SUMMARY:

• 8+ years of SAP experience including SAP Security Implementation, User Provisioning, Role Management, GRC, Risk Remediation and Management, IDM, and Basis support.
• Experience in multiple full life cycle implementations, Re - Design and production support in mySAP ERP ECC 6.0, 5.0, SAP R/3 4.7, 4.6C, Net weaver (ABAP and Java Stack) lifecycles from Design phase to Post-implementation phase on different projects.
• Sound experience in SAP ECC, CRM, SRM, BI, HR and Enterprise Portal Security and efficient in process improvements.
• Exemplary technical as well as interpersonal skills backed by proven ability to bridge the gap between business requirements and technical processes.
• Team Lead experience in managing projects and gathering requirements that add value to the clients. Excellent communication, problem solving, analytic, leadership and inter-personal skills.
• Train team members and business users on different areas of security.
• Comprehensive experience at maintaining, formulating Security Policies and Procedures, User maintenance(SU01, SU10), Role maintenance using Profile Generator (PFCG), Security Tcodes and Security strategy.
• Troubleshoot user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving the issue by giving required authorizations (SUIM, SU53, RSECADMIN, ST01 andST22) in different modules.
• Strong Experience and knowledge of Security procedures for User administration and Central User Administration (CUA).
• Experience at mass user creation and maintenance and using Computer Aided Test Tool (CATT) and LSMW scripts.
• Experience with Role Design and Modification as per SOX and SOD security requirements and compliancy.
• Experience with GRC Access Control(5.3, 10.0) - Risk Analysis and Remediation (Compliance Calibrator), Compliant User Provisioning (Access Enforcer), Super user Privilege Management (Fire Fighter), Enterprise Role Management (Role Expert).
• Expertise with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
• Worked on Upgrade projects from R/3 4.6C to ECC 6.0,BW 3.5 to BI 7.0 including upgrade & post upgrade steps, assessment of authorizations and redesign.
• Working with role owners to analyze and determine the most appropriate and efficient way to deliverauthorizations to end users.
• Producing ad hoc reports for Role Owners/ Audit, Monthly, Quarterly, Half-yearly, and Yearly.
• Worked on ticketing tools like Remedy, HP Service Center, JIRA .

TECHNICAL SKILLS:

SAP Versions: SAP 4.0x/4.6C/4.7, ECC5.0/6.0, Netweaver 7.0.

SAP Modules: SD, MM, PP, PM, PS, FICO, QM, HR/HCM, BW 3x/BI 7.3, XI/PI, EP7.0,CRM7.0, SRM7.0, SSO, LDAP, Solution Manager.

Databases: ORACLE 9i/10g/11g,My SQL, DB2, SQL server 2005, SQL server 2012.

Operating Systems: Windows NT/98/2000/XP/7.

Tools: GRC 5.2, GRC 5.3,GRC 10.0,RAR, CC, FF, Role Expert, IBM Tivoli Identity Management, Remedy, HP Quality Center and MS-OFFICE

Scripting: CATT, LSMW.

PROFESSIONAL EXPERIENCE:

Confidential,Milwaukee,WI

SAP Security Administrator

• Created roles and maintained authorizations using PFCG.
• User set ups in various systems and sandboxes using SU01 & SU10.
• Resolved end user issues based on SU53 reports.
• Performed data analysis in Excel sheets in order to sort out active user information and also several other scenarios like roles assigned to the users, sorting out single roles, composite roles and master roles.
• Process improvements in security and authorizations area.
• Worked on role re-organization process for the Business and Project users.
• Maintained authorization data for Single roles, derived roles and Master roles.
• Resolved Tickets raised by end users in Service Now which are related to SAP Security.
• Resolved issues regarding password resets, User unlocks and validity information in various systems using SU01.
• Performed analysis and documented changes done to Users, Roles, T-codes & authorization objects using SUIM.
• Worked on User license type activation in various systems.
• Implemented Solution Documentation in Solution manager system.
• Worked with ABAP team to develop Custom Auth. Object to restrict access to Status values for Documents in Solution manager and successfully implemented it.
• Implemented user level access restrictions for various user groups in Solution Manager Environment.
• Supported GRC team on their configuration.
• Developed roles to include /GRCPI/GRAC EAM T-code to access FF ID’s in upgraded version GRC once the configuration part is done.

