SUMMARY:

• Overall 9 years of IT experience as an SAP GRC 10.0 and SAP ECC Security Administrator.
• Worked on full life cycle implementation of SAP GRC 10.1 Access control component configurations (ARM, EAM, and BRM components)
• Expertise in role optimization and restructuring the current design and develop a new design with sod free roles and to implement SAP GRC 10 with the components Access risk Analysis, Emergency Access Management and User Access Management.
• Worked on full life cycle implementation of SAP Security projects from design phase to post - implementation phase in SAP Security Realm.
• Very good knowledge of producing and analyzing reports in SAP using SUIM, and security-related tables (AGR*, USR*, etc), and customized Query reports.
• Provided support for User Maintenance, Roles/Profile Maintenance using Profile generator.
• Working Experience in Role remediation and user remediation of segregation of Duties (SOD) within SAP implementation
• Experienced in troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI.
• Experienced in creating & working on Production Support Tickets using Solman Service desk tool.
• Self-starting, highly dependable results-oriented SAP Security Functional Analyst with hands-on R/3 implementation, system enhancements and production support responsibilities.
• Expertise in Test Process implementation.
• Expertise in design and implementation of Requirement Traceability Matrix (RTM).
• Expertise in Computer System Validation (CSV).
• Qualifying Validation Protocols (IQ, OQ and PQ).
• Training and mentoring new resources on CSV.
• Validation of system against compliance such as 21CFR Part11, GxP and GAMP5.
• Managing Independent Validation Team at Client Place.
• Effective, imaginative problem solver with excellent problem-solving skills, team player and good communication skills.
• Involved in two life cycle implementation & Post implementation activities.
• Involved in four Enhancement Pack Upgrade Projects.
• Excellent communication and leadership skills.
• Tracing the users, SAP objects and custom reporting authorization objects to debug an authorization error, resolving the issue by giving required authorizations (RSRTRACE)

TECHNICAL SKILLS:

ERP: SAP GRC 10.1 Access Controls and ECC6.05 Security

OS: Windows 10/7, Linux

Packages: Ms-Office.

Tools: Used: HP ALM, SAP Solution Manager

PROFESSIONAL EXPERIENCE:

SAP GRC Consultant

Confidential, Carlsbad, CA

Responsibilities:

• Independent SAP Security Analyst on SAP Sarbanes-Oxley role redesign project
• Provide Management, maintenance and support for all client sites: Pleasanton, Austin, Bedford, Framingham, Fredrick, Mexico, and Toronto.
• Leading various security project rollouts and bring various acquired plants sap system into existing Landscape.
• Met with Individual Management teams to gather requirements for role development.
• Supported user administration for the production, development, and test environments.
• Trained SAP security administrators at remote sites for 24-7 worldwide support.
• Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards
• Create and transport roles to facilitate changes throughout the landscape.
• Audited and documented existing SOD conflicts within roles
• Worked on the cleaning up of existing roles in accordance with the audit requirements.
• Reviewed the existing roles and identified the Segregation of Duties conflicts within the roles.
• Remediation of roles by removing the identified conflicts.
• Run Risk Analysis Remediation using SAP GRC Access Control 10, Performed analysis of SU53 as well as setting up and analyzing user traces using Transaction ST01 to define and resolve user access problems/authorization issues.
• Responsible for creating/deleting user accounts, change passwords, maintain, lock and unlock users in Prod, QA and Development environments.
• Provide metrics to Leadership and Project management Teams.
• Create and transport roles to facilitate changes throughout the landscape.
• Expert in using LAW and USMM tcodes for reporting user license details to SAP.
• Assigned and maintained authorization objects for roles in ECC, APO, SRM, BI.
• Created and maintained Documentation of all procedures for all security Team members
• Compliance with regulatory agency standards (SOX).
• Enforce Segregation of Duty policies and promote Compliance

Senior SAP Security & GRC Consultant.

Confidential, Fort Worth, Texas

Responsibilities:

• Independent SAP Security Analyst handling SAP GRC implementation and S/4 HANA security role project and security around Fiori apps.
• Leading various security project rollouts and bring various acquired plants sap system into existing Landscape.
• Lead the team supporting user administration for the production, development, and test environments.
• Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards
• Create and transport roles to facilitate changes throughout the landscape.
• Audited and documented existing SOD conflicts within roles
• Worked on the cleaning up of existing roles in accordance with the audit requirements.
• Reviewed the existing roles and identified the Segregation of Duties conflicts within the roles.
• Remediation of roles by removing the identified conflicts.
• Run Risk Analysis Remediation using SAP GRC Access Control 10, Performed analysis of SU53 as well as setting up and analyzing user traces using Transaction ST01 to define and resolve user access problems/authorization issues.
• Responsible for creating/deleting user accounts, change passwords, maintain, lock and unlock users in Prod, QA and Development environments.
• Provide metrics to Leadership and Project management Teams.
• Create and transport roles to facilitate changes throughout the landscape.

