Sap Enterprise Security Lead Resume
Dallas, TX
SUMMARY:
- 11+ years of experience in SAP security administration, configuration, management
- Strong knowledge of multi system landscape architecture and integration aspects between heterogeneous system technologies R/3 ECC (HR, FI, SD, PS, MM, PP, WM), BW, BI, EP, CRM, GRC, SAP Net weaver Gateway, HANA, S/4 HANA BI/BOBJ, Bank Analyzer,
- Proven track record in designing and delivering complex SAP Security architecture solutions for global organizations
- Maintaining SAP security policies and documentation, Experienced with project management both for classic waterfall and agile delivery in a hybrid environment
- All administrative tasks related to HANA and S/4 HANA Security
- Conditioning workshops with Key Stakeholders, IT Leadership, and Business to organize workshops to get the exact security requirements that need to be built from an end user access perspective.
- Organizing workshops with Compliance & Process Team, Change Management and the Technical and functional team members to define custom security solutions across the landscape while establishing SOX and Segregation of Duties by revamping the existing set of internal controls.
- Working on Building custom Security solutions on systems like Business Planning Consolidation (BPC 10.0 ), Business Objects 4.2 ( setting up access levels and group and folder level security for PFIT reports ), Bank Analyzer 9.0, Gateway Systems ( SAP Fiori UI5) and finally setting up user and access administration across HANA DB .
- Instrumental in setting up Transport mechanism ( LCM ) across the HANA database, setting up SSO between HANA DB and BOBJ systems, setting up audit logs and setting up promotion management to transport the BOBJ reports .
- Creating custom roles, object privileges, package privileges, application privileges and analytic privileges for the business users to get restricted access on Data.
- Setting up user access and profiles across Fiori systems to get the application views in the Launchpad.
- Analyzing and troubleshooting authorization issues at HANA DB level by using the Trace and the HANA context viewer.
- Experience in SAP GRC design and implementation, administration of the SAP GRC 5.3, 10.X in AC:ARA, EAM, ARM, BRM and security concepts such as SOD, SOX
- Using ARA produced Analytical Reports on User, User Groups, Roles and Profiles.
- Experience in creating and assigning FF ID's and extracting Fire Fighter logs
- Expertise in HANA and S/4 HANA Database user security and permissions.
- Delivering SAP Security using ASAP Implementation Methodologies. Prepared and executed various phases of Implementation i.e. Project Preparation, Business Blueprint, Implementation, Final Preparation and Go - live & Support.
- Development and promotion of technical controls necessary for all components of SAP infrastructure, application standards, guidelines, policies, and procedures
- Periodic review and revision of application security roles to accommodate the changing needs of the business
TECHNICAL SKILLS:
Technologies: SAP R/3 BW, CRM, SRM, EP, BI, BOBJ, HANA, /S4 HANA FIM, BPC, BFC, ICS, SRM, Bank Analyzer, BPC, Solution manger, GRC
Ticketing tools: HPQC, Remedy, HP ALM (defect manger), JIRA
PROFESSIONAL EXPERIENCE:
Confidential, Dallas, TX
SAP Enterprise Security Lead
Responsibilities:
- Conductiong work shops and involved in user story collection
- Worked on S/4 HANA Fiori over all security security architecute and Desing for, Real estate (REFX), Plant Maintanace, casino, P2P, FI and treasury.
- Worked on S/4 HANA Fiori Apps creation, groups, securing various S/4 HANA Apps, front end server (FES), business roles, back end server roles (BES).
- Worked on Securing S/4 HANA fiori custom Apps, custom talbes and objects.
- Creating Fioir Apps group worked on identifing sensitive and critical transacions and securing data
- Involded in indenfiying and SOD conflicts
- Implimented firefighter access control process.
- Worked on SAP BI, Business objects 4.2 Security desing for various reports like regulatory, sales reports, employee reports.
