PROFESSIONAL SUMMARY

• Overall 9 years experience in IT industry and over 7+ years experience in SAP as SAP Security/GRC/Basis Consultant on SAP R/3 ECC 5.0/6.0, 4.7, 4.6C, 4.6B.

Worked on 5 full life cycle implementation of SAP Security projects from design phase to post implementation phase in SAP Security Realm.

• Assisted on various modules like PP/MM//WM/HR/FI-CO/SD and new Dimensions products BI/BW, HR, CRM, SRM, Portal, XI, and SCM.
• Perform SAP Security related task and Implemented Security policies and procedures, Experience in SAP Security Maintenance (PFCG), maintained the roles for all the instance (DEV, QAS, PRD and Training Environments) profiles in development and production systems
• Worked on designing the Security requirements for SAP Business Objects.
• Provided support for User Maintenance, Roles/Profile Maintenance using Profile generator.
• Experience in Setting up Central User Administration (CUA) and maintenance.
• Experienced Netweaver Basic of User maintenance Thru UME (User Management Engine).
• Experience in SAP Security related task such as SOX (Sarbanes Oxley) Compliance.
• Working experience in Role remediation and user remediation of segregation of Duties (SOD) within SAP implementation, GRC-Virsa Systems 5.X tools (Compliance Calibrator, Access Enforcer, Fire Fighter and Role Expert).
• Experience with VIRSAComplianceCalibrator5.1 (SAPGRC) for Prevention/Remediation/Mitigation of Segregation of Duties (SoD).

Extensively used Fire Fighter 5.2 for creating Fire Fighter IDs, designing and assigning Fire Fighter roles and monitoring Fire Fighter logs activities

• Remediation of Segregation of Duties (SOD) within SAP implementation, VIRSA Systems VRAT tool, Fire Fighter, Role Expert, Access Enforcer, Profile Generator (PFCG), Role Creations modifications, User Administration.

Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.

• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users.
• Experience in troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI.
• Experienced with creating & working on Production Support Tickets using Remedy tool.
• Self starting, highly dependable results oriented SAP Security Functional Analyst with hands on R/3 implementation, system enhancements and production support responsibilities.
• Effective, imaginative problem solver with excellent problem solving skills, team player and good communication skills.

SAP Skills:

SAP Security and Sales and Distribution module

SAP version:

SAP R/3 ECC6.0, ECC 5.0,4.7, 4.6C,4.6B

Specialization:

Security(R/3 and BW), CUA, Profile Generator, User Maintenance, Authorization, IDM.

SAP EP 7.0:

Administration: iViews / Roles / Pages, EP 7.0, UME, System Definitions, Folders, User, Groups, Transport Packages.
Security: Single Sign on (SSO) using logon tickets. User Mapping, LDAP Directory with UME

Office Tools:

MS OFFICE(MS-Word,MS-Access,MS-Excel,PowerPoint)

Databases:

SQL, Ms- Access 2000/97, Ms-Sql Server2000

Languages:

Visual Basic 5.0, Visual Basic 6.0, C, C++, Vb.Net, Ado.Net, Core
Java, PL/Sql, Web Services, Xml

Web Servers:

Windows 2000 Professional server, Windows 95/98

PROFESSIONAL EXPERIENCE:

Confidential,Lebanon, NJ March 2007 to Till Date
SAP Security Analyst/Team Lead

Roles and Responsibilities:
Implementation Activities (RELEASE-1 & RELEASE-2)

• Responsible for Security role development like creation of Roles(including Single role ,Composite role, Parent & child role) creation of Users, Maintained Authorization Objects, and Assigning Roles to Users as per Documents provided by the Management
• Participated in Security Testing and UAT for Mexico/Bermuda client users for release-1 and help in resolving the defects using Mercury for ticketing purpose.
• Participated in Security Testing, UAT and OQ for USA market client users for release-2 and help in resolving the defects using Mercury for ticketing purpose.
• Created roles for USA market (plant based) as per Global role template.
• Work with QVC Team in adding aditional TCodes or Organizational values (derived roles) to the roles as a part of Security Testing and UAT Testing in Mercury before going live.
• Created job roles for Mexico and Bermuda as per the relevant test ids and also participated in security roles testing.
• Created roles for GTS (Global trade service) Business Objects for Mexico Go-Live release 2.0(A) and involved in security unit/UAT testing. Also worked with the end users to resolve authorization issues
• Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards.

Post GOLIVE support Activities (RELEASE-1)

• Hands on experience on production Support for Mexico/ Bermuda (LA HUB) plant for post GOLIVE support for COMET MERCK.
• Supported production issues on ECC, BI & Portal, GTS, SCM modules which were the part of RELEASE-1.
• Worked on security tickets using REMEDY tool.