Senior SAP Security & GRC Consultant

Confidential, Wilmington, DE

Responsibilities:

• Good understanding of SAP IT and process controls (configurable, automated and manual controls - SAP GRC)
• Implemented the "re-write of control process and remediation actions for the exceptions identified during the testing of GCCs
• Tested and assessed the control effectiveness of IT controls for 6 IT Applications prior to 'Go Live and assisted the teams in the remediation process.
• Part of ITGC / SOX IT controls testing team performing the testing of the effectiveness of the IT controls and helping the teams in remediation of the exceptions identified. Performing OE testing process on the SDLC controls and helping the project teams on the remediation
• Guided and trained IS teams in preparation for performing "assessment and review of IT General Controls Documentation" in IT Processes that included determination of Scoping and Planning, Risk Assessment Framework, Infrastructure areas like Change management, Problem management, IS processing, Network, SDLC, Operating systems,and Databases.
• Developed proactive plans to manage open issues, avoid known issues in the mitigation process.
• Walkthrough of the IT and financial processes from SOX perspective,
• Involve in maintaining, supporting and troubleshooting user issues for the GRC Process control for which is used for SOX compliance
• Support for all kind of GRC related Service Orders raised by business.
• Incident resolution
• Master data changes
• Creating connectors in GRC 10.0 for new systems
• Rule set generations, SOD checks configurations
• Creating FF ids, configuring owners and controllers
• Creating custom reports in GRC as per client requirement
• UAR and Risk Analysis Job scheduling.
• Custom BRF+ tables maintenance.

SAP Security & GRC Consultant and Quality and control (Q&C) Lead.

Confidential, New Brunswick, NJ

Responsibilities:

• Worked on GRC Access Control 10.0 Implementation as a Q&C lead for the client.
• Lead for Q&C team for the client to take care of all the SDLC requirements.
• Review and Validation of end to end documentation.
• Review and approval of System testing and User acceptance testing scripts.
• Responsible for streamlining the Authorization concept existing in the current R/3 System
• Responsible for overseeing Implementation of GRC AC 10.0 all components (ARA, BRM,EAM,ARM).
• Creating Ruleset, Mitigation, Controls, Scheduling background jobs
• Creating FF ids, maintaining configurations for log reports etc.
• Designing workflows for user access requests and Role management process
• Responsible for post-installation initial configurations in GRC AC 10.0.

Sap Security Consultant

Confidential

Responsibilities:

• Experience in Design, Developing, Testing and Implementing SAP Security Roles, Profiles and Authorizations for various landscapes using Profile Generator.
• Creation and Modification of User Master Records for Project and End Users.
• Strong in SAP application Security development by taking business requirements and building Security using the SAP Authorization Concept using Profile Generator tool (PFCG).
• Experience in user administration 24X7 on-call production support, quick turnaround for end user requests, and Helpdesk support for user administration.
• Full troubleshooting support for the user’s authorization failures in all SAP applications and resolving the Security issues and support in integration testing of Roles/Profiles.
• Excellent communication and interpersonal skills with the ability to coordinate activities and work in a team environment to the deliverables.
• Designed several utilities to support SAP R/3 security reporting needs. Reports of user usage profiles and authorizations, comparison reports in the different R/3 system.
• Configured Profile Generator and transported settings to all clients, setup security for the developers.
• BW Security experience in Info Provider level and Info Object level (field level such as Company Code, Plants, cost center etc.,) Security
• Designing the BI roles as per the reports and folders.
• Performed user maintenance tasks, User creation, deletion, lockdown, activation, password management tasks and ran various user administration reports.
• Designed the AREA MENU process especially for Confidential client, basically the area menu displays all the Z reports in user menu tab.
• Working on Incidents, SCR's and Service Requests generated through Solution Manager service desk
• Providing end user day to day support.

Assistant Manager

Confidential

Responsibilities:

• As operations in charge, I supervise all branch desk activates (Investments, cash, foreign exchange, Demat, clearing, privilege banking).
• Creation and Modification of User Master Records and assigning privileges in Finacle and Fin-One applications.
• Keep Branches SOX-audit ready and Compliant by performing sample Sox testing.
• Authorize cash management vendor transactions.
• Opening Letter of credits and managing trade desk and bank guarantee issuances for SME clients.