PROFESSIONAL SUMMARY:

• Over 10 Years of strong experience in SAP Security administration and in SAP GRC
• Extensive experience in all aspects of SAP Security Administration.Modules including SAP ECC (4.7,5.0,6.0 & Netweaver), GRC (5.3/10.0/10.1/ VIRSA),HR 7.0,HANA 2.0, BW/BI 7.0, BPC 10.0,BOBJ,SRM 7.0, IDM 7.1,CRM,PI,CUA, Greenlight and controls
• Worked on vaious projects involving SAP Security: Security Designing, GRC implementations, Upgrades, migrations,Security Redesign/Remediation and Run maintain Projects
• Gained knowledge on General security standards space as part of CEH (Certification Of Ethical Hacking) and Security Plus Certifications
• Good working experience with various modules like MM,SD,FI/CO,PP,QM,WM etc.,
• Designing and delivering roles in line with segratation of duties and other compliance aspects and executing
• Designing user administration including privileged access and password administration and executing
• Handling SAP Security OSS Patches: Analyze and deploy if applicable
• Working with All activities in SAP Service market place
• R/3 Security activities in support, including Role and user administration, troubleshooting and audits
• Creation of auth groups for tables, reports etc.,
• Analysis and implementation of Enhancement Patch Upgrades using t - code: SU25
• Handling t-code: SU24 changes
• Troubleshoot missing authorizations etc., from SU53, Trace, SUIM etc.,
• SAP Scripts to perform mass user creations,password changes etc.,
• Performed manual Dormant user clean up
• Worked with Process Narratives and Document of understanding for SAP Security
• Understanding Audit guidelines and keeping the system in compliance
• Generating various reports as part of daily,monthly and quarterly for Group audits
• Worked with External KPMG Audits for Confidential for 2 years and Confidential
• Designed Catalog and group based Access roles in Netweaver gateway system to give access to custom Fiori Apps. Worked on Apps with respect to Plant Maintenance(Maintenance Notificaton App), Material Management (Material Expiry check App) and OTC ( workflow related apps,portfolio price report )
• Worked closely with compliance team in GRC designing phase and active participation taken in rule-set designing and execution of its implementation roadmap. Also closely worked in designing of roles including its attributes and its structure, workflows for all process IDs including review processes, Access owners, Confidential design & its administration
• Configured GRC AC Post installation, common configuration, ARA, EAM, ARM including BRF+ and BRM
• Worked in post go-live activities by designing support KT, SOP (Standard Operating Procedure) info packs to end users and access owners on the process they have to perform on GRC Server
• Key source for Support activities in the business of GRC Access Control of the client for System changes, trouble shooting & business continuity etc.
• Comprehensive knowledge on HCM Security and associated functions
• Assigning activities using Authorization objects, Direct assignments of structural authorizations & through regular role authorization.
• Creation of Roles - Data Roles, Menu Roles in BI System
• Creation of Analysis Authorization and its roles, transportation UAT & Assignment
• Creation of Task Profiles, TEAMS & DAPs its assignments
• Worked on Portal objects like Role, Workset, Page, Iview
• Experience includes Assignments, trouble shooting, transport etc.
• Creation of users and their assignments
• Creating users using SQL Scripts in SAP Hana Studio
• Reset passwords using SQL Scripts in SAP Hana Studio

PROFESSIONAL EXPERIENCE:

Confidential

SAP Security Lead

Responsibilities:

• Adhering compliance and security policies defined by Roche (RSSG- Roche SAP Secuirty Guidelines) and applying it to Confidential SAP Prod Systems.
• Working closely with IT Compliane Management on Audit process naratives
• Interfaced with the KPMG and Group Audits for ICFR Audits & Group Audits as a security team lead noted the audit observations. Created a remedition plan there after with the due dates
• Handling all user operations with respect to "Leavers and Movers" for Genetech SAP Prod Systems
• Performed SAP Licensing Audits and taken necessary action when users extended the cap limit
• Defined Dormant Clean up procedure and applied it across all Prod Systems as part of ICFR Control
• Support security for function modules like Finance, Quality, OTC, PP, MM, PM etc.,
• Support GRC 5.3 for user Provisioning and Firefighters
• Handling Quarterly UAR / Role Reaffirm thru GRC and help documenting the process
• To Perform Audits as defined: Daily,Monthly and Quarterly Monitoring and take necessary corrective actions as and when required
• Work on various reports relating to Manual changes on the system and Users Account
• Attend BPIP (Business Process Imporment Calls) driven by change management board, provide security assessments and handle all security changes, testings from functional teams and business teams
• Mass Maintenance of users,working on SU53 and users trace using ST01
• Good Understanding of tools used as part of projects like HPSM,HPALM, Trackwise & Defect management tool etc.,
• Adhering End to end procedure of a change management proces
• Working on Portal Security
• Categorizing change as GMP or Non GMP of roles and its maintenance.Maintaining the functional spec s and its respective documentation.
• Support Hana thru scripts