Administration (ECC, SCM, GTS, and XI):-

• Maintained Users Master Records by creating User Ids, assigning roles, copying, renaming, reset password, etc. using SU01.
• Performed mass user activities using SU10.
• Extensively used ECATT scripts for mass user creation, locking and unlocking users, assigning roles to users etc.
• Used ECATT script for mass creation of OSS Ids, Basis Ids and Production user ids across the environment.
• Created Parent/Child role for Mexico/Bermuda from the Global role template for ECC, SCM, GTS in the initial implementation phase.
• Worked with profile generator (PFCG) in creating roles, profiles, composite roles and derived roles.
• Worked on SAP Check Indicator Defaults and Field values using transaction SU24 and maintained check indicators for Transaction codes during testing.
• Worked in coordination with HR people to maintain the synchronizations of the HR data (Pa0105- user id & email) and the SU01 user data so that users receive the workflow items.
• Created Global and Market roles as per the process teams requirements for STS Workflows maintained the roles and user maintenance.
• Transported Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape.
• Transported the generated roles and profiles using Transport Management System.
• Extensively worked with security related tables such as AGR_TCODES, AGR_USERS, AGR_1251, AGR_1250, AGR_DEFINE etc.
• Worked on Job role user switch for more than 400 users for BI, SCM, ECC all gold clients.
• Worked in configuration and support of Fire fighter and CC tool.
• Extensively worked with VIRSA Compliance Calibrator 5.1 to perform risk analysis at user and role level.
• Experience with VIRSA Compliance Calibrator 5.1 (SAP GRC) for Prevention/Remediation/Mitigation of Segregation of Duties (SoD) within Organization.
• Worked with table authorizations to control access to tables and created custom table authorization groups using SE54.
• Worked with SE93 to create custom transaction codes to control access to tables.
• Assigned authorization groups to programs using RSCSAUTH and RSABAUTH to control access to programs.
• Trouble shoot user project related issues for Solution Manager for viewing Mexico/US project folder details.
• Participated in creating Solution Manager roles for Change Request Management (CHARM) and testing of those roles.
• Used the table TCDCOUPLES (TcodeSE93) to maintain the checks between calling and called transaction codes such as SM37.
• Used SQVI to generate different kinds of User or Roles reports required by QVC Team.
• Monitored access to key authorization objects such as S_BTCH_ADM, S_ADMI_FCD, S_TABU_DIS, S_DEVELOP etc for debug access and etc.
• Advised developers to use function module AUTHORITY_CHECK for custom programs.
• Performed User master maintenance through Central User Administration (CUA).
• Effectively analyzed trace files using ST01 and authorizations for users (SU53) and tracked missed authorizations for user’s access problems and inserted missing authorizations manually.

BI 7.0

• Created Custom Reporting Authorization Objects using transaction RSECADMIN.
• Created roles for restricting access to Infocube, Info/ODS objects, Queries and Workbooks.
• Created custom objects to secure the roles by Company Code, Plant and Cost Center
• Created development roles for BW developers using the authorizations objects S_RS_ISOUR,S_RS_ISNEW, S_RS_TR, S_RS_RST, S_RS_ADMWB, S_RS_BTMP
• Involved in testing of the roles along with the BI team members.
• Developed authorizations and assigned it to users using RSECADMIN
• Troubleshoot authorizations related problems using RSECADMIN.

SRM 6.0

• Worked with the SRM business team to prepare and maintain role matrices and user mapping matrix.
• Created EBP, SUS roles and Involved in troubleshooting roles, identified missing objects, arranged the menu structure as per the business requirements, tested roles.
• Worked with the configuration team in building, testing and implementing the roles
• Created Users in the SRM 4.0 environment using the web browser using transaction BBPUSERMAINT
• Created SRM users using the transaction SU01 and Assigned the user to Organisational hierarchy for SRM Team members through USERS_GEN.
• Troubleshoot user administration related issues.
• Assigned users to Organizational units using the transactions PPOMA_BBP, PPOME_BBP
• Maintain the approval and spending limits at role level and user id level

Enterprise Portals 7.0

• Interacted with Portals configurators and developers in implementing Portals security and participated with Portal team for SSO login for various instances such as BI, SRM, and T&E.
• Worked with Portal Architect for assigning proper roles for STS business stream.
• Created SUS external vendors under Purchase order collaboration tab.
• Loaded Mass users on Portal with Security program for Hypercare/UAT activities.
• Created Users and assign appropiate Roles or groups on Portals as per Role matrices.
• Created groups in Enterprise Portal and assigned all roles to that relevant group.

Environment - SAP BI 7.0, SCM 5.0,GTS7.1,ECC6.0,XI 7.0,NetWeaver, Solution Manager, Enterprise Portal 7.0(SSO), SRM 6.0.

Confidential,CA Mar 2006 to Feb 2007
Sr SAP Security Analyst

Responsibilities

• Provided daily security and authorizations management of SAP R/3 and BW systems.

