- 11+ Years of extensive experience as an ERP consultant
- Exceptional communication & interpersonal skills
- Experience with R/3 releases versions:
- ECC5.0 & ECC6.0 various modules like MM, PP, SD, FI, CO, familiarity of BI, BOBJ, BPC and CRM
- Skilled in using CUA, HANA Studio (User Mgmt.), Oracle IDM (User provisioning)
- Expert user administration through the use of SU01, SU10
- Expert in role development using profile generator (PFCG)
- Extensive experience with best practices using SU24
- Experienced and strong with Security audits, SOX Section 404 compliance
- Assisted in running reports in of SAP GRC Component Compliance Calibrator
- Worked closely with functional consultants for evaluation of requirements and defining, developing and testing the roles.
- mySAP ERP ECC 6.0
- ECC 5.0
- SAP R/3 4.7, 4.6C, 4.6A/B, 4.0B
- SAP Netweaver 2004s
- SAP Enterprise Portal 7.0, 6.0, 5.0
- BI 7.0
- HANA Studio
- Solution Manager
- Virsa Compliance Calibrator
- Approva BizRights. GRC 10.1.
SAP Security/ GRC Analyst
- Designing, building, and supporting SAP roles and user administration
- Collaborate with business process owners and other project teams to configure and manage SAP profiles and roles to meet the business needs
- Align SAP security profile authorizations with Sarbanes/Oxley controls to ensure compliance with Segregation of Duties (SOD) while providing the minimum access required meeting business needs
- Manage user administration utilizing SU01 and SU10 (mass changes) in creating, copying, deleting, locking, unlocking users and provisioning roles.
- Utilize SE16 and SUIM to retrieve various data.
- Utilize SU24 to enable / disable security checks.
- Generate transports for security to move profiles and roles to the proper clients
- User creation and assignment of roles
- Analyzing SU53/ST01 reports
SAP Security/GRC Analyst
Confidential, Phoenix, AZ
- Managing business profiles through GRC by running simulations and analyzing open risks.
- Granting FireFighter access by ensuring ‘owner/control’ are assigned to a FF ID.
- Ensured all SOD violations are resolved through either: mitigation, remediation or identifying a false positive.
- Extensively using RAR tool to ensure end - users’ access not violating SODs.
- Troubleshooting Role-based authorizations by using SU53/ST01 in a timely manner.
- Creating and managing profiles in PFCG and supporting UAT testing.
- Extensively using SCC1 to ‘copy client’ profiles to support test modifications.
- Used STMS to transport profiles from DEV to QUA system for testing purposes.
- Assisting with password resets and account lock/unlock.
- Providing SAP developer/object keys access through SAP Marketplace.
- Granting analytic privileges to end-users in SAP HANA studio.
- Utilizing RS2HANA GEN to expose objects in Native HANA.
- Used stored procedure for the assignment of repository privileges in HANA studio.
- Used SM59 and SPRO to create RFC plug-ins with GRC backend system.
SAP Security Analyst/ Project lead
Confidential, Moline, IL
- Extensively used ARA to simulate and analyzed open risks.
- Ensured all SOD violations were resolved through either: mitigation, remediation or identifying a false positive.
- Assisted GRC team with the create/adjust rule set to meet the needs of the business.
- Utilized Mitigation tab to update existing mitigating controls and create new mitigating.
- Supported daily-production issues and ensure that the tickets are under SLA
- Managed all authorizations escalations and provided tier 3 support to WIPRO off-shore team
- Extensively used SUIM to process reports for the business
- Utilized SU01 to reset passwords, assign roles, and create/maintain/copy users
- Used PFCG to create single, composite, master and derived roles
- Troubleshot backend role failures using ST01
- Developed FSCM (Financial Supply Chain Management) roles for all the units and assisted in the entire implementation cycle
- Led all Security tasks in the migration project from 4.6C to 6.0.
- Blueprint, architecture, development, integration testing, UAT, and Go-live
- Ran LSMW for the mass profiles and password assignments to the end-users
- Monitored iDocs via SCUL
- Assigned backed profiles for HR users in SAP and grouped the users for ESS and MSS access.
- Created analysis authorizations through the use of RSECADMIN
- Assigned previously created authorizations to roles through S RS AUTH
- Modified roles in BW through PFCG (S RS COMP)
- Traced failing authorizations for BI users through RSECADMIN
- Created mass end-users and added to ‘Groups’ in UME/SAP IDM portal.
- Assigned privileges to the roles and granted the roles to the users
- Restricted the access on the role and object levels.
- Activated/Deactivated users
- Managed the users by locking/unlocking the access, reset passwords
- Direct access to individual users to SAP HANA database.