Confidential,San Diego,CA

SAP Security/GRC Consultant

Environment: GRC 10.1, SAP ECC 6.0; CRM 7.0, BI 7.0, PI/XI 7.0, Portal 7.0, Netweaver 7.2, SOLMAN and Oracle 11i.

• Created roles and maintained authorizations using PFCG.
• Created Fire Fighter roles as a part of Emergency Access Management and also maintained Fire Fighter monitors and approvers using VIRSA/VFAT in GRC 5.3 and ZFFID in GRC 10.1
• User set ups in various systems and sandboxes using SU01 & SU10.
• Resolved end user issues based on SU53 reports.
• Performed yearly maintenance in every system like sorting out actual number of active users and locking out the Users, who no longer require SAP access in respective systems using the data accessed through different tables, using tcode SE16.
• Performed data analysis in Excel sheets in order to sort out active user information and also several other scenarios like roles assigned to the users, sorting out single roles, composite roles and master roles.
• Created Risk ids.
• Risk remediation and Risk Mitigation.
• Monitors JIRA for sourcing request.
• Process improvements in security and authorizations area.
• Worked on role re-organization process for the Business and Project users.
• Maintained authorization data for Single roles, derived roles and Master roles.
• Supported the GRC upgrade project from 5.3 to 10.1
• Helped in Configuring the Access control modules of GRC
• Back Ground Jobs are scheduled to synchronize the backend systems with GRC system.
• Risk analysis has been done for legacy roles and changes have been made according to the business so that they will meet organizational and SOD requirements.
• Uploaded roles, end user information, maintained Role owner information, System manager data with the help of Excel sheet analysis.
• Maintained Role ownership data in GRC environment.
• Participated in Regression testing for GRC 10.1 and also when new Service Packs are installed.
• Resolved Tickets raised by end users in Service Now which are related to SAP Security.
• Resolved issues regarding password resets, User unlocks and validity information in various systems using SU01.
• Performed analysis and documented changes done to Users, Roles, Tcodes& authorization objects using SUIM.

Confidential, Dearborn, MI

SAP Security/GRC Consultant

Environment: GRC 10.0, GRC 10.1,SAP ECC 6.0; CRM 7.0, BI 7.0, PI/XI 7.0, Portal 7.0, Netweaver 7.2, SOLMAN and Oracle 11i.

• Created functions, modified existing functions to include custom transactions, and generated rules.
• Created/ modified risks to include the custom functions.
• Development of mitigating controls, created workflow for mitigation assignment approval.
• Supported Emergency access management, created Firefighter monitors and approvers.
• Supported Access request management and implemented Access request workflow, mitigation assignment approval, role maintenance approval workflows.
• Resolving both End users and power user's authorization issues.
• Worked in all risk control processes including IT general controls, testing plans, testing execution in an integration testing environment and control remediation.
• Designed Firefighter roles, business roles, Background roles and error handling roles (support services) for business area SD, PP, PM, MM and CRM. Maintaining, Creating, Modifying existing roles (Single, Composite and Derived) for project team.
• Worked with Internal Audit team for Role level Remediation and User level Remediation.
• Jira Administration support and maintenance.
• Created Risk ids.
• Supported the GRC upgrade project from 10.0 to 10.1
• Risk remediation and Risk Mitigation.
• Extensive experience in designing and implementing mitigating controls.
• Support Basis team for user master export and import, lock mass user during systems maintenance.
• Process improvements in security and authorizations area.
• Worked on role re-organization process for the Business and Project users.
• Expertise in SAP Security and Authorizations which includes User Management, User Administration, Monitoring, User Tracing (ST01).
• Implemented access control on security related tables (AGR, USR and Custom Tables) and sensitive authorization objects (S TABU DIS, S PROGRAM,S TABU NAM etc.).
• Lead a team of 5 offshore folks and have experience in managing larger teams in on shore and offshore.