Comprehensive knowledge exchange and documentation on different topics related to Security, Profile Generator (PFCG) and related functions.
Working with Functional heads for Segregation of duties and Security changes based on SOX requirements.
Ensure role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/controls teams.
User Maintenance/User creation, deletion, modification on PRD, QAS, TST & DEV Server. Create & manage the scheduling of batch jobs working with T-Codes SU53 and SUIM for giving authorizations.
Designed the security for reports which were viewed in Business Object (BOBJ).
Involved in defining the strategies for role request, ownerships, report access in portal and business objects.
Participated in workflow design and testing of AE tool .
Participated in configuration of FF and AE tool for Compliance Calibrator 4.0.
Extensively worked with VIRSA to perform risk analysis at user and role level.
Used GRC Virsa tool extensively for handling SOD conflicts for each user

• Worked on creating users in UME (User Management Engine) and assigning appropriate roles.
• Created Custom Reporting Authorization Objects using transaction RSSM

Responsible for creation and maintenance of Roles for BW queries, Info Cube, Info Area using Profile Generator PFCG Involved in testing of the roles along with the BW team members
Participate in requirement gathering, assessment, design and configuration for SAP security.
Creation of Authorization Groups to restrict the R/3 table access and program access and review and correction of sensitive authorizations (S_TABU_DIS, S_USER_TCD etc.), including assignment of authorization for sensitive tables.
Used Virsa tool extensively for handling SOD conflicts for each user.
Responsible for day-to-day transport support for moving objects from one system to another system.
Developed and provide knowledge transfer to client personnel on security authorization concept and security design/implementation.
SAP R/3 Prod Support in all areas of security with modules like FI, MM, SD, PS, PP, CRM and BW.

BW 3.5

Responsible for creation and maintenance of Roles for BW queries, Info Cube, Info Areas using Profile Generator (PFCG).
Interacted with BW Team in design of security roles
Involved in testing of roles along with BW team.
Created roles using authorization objects S_RS_ICUBE, S_RS_MPRO, S_RS_ISET, S_RS_ODSO.
Created hierarchy authorizations using S_RS_HIER.
Created Custom Reporting Authorization Objects using transaction RSSM.
Troubleshoot authorizations related problems using RSSMTRACE and ST01.

CRM 4.0

• Worked and Created roles for CRM for functionality Product Catalog, IC WebClient, Product, Administration console, also worked on setting up Internet users and roles for B2B.
• Created users and assign them relevant roles.

Worked on assigning the users to organization structure for BP.

Environment - SAP BW 3.5, Netweaver, R/3 6.0 ECC, FI, MM, PP, SD, CRM 4.0

Confidential,NJ July’05 to Feb’06
Sr SAP Security Analyst

Responsibilities

• Participated in designing, writing and implementing security related standard procedures for the user administration, roles and profile generation.
• Created and modified Single roles, Composite roles and Derived roles using automatic profile generator (PFCG) to meet business requirements by making sure users do not get more authorizations than needed or assign missing authorizations to perform their tasks
• Performed user administration activities such as setting up user login Ids and assigning and resetting passwords, locking and unlocking users.
• Troubleshoot user roles, security authorization objects and authorizations to resolve security conflicts using transactions SUIM , SU53 and ST01

Hands-on security upgrade using SU25 and Profile Generator (PFCG)
Set up the Profile Generator and generated user profiles for FI, MM, PP and SD users.
Set up the authorizations for specific BI/BW users and authorizations using Net Weaver 2004.
Worked on different components for the query definition and restricting the authorization for BI/BW owners/users.

• Troubleshoot authorizations related problems using RSSMTRACE, RSSU53 and also using RSSM

Provided daily security and authorizations management of SAP R/3 and BW systems.
Worked on HR Security for setting up structural authorizations.
Assisted with the security team for Reviewing SAP R/3 security Design for SOX remidiation Issues in SD, MM.
Used Profile Generator to effectively restrict user access to specific Business Areas
Involved with technical team in setting up SAP system for auto log-out, password length and expiration and specifying impermissible passwords.

• Perform reconciliation of user master record and roles using PFUD and SUPC.
• Was involved in the creation of CRM Enterprise roles.

Segregation of Duties (SOD) and analyzing Risk Assessment using VIRSA compliance calibrator 4.0.

• Used LSMW to create mass users information and finitialise the password for the users.
• Ensure that security authorization procedures are adhered to and that users do not receive authorizations that are outside of company guidelines.

Analyze Root Cause of Authorization Problems and fix the missing authorizations.
Ran security reports for critical transactions and objects.
Supported users at different levels for the security issues in different modules.

Environment - SAP BW 3.5, Netweaver 2004, R/3 5.0 ECC, FI, MM, PP and SD, CRM.

• Post Graduation Diploma in Computer Applications