SAP Security Administrator
Confidential, King of Prussia, PA
- Providing production support on day-day basis in ITSM and HPQC ticketing system.
- Responsible for creating transport through PFCG and SE10.
- Performing SOD checks for all PRD users with Approva BizRights tool.
- Converting characteristics Info. Object to Auth. Relevant in BI 7.0 using RSD1.
- Assigning the Analysis Authorizations access to users using the authorization object S RS AUTH.
- Performing User master maintenance such as creating new users, assigning roles, deleting users, renaming users, resetting password, Lock/unlock User ID using transaction code SU01
SAP Security Analyst
Confidential, Franklin Lakes, NJ
- Running eCATT scripts to assign roles to new /existing users.
- Creating SAP roles in the development, test, and training environments using Profile Generator (PFCG).
- Responsible for creating user IDs based on a standard naming convention, setting up of new users,
- Modified user accounts, resetting passwords, locking and unlocking user IDs.
- Performed SOD checks for all PRD users with Compliance Calibrator 4.0/5.3 toolset (RAR).
- Responsible for War Room support, issue remediation during Cutover simulation with critical resolution times
- Promoted best practice, leveraging domestic implementation, documentation and procedures
- Worked with development and business users to identify authorization requirements. Designed and created authorization roles and created custom authorization objects/groups.
- Use of Active Directory (AD) to add userids-to-groups,
- Coordinated build and cleanup of test userids prior to rollout,
- Pre-implementation Production Support for Early Access userids.
- Supported Go-Live phase from May 5th-May 25th. Systems used are: BI, CRM, ECC, EWM, GTS, PI, SRM, SCM, and Solution Manager.
SAP Security Administrator
- Involved in initial design/development/testing phases, testing, and go live of ECC end user security roles
- Developed templates for requirements gathering and worked with functional teams on master/single role(s) design. Templates: R2TM (Role to transaction mapping) sheet, Authorization Input sheet.
- Conducted workshops to drive Master/Single role/Derived/Composite role(s) design.
- Supported unit testing, integration test cycle and coordinated defect resolution.
- Effectively analyzed trace files and tracked missing authorizations for user’s access problems.
- Used SAP GRC Access Control v5.3 Risk Analysis and Remediation tool to define SOD violations
- Analyzed all customer programs and transaction codes for authority checks.
- Recommended and implemented values for profile parameters for controlling Password rules, logon rules, established monitoring process for inactive user's unsuccessful logons.
- Communicated with Business Process owners to obtain approvals for Security changes.
- Worked on SAP Check indicator Defaults and field values, reduced the scope of authorization checks using transaction SU24 and maintained check indicators for transaction codes.
- Maintained and formulated the procedures for the Role Repository database.
- Followed the established standards and naming conventions as dictated for the Clients security schema.
- Analyzed Root Cause of Authorization Problems and fix the missing authorizations.
- Worked with CUA (SCUL and SCUM), and standards which makes more flexible to work with large number of users to update their roles and profiles across the landscape.
- Developed use cases (for example, descriptions of the user's interaction with the system), customer scenarios, and/or prototypes (for example, demos) and be heavily involved in testing and troubleshooting the application.
SAP Security Analyst
Confidential, Sunnyvale, CA
- Worked with Profile Generator ( PFCG ) in creating roles, profiles, composite roles, and derived roles.
- Responsible for day-to-day transport support for moving Roles from one client to another client within the same system using transaction code PFCG, SE10, and SCC1.
- Developed derived roles for FI by converting certain fields to organizational level fields.
- Used SeCATT script for mass generation of roles and user assignments.
- Assisted users with access problems and questions using SUIM , ST01 , and SU53.
- Performed reconciliation of user master record and roles using PFUD and SUPC.
- Worked with respective functional heads for SOD tools & security changes based on SOX violations at T-code level & object level.
- Created over 700 job roles in SD, FI, MM, WM, PP and transporting them to QA and Production.
- Ran system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
- Analyzed users and roles through GRC v5.3 RAR tool by running SOD reports in Transaction and Authorization level.
- Supported BI S RS Auth info. objects in PFCG.
- Secured SAP* user by changing the parameter in RZ11.
SAP Security Administrator
Confidential, Tualatin, OR
- Created users, maintained User Master Data, established security policies and Procedures.
- Managed security operations on SAP clients (SAP R/3, and CRM).
- Ran reports in Virsa Compliance Calibrator from different functional areas to ensure all roles were compliant.
- Supported Internal security audits in the production system every month.
- Created Firefighter User, designed and assigned Firefighter roles, Firefighter logs activities, Critical operation Alerts and etc.
- Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24) for authorization objects.
- Created & managed the scheduling of batch jobs working with T-Codes SU53 and SUIM for giving user access.