 5.3
• Involved for Post Go live support for SAP GRC Access Controls for versions 5.2 and 5.3
• Design, develop and implemented the redesign user provisioning process and modeled to meet the more critical Global Composite roles real time risk analysis
• Prepared the Training Materials for End Users, Approvers Role Owners, User Managers and SoD Administration for the project GRC 5.2 Implementation and trained the users.
• Updated the Training Materials for End Users, Approvers Role Owners, User Managers, SoD Administrator, Security Administrator and FFID Owners and trained the users for the Project of SAP GRC 5.3 upgrade.

The following are the detailed high level technical tasks implemented as part of GRC:

Compliant User Provisioning:

• Completion of Post Installation Tasks.
• Configuration of Compliant User Provisioning as per the AMAT's requirements.
• Create/Maintenance of Initiators.
• Mapping Functional Areas to Initiators.
• Create/Maintenance of Automate Provisioning workflow stages.
• Create/Maintenance of Automate Provisioning workflow Paths.
• Steamline Approvals through CUP Automate Provisioning
• Identifying real time SODs through Automate provisioning.
• Complete configuration of Compliant User Provisioning.
• Scheduling Background Jobs for Email Dispatcher, Email Reminder, Escalation and etc.,
• Integration of CUP to RAR, ERM and SPM
• Risk Analysis and Remediation:
• Post Installation tasks on Risk Analysis and Remediation.
• Complete configuration of Risk Analysis and Remediation.
• Scheduling Background Jobs for Synchronization and Risk Analysis.
• Identification of critical access and SODs.
• Real Time Risk assessment.
• Simulation and Remediation.
• Create/Maintenance and documentation of Mitigation Controls.
• Maintenance or summary of all Risk Analysis and Remediation reports.
• Integration of RAR with EAR and CUP
• Super User Privilege Management:
• Post Installation tasks on Superuser Privilege Management.
• Complete configuration of Superuser Privilege Management.
• Scheduling Background Job for Logs.
• Provide/Maintenance of Superuser Access through Firefighter.
• Create/Maintenance of Reason Codes.
• Providing/working on Log reports to support Auditing regarding Superuser Access.
• Integration of SPM with CUP
• Enterprise Role Management:
• Post Installation tasks on Enterprise Role Management.
• Complete configuration of Enterprise Role Management.
• Complete Automation of create and maintenance of SAP Roles.
• Create/maintenance of Role creation Methodology.
• Maintenance of Mitigations for Risks before approvals of roles.
• Perform Automate risk analysis for roles at all levels.
• Define, design, create and implementation of SAP Roles through Role Expert Automate process.
• Generation of Reports for Management and Auditors.
• Integration of ERM with RAR and CUP

Confidential

Sr. SAP Security and GRC Admin

Environment: SAP ECC 6.0, SAP BI, SRM, SAPSEM, APO, ESS, SAP HR, EP CUA, HPUX 9000/800, ORACLE 10.2.0, CUA, Profile Generator PFCG , ECATT, HP Quality Center, MS Excel, ARS Remedy

Responsibilities:

• Working in collaboration with application managers to clean up the security Roles to eliminate segregation of duties conflicts
• Involved in complete SAPGRC 5.2 implementation project:
• Involved in working of the following CC 5.2 related activities:
• Post Installation tasks.
• Configuration of Compliance Calibrator.
• Configure/Maintenance of Rule Architecture in CC.
• Create/Maintenance of Mitigation table in CC.
• Configure and Maintenance of Alerts in CC.
• Able to run/maintenance of all types of reports in CC.
• Involved in working of the following FF 5.2 related activities:
• Post Installation Tasks.
• Configuration of Firefighter
• Creation of FF IDs and assigned additional emergency access.
• Create/Maintenance of Owners, Firefighters, Controllers, Security,
• Reason Code etc., tables of FF.
• Involved in working of the following RE 5.2 related activities:
• Post Installation Tasks.
• Configuration of Role Expert.
• Create/Maintenance of Roles using Role Expert.
• Running the Risk Analysis reports of the roles.
• Profiles generation using the role expert.
• Involved in working of the following AE 5.2 related activities:
• Post Installation Tasks.
• Scheduling the Background Jobs.
• Configure of Access Enforcer.
• Create/maintenance of Requests in Access Enforcer.
• Run/maintenance of various Access enforcer reports.
• Worked with Internal and External auditing teams to provide and maintain the security/auditing report for SOX.
• Security Roles analysis and Creation/modify using Profile Generator PFCG
• Design, Develop, Implementation of New Analysis Authorization Concept for BI Tool.
• Design, Develop and implementation of SAP HR Structural authorizations.
• Implemented Enterprise Portal Security for SAPECC Components as well as for BI Tool.
• Enable/Disable of Analysis authorization concept in BI component.
• Create/Modify User IDs in Enterprise Portals and connect to the Backend SAP Systems.
• Design, Develop, Test and Implementation of Transactional iViews.
• Design, Develop, Test and Implementation of Enterprise Portal Roles.
• Assignment of Roles to Users in Enterprise Portal Applications.
• Had huge working and support knowledge for Enterprise Portal security
• Wide experience in New Analysis authorization concept.
• Creating BI Analysis authorization objects using RSECADMIN transaction
• Securing BI queries over Data level Company Code, Purch. Org, Cost Centre, ProfitCenter .
• Create and Maintenance of Authorization variables for Data level security for BI Tool.
• Configuration of Central User administration
• Production support security by handling call tickets and Change Request CR forms in Remedy system
• Assigning security roles to users using Master End User List MEUL
• Assist with user training and user acceptance testing when necessary
• Integration testing support in QA systems
• Security implementation as per the policies and procedures laid out for the customer.
• Understanding segregation of duty concerns with respect to application security implementations.
• Monthly reporting of production user accts that is done on a monthly, quarterly basis and Yearly Basis.

