SUMMARY

• 8+ Years of extensive experience as an SAP ERP consultant.
• Certified in SAP GRC 10.0
• Familiar with - Project Preparation, Business Blueprint, Realization, Final Preparation, Go-Live and then into ongoing Production Support
• Certified in SAP GRC 10.0
• Experience in Creation of Master role, Composite roles, Derive roles, Enabler roles for various Streams\Modules such as PTP, OTC, FIN, HR, Solution Manager, Portal, Charm.
• Experience in maintaining security on SAP R/3 releases ECC 5.0, and ECC6.0
• Experience in providing 24/7 production support
• Experience with SAP GRC 10.0 Access Control tools ARA (Access Risk Analysis), EAM (Emergency Access Management) and GRC 5.3 RAR (Risk Analysis & Remediation).
• Experienced in user administration and role assignment in CUA (Central User Administration), using SU01.
• Experience in Implementation, Upgrade, Production Support, Transformation and Security Role Re-Design in SAP Security Administration
• Worked on 2 Technical Upgrade projects out of which both projects handled alone. R/3 release 4.6C • ECC 6.0, ECC 5.0 • ECC 6.0.
• Designed various types of roles (Master Role, Derived Role, Composite Role and Single Role designing) using Profile Generator (PFCG); while ensuring SAP best practices are followed.
• Worked with the functional and development teams for role development and strategy.
• Good exposure on security tables such as TACT, TACTZ, AGR* and USR*.
• Good Understanding of Tables, TDDAT.
• Extensive skills in SAP ECC Security troubleshooting (SU53, SUIM and ST01/STAUTHTRACE).
• Thorough experience in the maintenance of authorization objects with t-code SU24.
• User Lock and Password maintenance create and assign new user groups using SU01 .
• Experience maintaining illegal password using table USR40.
• Hands on Experience with LSMW and SAP MACRO script for mass activities such as Role assignment, user creation, and Password reset.
• Experience in using SQVI transition, which allow you to combine SAP Tables.
• Used Service now (Mytech) for Incident management, Creating changes, defect tracking and resolution.
• Well versed in testing and deployment to production and Post Go-Live Support.
• Good working relationship with functional and technical teams.
• Excellent problem solving and analytical skills.
• Very good exposure to give the Custom T-code access to users

PROFESSIONAL EXPERIENCE:

Confidential, Los Angeles, CA

SAP

Responsibilities:

• Assigned Fire Fighter controller to Fire fighter ID
• Analyze root cause of authorization problems and fix the missing authorizations, user support, resolve end user problems on day - to-day basis.
• Created Enabler-roles or value based roles using SAP organizational unit like Confidential code, plant, profit centers etc based on the business blueprint security requirements.
• Worked on User Administration activities such as creation of User ID (SU01), Mass User Creation ( SU10) , and creation of support User IDs with excess authorizations & assign to
• Technical Support Users as per approvals.
• Working on helpdesk tickets (BMC Remedy User) for authorization issues and user ID creation requests.
• Extensively worked on missing Authorizations issues using SU53 report from the user. Monitoring and Providing Table security with Critical authorization objects S
• Worked closely with the Technical Lead to create and maintain security roles, discuss status Reports, policies related to the SAP R/3 system, project timeliness and deliverables.
• Resolved the issues by giving required authorizations in different modules by monitoring all the issues.
• Troubleshooting user roles, tracing the users security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas.
• Created segregation of duties and single critical transaction policies for IT security
• Identify Segregation of Duty conflicts and propose recommendations that lead to implementation of mitigating controls and elimination of risks
• Identify Segregation of Duty conflicts and propose recommendations that lead to implementation of mitigating controls and elimination of risks
• Provide super user emergency access (Firefighter access) in production system to IT consultants

Confidential, Pleasanton, CA.