- Involved in impliemting S/4 HANA Security audit policy
- Used Agile Scrum project implimentation methodology and sprint cycle
- Using existing database identify a list of Catalog roles to be converted to Repository roles
- Perform assessment of existing BI/BW analysis authorization and Info Provider restrictions and recommend solution for HANA view that will align with the existing BW access restriction
- Implementing HANA Database security for Business users using HANA analytic privileges in the new BI/BW on HANA Database, and will replicate the reporting/data security structure currently followed in BI for analysis authorizations
- Address findings from SAP Native HANA security assessment and recommend any other ITGC related configuration and settings adjustment that are not covered under the SAP assessment document
- Assisting in defining password policies, setting up audit logging, adjusting SAP parameters based on industry leading practices and implementing SAP Early Watch recommendations.
Environment: S/4 HANA enterprise Cloud (HEC) 1511, 1709, BOBJ 4.2, BPC, solution manager, PO.
Confidential, Warren, New Jersey
Sr. SAP Security Consultant
Responsibilities:
- Confidential wireless having more than 1700+ Stores located across USA with a user base of 10000+
- Users handling day to day activities in stores, supply chain activities, procurement etc.
- Managing overall Access Control policies across all enterprise level applications ensuring appropriate builds, separation of duties, etc
- Implement security policies, process, audits, SOX, and SOD concepts
- Maintaining, update, and configure applications using risk analysis tools.
- Support on-going audits, providing access to analysis of reports, findings, etc.
- Working on SAP security architecture and role-based authorization models for SAP ECC, Retail SCM, HANA BW/BI, Portals, PI/PO, Solution Manager
- Working on troubleshooting the missing authorization/roles in SCM, BI, BW, HANA
- Designed SAP partner security.
- Working with the Idm team in mapping of roles to positions and user provisioning in production systems.
- Securing Firoi APPS based on the roles, Catelogs, target mapping in S/4 HANA
- Marinating SAP roles and related authorization based on specific to each store, site, location/ area, over all access and reports.
- Security reports in BOBJ, Managing user groups, folders, access levels / custom access levels.
- Performing system reviews and limiting access to ensure that work is performed in accordance with security policies
- Implementing BI Security setup with respect to securing HANA views.
- Securing HANA SQL analytical privileges based on the calculation views and HANA data securing.
- Working on SAP GRC modules such as Access Risk Analysis (ARA), Emergency Access Management (EAM) configuring GRC Access control 10.1 Workflow
- Identifying risk related access and mitigating the risk using GRC tool.
- Managing and leading small teams
Environment: ECC R/3, SCM, IS-Retail, BI/BOBJ4.2, HANA/ S4 HANA Fiori, PO, GRC 10.1, Solution Manager
Confidential, San Jose, CA
Sr. SAP Security Consultant
Responsibilities:
- Working with Confidential business teams conducting meetings, Workshops and gathering requirements for SAP Security design for Confidential Finance and Information Transformation Program(PFIT)
- Converting functional spec to technical spec. implementing SAP security modules using the classical water fall models and agile methodology.
- SAP Security in all stages of Project Development from Blueprint Feasibility Analysis to Technical Design to Realization/Development to Go Live Support and business User Training
- Designing and implementing security for SAP HANA2, BI7.4, Business objects 4.2, Bank Analyzer 9.0 and GRC 10.1
- Designing Restricting and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users, Integration of BOBJ Security with S/4 HANA and HANA DB Security Roles
- Designing and developing Universes supporting multiple levels of hierarchies for drill down and drill access reports.
- Providing training and support to Business Objects and Webi reports users throughout the organization. Creation of user groups, maintaining access levels, folders, in BO CMC, user
- Maintaining for BOBJ developers, support admins power users, end users, Transporting jobs / objects using Promotion Management tool.
- Protecting confidential and restricted data in SAP S/4 HANA
- SAP HANA User Management and Import/Export of Delivery Units/HANA Artifacts
- Defined Security Architecture, Authentication Authorization, Single Sign on, Encryption, Audit Logging etc. in the customer system landscape.
- Setting Up of Project Workspace for creating Design Time Role, Web based IDE (Graphical) Creating Design Time Roles (HANA STUDIO - Script Based)
- Importing templates for Design TimeRoles Delivery Unit
- Implementing Best practice to organize catalog/schema and content so that It can be managed with minimal security impact
- Implementing Security to access S/4 HANA from SFDC, R Server, Tableau, Hadoop, McKesson, Connect, SAP BO etc.