Confidential

SAP Security and GRC Lead

Environment: SAPECC 5.0, SAP HR,SAPSEM, SAP SRM, SAPAPO, SAP BI 7.03, CUA, Windows NT, MSSQL 8.0, SAP Workplace 4.6D, CUA, Profile Generator PFCG , GRC CC, FF, RE, AE Windows2003, CATT, MS Access, MS Excel, ARS Remedy

Responsibilities:

• Working in collaboration with application managers to clean up the security Roles to eliminate segregation of duties conflicts
• Security roles analysis and modification/creation using Profile Generator PFCG
• Configuration/maintenance of Compliance Calibrator 4.0
• Generate/explain/PMO for the SODs reports using CC 4.0
• Assist/Reports weekly/Monthly/Quarterly SODs reports and support for both Internal and External Auditing.
• Management of VIS Reports.
• Creating Administration authorizations for HR Master Data in his or her area of responsibility.
• Setting Up Administrator's authorization to chek his/her own data.
• Info object level BI security implementation
• Creating BI Analysis authorizations using RSECADMIN tool
• Create and Maintain authorization Variables to secure the Org. levels
• Securing BI queries over Info Cubes, ODS objects
• Central User administration from workplace
• Production support security by handling call tickets and Change Request CR forms in Remedy system
• Assigning security roles to users using Master End User List MEUL
• Validating the roles in VRAT tool for segregation of duties conflicts
• Install and Configuration of VIRSA CC 4.0
• Auditing SAP systems for proper internal controls
• Integration testing support in QA systems
• Security implementation as per the policies and procedures laid out for the customer

Confidential

SAP Security and GRC Admin.

Environment:SAP R3 4.7, SAP BW 3.5, SAP VIRSA Components, CUA, SunOS, Oracle 9.2, Profile Generator PFCG , Windows2K, CATT, MS Access, MS Excel.

Responsibilities:

• Working closely with the SAP Business Design specialists vis IT Process Owners, Role and Job Owners to help them understand what SAP authorization objects are causing the conflicts and what options exist for mitigating the conflict and implementing the suitable remediation process transparent to the users.
• Major involvement in SOX to support Internal auditors as well as External Auditors.
• Implementing the SIR requests by opening the Data Center Requests Service Requests documenting how the remediation process is being implemented by addressing Role/Job modifications vis. Roles being removed/added in Jobs Jobs remediation , Role modifications transaction codes removed/added, authorizations changes, addition of manual authorization objects new roles being created including the removed transaction codes from the modified roles and user reassignment due to these role/ job modifications.
• Building new Roles using customized CATT scripts for its various versions of Roles/Jobs in SAPR/3, SAP BW
• Distributed and managed user administration using SAP CUA.
• Developed SAPSecurity Roles, Profiles, Authorization objects using profile generator, user administration production support
• Developing Security Roles in SAPR/3, BW systems for Finance application restricting them to company codes and product Hierarchies Using Profile Generator PFCG .
• Involved in working of the following CC ABAP tool related activities:
• Configuration of Compliance Calibrator.
• Configure/Maintenance of Rule Architecture in CC.
• Create/Maintenance of Mitigation table in CC.
• Configure and Maintenance of Alerts in CC.
• Able to run/maintenance of all types of reports in CC.
• Involved in working of the following FF ABAP tool related activities:
• Configuration of Firefighter
• Creation of FF IDs and assigned additional emergency access.
• Create/Maintenance of Owners, Firefighters, Controllers, Security,
• Reason Code etc., tables of FF.
• Involved in working of the following RE ABAP tool related activities:
• Configuration of Role Expert.
• Define/Create/Maintenance of Roles using Role Expert.
• Running the Risk Analysis reports of the roles.
• Profiles generation using the role expert.
• Involved in working of the following AE .NET related activities:
• Configure of Access Enforcer.
• Create/maintenance of Requests in Access Enforcer.
• Run/maintenance of various Access enforcer reports.
• Involved in SOX related activities to support internal and external auditing.
• Single roles, profiles and authorization objects using profile generator are created for requirements related to Company code, Reporting, KPI measurement types multi cubes selecting workflow tasks
• Hierarchy roles were created for requirements related to market id, organization units and profit centers
• Creation of composite activity groups for Job roles
• Analyze the functional roles and job roles built in SAPR/3 and BW systems for Management Accounting and Closing and Consolidation and Data Management components in Finance and Controlling application.
• Coordinating with application managers for Security design changes
• Transporting the Security job and functional roles to test systems and assigning to test users and resolving the authorization issues
• Creating/deleting/locking/unlocking users as per the policies and procedures lay out by the IT internal controls approval procedures. Assigning Roles/Positions to the users or PD objects and attending and resolving their authorizations issues.