Confidential,Bethlehem, PA

SAP Basis Security Consultant

Environment: SAP ECC 6.0, Portal 7.0, BW 7.0, PI 7.0 and Oracle 10.

• Confidential is an unregulated subsidiary of Pepco Holdings, Inc which provides electricity services to New Jersey, Maryland, Delaware and Virginia. Confidential also provides natural gas service to northern Delaware.
• Maintenance of 4 system landscape like Sandbox, development, Testing and production system.
• Also responsible for supporting BW environment with 2 R/3 source systems, identifying performance problems with data loads.
• Responsible for maintaining the interfaces with Monthly updates from the vendors.
• Provided day-to-day support of the SAP applications for the users on already live systems and project members on current implementation projects.
• Performed printer administration and Spool Administration like display spool request, spool controller SPAD.
• Defining RFC communications between SAP R/3 system and other third party applications.
• Experience in checking performance using ST03, ST02, and ST04.
• Configured and maintained the startup, default, instance profile parameters.
• Monitored and applied kernel upgrades, performed OS patches and support packs SPAM and applying SAP notes.
• Process improvements in security and authorizations area.
• Worked on role re-organization process for the Business and Project users.
• Responsible for the Developing/Modifying roles (Single Roles, Composite Roles and derived roles) using the Profile Generator (PFCG).
• Perform Post Upgrade Security Activities like SU25 - Profile Generator Upgrade and First Installation.
• Troubleshoot security/authorization related problems using user information system (SUIM) and Display Authorization Data (SU53).
• Extensive knowledge on Maintaining Portals and also working on Security creating roles, groups and Portal Transports.

Confidential, Houston, TX

SAP ECC Security and Administrator

Environment: SAP ECC 6.0, Portal 7.0, BW 7.0, PI 7.0 and Oracle 10.

• As a global leader in the sleep and respiratory markets, Confidential is passionate about providing solutions that lead to healthier patients, practices, and businesses.
• Worked on Users & Security, including T-Codes like: SU01, PFCG, PFUD, SCAT, SCEM, ST01, SUIM,SUPC, SU24, SU53, and SU56.
• Developed authorization profiles for FI, CO, SD, MM in Development, Test and Production environments.
• Transported Profiles to Test environment and carried out Level-Zero testing.
• Administered Users, Authorization Data and Authorization Profiles.
• Trouble-shoot authorization problems using Repository Information System and tracing authorizations usingSU53, SU24 and ST01.
• Created and Maintained Users.
• Carried performance tuning in HR Structural Profiles.
• Providing support for work book access hierarchies and node level access, Comprehensive knowledgeexchange and documentation of security including Profile Generator, Day to day technical support andresolution of security issues.
• Maintenance of HR-Organizational structures, assignments (positions, roles).
• Modification of the User access based on the requirements based on SU53 transaction snapshot after seekingthe Managers approval.
• Creation and Maintenance of activity groups and custom authorization objects.
• Creating BW roles and restricting them in Queries, Infocube, Infoarea levels.
• Secured Info Area, Info Cube, Info Object, ODS, PSA, Query and Work Books by maintaining hierarchyauthorizations.
• Secured Reporting users by configuring roles and authorization objects.
• Activated the new info objects 0TCA* and 0TCT* and made them authorization relevant.
• Identified all the org level info objects and confirmed they are Authorization relevant.

Confidential,Portland,OR

SAP Basis/Security Consultant

Environment: ECC 5.0, BI 7.0, GRC 5.3, CRM 5.0.