Confidential

SAP Senior Security Analyst

Responsibilities:

• Security team lead & SPOC on a transitional project where a 25 year old Oracle Stream based Finance reporting is migrated into SAP BPC Finance project.
• As part of Transitional project, involved in complete end to end BI - BPC implementation along with providing a design of BPC GRC connectivity with its design of provisioning.
• Involved in design and creation of BPC Security objects: Teams,Assign DAP, TAP, Model and dimensions
• Implemented GRC Access Control components like ARA,EAM,ARM & BRM
• Worked with BP Leads and FA s on customizing Rule set
• Performed post installation steps,connector specific settings and configuring ARA,EAM,ARM
• Create blueprint as flow charts as per the business requirement for configuring ARM
• Customizing of ruleset and uploading, creating mitigating controls
• Implementing centralized firefighting and established and Confidential owners and FF Controllers, configuring FF Logs review workflows
• Created MSMP workflow for ARM according to business required and created customized BRFplus rules as per business requirement
• Customization of notification template & Confidential contents as business requirements
• Implemented business role concept as the established job functions
• Established reviews Confidential & SA reviews as per required frequency
• Established mitigation ID reviews and established mitigation to business control sheet
• Conducting workshops with different units to undetstand various risks
• Working on audit find to remediate risks
• Leading role remediation project for different system and co-ordinating with off shore teams
• Configuring workflow for UAR reviews and creating SOP s and WI

Confidential

SAP Application Architect

Responsibilities:

• SAP HR security support in the split of Confidential into Kraft and Mondelez.
• Created document of understand of SAP HR Security for Confidential and Mondelez
• Worked with indirect assignment in SAP HR
• Worked with various infotype with respect to assignment of access to users/ managers thru roles.
• Restricted access thru auth objects for PA Data, OM Data and payroll data.
• Created Structural authrorization in t-code: OOSP and assigned to the users thru t-code: P013 and also in some cases thru t-code: OOSB.
• Handled missing communication infotype for relating sap id to the master record.
• Worked on various reports / tables for SAP HR especially for Access reconciliations.

Confidential

SAP Security Consultant

Responsibilities:

• Worked on SEM BCS and BPS issues and updating data in Process chains
• Resolved BEX related issues concerned to BI
• Resolved User authorization issues and creating roles according to the requirements.
• Worked on monthly audits.
• Worked on DB Symphony ticketing tool
• Provided Emergency access to the users customizing t.code YYS USER(Fire fighter)
• Worked on OURF (online user registration form) Tool through which after the approvals user will get access in backend.
• Worked on different levels of approvals through Superior inbox, implementer inbox, Approver inbox, verifier inbox.

Confidential

SAP Security Consultant

Responsibilities:

• User Maintenance to include the User creation with the Confidential check, locking and unlocking and Password management
• Extensively using the Profile Generator ( Confidential ) to create Simple and Composite roles
• Creating the transport request and transporting the roles to the Quality environment for the test purpose
• Analyzing Confidential conflict, T-code assignment to roles and roles assignments to users using the in-house tools
• Troubleshooting the authorization issues using the SU53
• Worked on XI Security Issues
• Worked on Portal Security
• Worked on Analysis Authorization to diagnose the Authorization issues
• Worked on Menu roles to give access to queries
• Worked on User administration of EP Security and Creation of Mass users and groups through import.
• Creating Clarify work cases for BP-End-user requirements
• Handling emergency requests with proper approvals and weekend on call support
• Making SU24 changes and adding necessary objects to the transaction
• Creating test id’s for new roles and composite roles R/3, SRM, BW systems
• Worked on Monthly and Yearly Auditing Tasks

Confidential

SAP Security Consultant

Responsibilities:

• User administration (User creation, Role creation, Profile generation).
• Checking of Segregation of Duties using tools
• Focal point for handling authorization issues
• Worked with peer reviews
• User Maintenance to include the User creation with the Confidential check, locking and unlocking and Password management
• Extensively using the Profile Generator ( Confidential ) to create Simple and Composite roles
• Creating the transport request and transporting the roles to the Quality environment for the test purpose
• Analyzing Confidential conflict, T-code assignment to roles and roles assignments to users using the tools
• User administration and system authorization. Evaluating, granting, revoking, maintaining user authorizations.