Confidential

SAP Security administrator

Environment:SAP 4.6C, BW 3.0, HPUX 11A, Profile Generator PFCG , Windows 2K, Oracle 8.0.6.

Responsibilities:

• Assisting the functional/application managers in finding out the transaction codes to be included in activity groups for the intended job roles
• Worked with Internal and External auditing team to support for SOX.
• Building the activity groups AGs using these transaction codes and implementing these activity groups for the client organizational levels creating derived activity groups and authorization profiles for the various plants located at different geographical locations in Development system using Profile Generator PFCG
• Transporting these activity groups and derived activity groups to Quality Assurance System QAS and initiating the testing process of these AGs by assigning the intended Roles to test users and monitoring and trouble shooting the authorization failures during testing
• After ensuring the intended functionality of these AGs, transporting these objects to Production system PRD and assigning to users during implementation
• Constructed 16 AGs in Production Planning PP , 41 in Sales distribution SD , 15 in Plant Maintenance PM and associated derived activity groups 39 in PP, 115 in SD, 30 in PM to implement the new Security for 150 Users.

Confidential

SAP R/3 Security Administrator

Environment:SAP 4.5, SAP HR, BW 2.0B, SQL Server, Windows 2K

Responsibilities:

• Interact with SAP Basis Administrators, Business Analysts regarding authorizations and job roles
• Interacts with Internal audit to resolve Security issues
• Creation of user master records, authorization profiles, authorizations, and activity groups, assigning R/3 users to these activity groups, Profile Generator: Selecting Views/Types in activity group maintenance, Creating and changing the Hierarchy, Inserting transactions, internet and document links, reports, copying and deriving activity groups, selecting workflow tasks, maintaining and generating the authorization profiles, regenerating authorization profiles after making changes, merging authorizations, assigning IMG projects or project views to activity groups, Transporting activity groups, check indicators and field values, authorization templates, user master records between clients and between R/3 systems
• Transferring users from an IMG Project to an activity group, updating profiles in the user master records, profile comparisons using mass compare PFUD , report PFCG TIME DEPENDENCY to schedule time dependency, creating organizational plan
• Setting up the ALE Environment for Central User Administration: setting up an ALE user, naming logical systems, assigning logical systems to clients, defining target system for RFC calls, generating partner profiles in the central and client systems, distributing and assigning the Central User Administration distribution model, Migrating existing users to the central system, defining field attributes for user maintenance, Modelling with the global user manager, distributing data in the global user manager
• Working on SAPSecurity and audit logging tools SM20, SM19, SECR , setting Security audit log parameters, defining filter groups, complete and user defined auditing, logging changes to user master records, profiles, and authorizations
• Troubleshooting: Tracing authorizations with transaction SU53, system trace ST01, Enabling/Disabling system wide checks, Enabling auth/tcodes not checked, auth/rfc authority check, Deactivating authorization checks using SU24, maintaining check indicators for transaction codes, authorizations in the activity groups
• Checking system profile parameters: Incorrect logons, default start menu, setting password length and expiration, specifying impermissible passwords, securing SAP against misuse, tracing authorizations, profile generator and transaction SU24, user buffer, RFC authority check etc.

Confidential

System administrator

Environment:Solaris 7, Windows NT, Oracle 7.3.4.

Responsibilities:

• Installing Operating system and applying patches
• Maintenance of all diskless clients, servers and workstations
• Monitoring file systems
• Backup and restore of files and file systems
• Managing printers and backup scheduling
• Managing user accounts and administering file systems