• Security design & support for ECC 5.0, BI 7.0, CRM 5.0, Solution Manager & GRC 5.3.
• Defined Authorization assignment, management strategy and Procedures.
• Define User and Authorization Management Technical Strategy using CUA.
• Batch jobs for SOD report dump & actions to eliminate existing violations/risks.
• Verifying all approvals for the Change request, SOD Simulation reports, QA tests if applicable.
• Central User Administration (CUA), role maintenance & system administration.
• Define User Roles and role Management Procedures (Role Owners, etc).
• Train User and Authorization Administrators (Ongoing user admin support).
• Created Genesis Security strategy document according to Federal security norms.
• Functional Teams Job Role Map to Process Steps for each BPM to complete Role Design.
• Process improvements in security and authorizations area.
• Worked on role re-organization process for the Business and Project users.
• Role Analysis & Object level security to build Production security roles.
• Helped training by creating roles according to the training catalog.
• Identified SPOCS in business for Approval, Change & User Creation process.
• Identified & Built Functional controls in each business process with the help of audit team.
• Created Risk ids.
• Risk remediation and Risk Mitigation.
• Helped CRM & Retail teams in creating & assigning BP's IC & SOS Profiles.
• Evolved compliance friendly process flows for approvals of all change requests.
• Analysis Authorizations by Maintaining Characteristics, Attributes, Hierarchies & Variables.
• Assigned groups & individual authorizations through RSECADMIN.
• Performed Upgrades, system copies, Client Copies, Correction and Transport System.
• Designed Security testing strategy and trained QA team for Security & compliance testing.

Confidential, Kalamazoo, MI

SAP ECC6.0 Security and Administrator

Environment: SAP ECC 6.0, CRM 6.0, NW 04, Portal 7.0, BW 7.0, PI 7.0, SOLMAN, GRC 5.3 AC and Oracle 11i

• Worked with profile generator (PFCG) in creating roles, profiles, composite roles, composite profiles, derivedroles, and global roles.
• Setup ALE environment for Central User Administration (CUA).
• Maintaining Users in CUA System and Daily checking CUA logs through (SCUL).
• Used CUA to handle & distribute users & profiles.
• Creating new roles as well as deriving and extending existing roles.
• Created new roles for ECC 6 systems: FI, CO, HR, MM, PP, QM, and SD modules, based on concepts oftask roles and position roles.
• Created new roles as per the new business processes, in accordance with SOX compliance.
• Responsible for complete lifecycle, from designing, unit testing, integration testing, user mapping, go-liveand post production support.
• Process improvements in security and authorizations area.
• Worked on role re-organization process for the Business and Project users.
• Created Risk ids.
• Risk remediation and Risk Mitigation.
• Provide daily SAP R/3, CRM, APO, BW, SCM, EBP and HR security production support such as ID requests,access requirements and troubleshooting problems. Defined and maintained authorizations and roles.
• Made the BI Security Roles as granular and optimum so that the Info Objects can be utilized as much aspossible without creating too many Analysis Authorizations.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used the roles as the medium to assign the analysis authorization objects rather than direct assignment.
• Created roles using PFCG and Analysis Authorization using RSECADMIN.
• Used SAP best practices like setting the following InfoObjects as "authorization-relevant" and using them inAnalysis Authorizations0TCAACTVT, 0TCAIPROV, 0TCAVALID.
• Resolved BI Authorization issues using RSECADMIN logs and worked with BI developers to modify thereports as per the business requirements and including the authorization variables in the reports.
• Designing Security for SRM 5.0 and integrating with SAP Portal 7.0.
• Configure UME (User Management Engine) Data sources in Netweaver Systems.
• Creating iViews, Worksets and Roles in SAP Portal 7.0 for SRM Users.
• Maintaining the Users and Authorizations in SAP XI systems.
• Maintain Users and authorizations in CRM system.
• Created roles for Managers and administrators in SOLMAN for Solution Monitoring.
• Creating and Maintaining OSS Users, Developer Keys and SAP Router connections to the Systems.
• Traced user authorization errors (ST01, SU53, SM19, SM20 and RSECADMIN).
• Maintained Assignment of Authorization Objects (SU24).
• Created custom Authorization Classes and Authorization Objects (SU21).
• Maintained program authorization groups (Report RSCSAUTH) and table authorization groups (SE54) toprotect access to programs and tables.
• Locked and ensured that the standard SAP Super Users (SAP*, DDIC, SAPCPIC) were set-up as system orbackground users with passwords changed (monitoring using report RSUSR003) in all SAP systems.
• Creating Mass roles and Users using SECATT and LSMW scripts.
• Created RFC connection between ECC and CRM systems and maintained roles in two systems.
• Generated Risk analysis and Remediation Reports on Critical/ Conflict Action Level. Created MitigationControls and assigned the same to users.