SAP Security Lead

Responsibilities:

• Participated in weekly steering committee meeting explaining about security change order logged for the week
• Provide daily SAP Security Support as required by business and for end users and project team members
• Involved in designing security policies and production support of SAP R/3
• Leading production support on day-day basis in ITSM and HPQC ticketing system.
• Created UAT and helped users in testing all new and modified roles.
• Upgraded SAP Application from 4.7 EE to ECC 6.0 by Comparing USOBX C and USOBT C Tables and also updated application by using SU25 T-Code
• Created over 600 job roles through PFCG in SD, FI, MM, WM, PP
• Extraction and loading of data from Sales Stats (0UC SALES STATS 02) and Mass Activity.
• Worked closely with functional team leads to develop templates for R2TM (Role to Transaction Mapping) as well Master/ Single/ Derived/ Composite role design for FI/CO, SD, WM, MM, HR, PS modules, during initial project prep/blueprint/unit testing phases, and go live of ECC end user security roles.
• Work with Functional specialists to help them understand what SAP authorization objects are causing conflicts and what all options exist for mitigating the conflicts.
• Prepared BRD documents and followed SDLC methodologies.
• Worked on critical authorization objects like S TABU DIS, S DEVELOP, S RZL ADM, S ADMI FCD and S TRANSPORT.
• Performed reconciliation of user master record and roles using PFUD and SUPC.
• Changing the Org values based on requirements of business and role owners.
• Analyze Root Cause of Authorization Problems and fix the missing authorizations, and resolve end user problems on day-to-day basis using SU53 and ST01
• Used SAP tables to collect information needed for authorization ticket analysis and for security designing (,E70, E71,USR*, AGR* tables)
• Creating and approving Change Requests in CHARM/Solution Manger
• Conducted mass transport/ release of roles as well as transporting from client to another client within the same system using transaction code PFCG, SE10, and SCC1.
• Transported change requests across Dev, QA and Production systems
• Creation of Users, resetting passwords, locking/unlocking users, Assigning/removing roles from users, copying users and deleting of users & registering Users with SAP.
• Performed mass activities using SAP Macro / LSMW - (user creation, password reset, role assignment, etc)
• Ran the risk analysis on Role Level & User level.
• Created & assigned the FF roles for UAT cutover task with the approval of their team leads.
• Analyze & check for any Segregation of duties (SODs)
• Created rules books and General rules which comprised of security and segregation of duties violations.
• Generated compliance reports to identify SOD violations and critical authorizations and created controls to mitigate or resolved risks.
• Worked with business analysts and clean up the security roles to eliminate segregation of duties (SoD) conflicts using GRC Risk Analysis and Remediation tool

Confidential, San Francisco, Ca.

SAP Security Consultant

Responsibilities:

• Participated in on-call support on a weekly rotation within the team
• Provided excellent communication and customer service to the business and end users
• Found new authorization objects which comes while upgrading and updated roles as per required by Business.
• Updated custom Roles which impacted by upgrade
• Impact analysis done before update and perform post upgrade steps.
• Performed user provisioning, role maintenance, role administration, and security reports/analysis
• Worked closely with role owners and role approvers to analyze and determine the most appropriate and efficient way to deliver authorizations to end-users.
• Used SUIM reports and SE16 security tables daily for role/user information/analysis
• Very good exposure on Authorizations and Authorization concept.
• Upload and download roles and copy role
• Generating the mass profiles for roles using SUPC.
• Created roles through PFCG in PP, MM, WM, PP and transporting them to QA for testing and then to production.
• Performed Mass comparison of roles via PFUD
• Trouble shooting - Identifying the missing authorizations using SU53, ST01 trace and maintaining them in suitable role.
• Analyzed and troubleshoot security issues using SU53, ST01 and SUIM
• Secured table access by using the authorization object S TABU NAM.
• Combined two and more tables using SQVI
• Worked with security related tables such as AGR TCODES, AGR USERS and AGR DEFINE etc.
• Transported roles using PFCG, Release through SE10.
• Transported roles using PFCG QA for testing and then to production.
• Performed user master maintenance such as creating users, assigning roles, deleting users, copying users, resetting passwords, lock/unlock user id’s using t-code SU01 .
• Used SU01 to create all types of users for various purposes.
• Creating the user groups and maintain user as per the module.
• Used SU10 to implement mass user changes.
• Maintain OSS user Id, providing developer Keys, object access keys, and maintain service connections in SAP service market place.
• GRC 10.0
• Performed Role simulations within GRC access management for any role changes to analyze risks/impact involved, and any SOD violations created; communicating all risks to role owners.
• Report if any risks will be introduced by simulating the addition of transactions, Roles by using GRC 10.0 (Risk analysis and Remediation)