SUMMARY:

• 11+ Years of experience in SAP Security and Confidential
• Strong experience in SAP Security end to end implementations and upgrades
• Expert knowledge & experience in FICO, SD, MM,WM,PM modules
• Expert knowledge & experience in S/4 HANA and Fiori Security
• Expert knowledge & experience in HANA security
• Expert knowledge & experience in BI & BOBJ Security
• Expert knowledge & experience in Confidential 5.3 and 10/10.1
• Expert knowledge & experience in CRM Security
• Expert knowledge & experience in Solution manager/CHARM Security
• Expert knowledge & experience in Portal Security
• Expert knowledge & experience in SOX compliance tools
• Expert knowledge & experience in License Administration
• Expert knowledge & experience in Security Auditing
• Good knowledge & experience in HR security
• Good knowledge & experience in CUA
• Experienced in coordination with External Auditors and involved in the SOX Audits, documentation, and process improvements
• Good knowledge & experience in MDM Security
• Expert knowledge & experience in IDM 7.1

PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• S4 HANA, Fiori Security implementation for Master data project
• Securing access to HANA database objects using Analytical privileges
• Securing access to administrators and modelers in HANA database
• Enabled Audit policy for HANA production systems
• Implementing folder level security and developing custom access rights in BOBJ

Confidential

Responsibilities:

• SAP S/4 Hana and Fiori security implementation for Purdue’s subsidiary company Mundi Pharma.
• SAP Security upgrade for following systems have been performed by proper SU24 adjustments and role remediation’s with merely zero missing authorizations.
• SAP ECC: ECC 6.0 EHP 5 to ECC 6.0 EHP 7
• SAP BW: SAP BI 7.0 EHP1 to SAP BW 7.4
• SAP SCM: SCM 7.0 EHP 2 to SAP SCM 7.0 EHP 3
• Brough down the SOD risks by thorough analysis at user/role level and by performing role level remediation. This has been achieved by coordination with SAP functional owners & Business owners
• Confidential ruleset has been customized as per Client/Business requirements.
• Firefighter (Emergency access management) has been implemented at Confidential for multiple SAP modules to grant emergency access in Production systems for audit trail.
• Successfully rolled out SAP Security up - gradation of solution manager from 7 to 7.1. Part of it, SAP Security roles have been built for approving Change requests at developer, Change manager, IT manager, ISQA, Basis level with in Charm (Solution manager).
• Primary point of contact for External E&Y Audit at onsite and facilitated the audit for SAP Security module and all other modules.
• User License Audit has been performed for all DEV and PRODUCTION systems across all landscapes.
• Frequent SAP User access reviews have been performed quarterly, half yearly and yearly for critical SAP module roles by coordinating with Business owners ensuring end users have appropriate access, considering end users responsibility change and position change.
• SAP derived roles have been designed, supported Unit/Integration testing, fixed missing authorizations for new Organization (Plant, Sales organization etc..) additions for multiple projects.
• EWA alerts for SAP Security module have been analyzed and implemented, which includes default passwords standard users, SAP* restriction, ABAP password policy, users with critical authorizations
• Position based access has been granted in SAP HCM by creating structural authorization (PD) profiles.
• Critical Basis/Security/ABAP access has been secured.
• Successful implementation and roll out for Gateway Security for Vinyl project which is a key milestone at Confidential for their benefits enrollment through Vinyl application. Part of this project, script has been developed for mass user role administration
• SAP Security support has been provided for Arriba project.

Confidential

Responsibilities:

• SAP Security redesign to meet SOD policies and as per SAP best practices
• BW analysis authorization implementation and support
• BOBJ Security implementation including Creating groups/folders and access restrictions
• Central user administration for Client Heritage SAP systems
• Trouble shooting authorization issues in ECC, POSDM, PI, SRM and BW systems
• MDM user and role administration
• IDM 7.1 support and troubleshooting issues with provisioning jobs in IDM
• Monitoring the jobs in IDM console, creation of Privileges, Business roles in IDM
• Confidential 5.3 configuration changes and support
• Role creation and maintenance through ERM (Enterprise role management)
• Setting up the new work flow in CUP
• Setting up new rules by creating custom risk/function ids as per Business requirement
• Firefighter id creation/maintenance
• Restricting critical and sensitive access in Production systems
• Performing license auditing
• Provisioning access to production systems through IDM and Confidential and addressing the CUP request generation and provisioning issues in IDM and Confidential .
• Portal user and role administration

Confidential

Responsibilities:

• BC sets have been activated in Confidential AC10
• Performed post installation steps for ARA, ARM, BRM and EAM in SPRO
• Installed common component settings for AC in Confidential 10
• Setting up profile parameters for all components of AC10
• Maintained connectors for back end systems which are connected to AC10
• Defining the connector group and Assigning the connector to connector groups
• Assigning Integration Scenario to Connector
• Maintain Access Risk Levels
• Generating SOD Rules
• Generating Alerts
• Scheduled the synch jobs for Access risk analysis
• Scheduled the batch risk analysis to enable offline risk analysis and Dash boards for management reports
• Customized the rule set based on the Global rule set
• Setting up Organizational unit in Confidential
• Setting up Access Control Owners in Confidential
• Creation of custom risk ids and Mitigation control ids
• Setting up the Firefighter ids, owners, and controllers in Confidential . Assign Owners to Firefighter ids and Controllers to Firefighter ids and assign Firefighter users to Firefighter ids
• Creating rules in Business Rules Framework (BRF+)

Confidential

Responsibilities:

• Task/Enabler model role implementation
• Creation of single, derived roles and maintenance
• Portal group/roles creation and maintenance
• Setting up the initiators in CUP ( Confidential )
• Setting up the connectors and maintenance for CUP, RAR and SPM
• Setting up the back end(SAP) and Portal groups in CUP
• Role mapping between the back-end roles and portal groups in CUP
• Role owner changes, Geo-role owner changes in CUP
• CUP request administration including the request forwarding, cancellation and trouble shooting the risk analysis errors etc.
• Pulling the reports for CUP requests analysis and log report
• Working with RAR for security reports
• Updating the functions at action and permission level
• Updating the risk ids and rules
• Firefighter id creation and updating the owner/controller and FF tables in SPM
• Working with role administration in SCM, SRM, XI, BI and HR landscapes.
• Analysis authorization creation and maintenance using Confidential in BI security
• Restricting the info objects at value level and hierarchy node level
• OSS id creation/maintenance and opening the connection to SAP
• Assigning the Organization units to user ids in SRM using users gen

Confidential

Responsibilities:

• Involved in end to end security implementation for Confidential India
• Involved in security redesign for other Confidential countries of AZ
• SAP Security has been implemented based on organizational restrictions such as company code, plant, shipping point, storage locations, sales office etc.
• Implemented release strategy for material management based on the purchasing groups and release codes.
• Implemented Derived role and composite role strategy.
• Protected critical t-codes and critical authorization objects against unauthorized access.
• Provided production support for various modules like SOTC, RTR, MTD and PTP.
• Maintained object level changes globally using su24 where ever necessary.
• Implemented user exits with the help of developer for some fields which can not be restricted by std sap.
• Trouble shooting missing authorizations using SU53 and ST01.
• Working with various security tables and reports during and after implementation.
• Opening OSS connections for SAP environments in Service Market Place.
• Administer OSS access accounts and privileges includes Creating/Adding new OSS ID, Deleting expired OSS ids
• Administrating authorization privileges for OSS ID & OSS Messages
• Registering Developer Key & Object key etc
• Trouble shooting the missing authorizations in BI using the Confidential
• Working with PD profiles in HR
• Working with org unit assignment of personal ids using PO13 and PO12

Confidential

Responsibilities:

• Working with SOX compliance tool Approva (Bizrights) to grant production access and performing simulations.
• Provided level 1 production support (high severity issues) for all R/3 modules and BI 7.0
• Creating & Modifying portal users
• Mapping Portal User ID’s to SAP User ID’s
• Analyzing backend connectivity & Authentication issues in Portal
• Importing bulk users into portal etc.
• Opening Connections to SAP
• Involved in Creating Roles, Generating profiles, SU24 changes to Authorization Objects
• Adding Reports and Queries to BW Roles as per the specifications.
• Experienced in setting up the Audit Information System to facilitate internal and external audits

Confidential

Responsibilities:

• Creating & updating users in R/3, BW & CRM environments via Access Enforcer
• Uploading Roles into Virsa, Setting up the appropriate SAA’s (System Access Advisor) for each Business Locations/Sites in Virsa
• Performing Virsa administration
• Creating SIR’s (System Investigation request) for Security Development which includes creating change control forms (CHG) and Object migration (OM) predecessors (An OM is similar to a Transport Request)
• Performing Peer Reviews for Security Development work in dev test client.
• Building the new roles Single, Derived and Composite for all the streams.
• Expertise in SAP Security and Authorizations which includes User Management, User Administration, Monitoring, User Tracing and Troubleshooting.
• Production support during Go-Live for SAP security. Performing Assembly Testing of Role in Quality (Test) and Staging Conversion system.
• Creation of users in various Development, Test, Staging & Conversion and Production Systems as per the SR (Environment change request).
• Assignment of Authorization Groups to Tables (TDDATA, VD DATA).
• Worked on 3 Releases for SAP providing SAP Security support to the Global release team.