- Implementing BW Security setup with respect to S/4 HANA Studio BW Modeling Perspective
- HANA Security trace tools/logs if any in case of missing privileges
- Identifying and implementing proper migration strategy for S/4 HANA objects (BW, Bank Analyzer on HANA)
- Configuring validation of Solman, SAP Patch day and creation of roles in SAP Bank Analyzer
- Collaborating with Audit team and business professionals for SOX compliance
- Creating of roles, Analysis authorizations using (RSECADMIN) tool in SAP BI
- Implementing SAP security best practices and standards
- Working with ETL team, providing access to ETL system ids, trouble shooting access related issues during data transfer and migration to HANA HDB
- Enabling S/4 HANA audit policy whenever required and analyzing the audit reports regarding changes made on schemas/view/tables etc.
- Working with the testing cycle phases SIT/performance /UAT testing phases, preparing test cases.
Environment: ECC R/3, BI/BOBJ4.2, S/4 HANA, HANA SPS11, Bank Analyzer, NetWeaver Gateway, UI5, Fiori Apps, GRC 10.1, Solman
Confidential
Technical Lead
Responsibilities:
- Worked as technical lead for a large implementation and post go live support involving ERP ECC, SAP BW/ BI, BO SRM, CRM, MDM, Roles & Authorizations
- Worked on role Enhancements, maintenance of authorizations and work bench requests (Su24 Changes)
- Performed transports and mass transports of roles and CATT scripts for mass user creation.
- Find out missing authorizations using SU53 report and trouble shooting
- Setting up SAP audit logging, and performed periodic review of logged activity
- Perform annual SAP licensing administration and liaising with SAP Basis Support
- Initiated Re-design and related strategy for audit issues and preparing RCIS documents
- Leveraged SOX tools like GRC 5.3, GRC 1.0 access controland SAP Customer Activity Repository
- Validation of GRC access control and Risk reports on bi-weekly and monthly
- Assisted in Annual and Quarterly ICS security validations, performing segregation of duties (SOD), Critical Action (CA), Critical permission (CP), analysis and remediation.
- Strong SAP Implementation and Administration experience with Governance Risk and Compliance (GRC) Access Controls for SAP applications (ARM, ARA, SPM and BRM)
- SAP GRC 10.0 or 10.1 implementation and support
- Involved in SOD Assessment and Remediation Process and Role maintenance in Sun IDM dashboard
- Preparation of estimates for role build activities and testing
- Mapping of users to user groups, roles to users in SAP Enterprise portal systems
- User authentication, maintain User groups, access levels, custom access levels, access to folders and users creation in CMC
- Migration of report objects, folders, groups, connections, using promotion management across landscape
- Designed Restrict and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users
Environment: ECC R/3, HR, BI, BOBJ, HANA, SRM, Solution Manager
Confidential
Consultant
Responsibilities:
- Designed role matrix across system landscape.
- Created SOD matrix
- Performing SOD Conflict Analysis
- Organizational level authorization fields and derived role design and maintenance
- Working with analysis authorization using RSECADMIN tool
- Creating and assigning analysis authorization to users in BW, BI/BOBJ
- Involved in different phases in UAT
- User groups, and users creation in CMC
- Migration of report objects using promotion management across landscape.
- Marinating the BO servers in CMC
- Assigning groups to users and setting up alias in BO 3.1 and BO 4.0
- Authentication of users in BOBJ, ICS, BI4 and FIM environment
- Creating of data access groups, filters in application
- Analyzing and solving access related issues to reporting users like power users, end users and developers in BOBJ, BI4.
- Resolving of authorization related defects raised by users for BI, BOJ, BPC, FIM BI4 and FIM applications
- Worked with Business process owners to understand business processes in order to determine Security requirements
- Analyzed and creation of role matrix for GTS 10.0
- Designing and creation of Single, Master and Derived Roles
- Object level maintenance in SU24
- Extensively used Su53 and ST01 Transactions in Trouble Shooting Authorization Check and Interface Checks, custom transaction
- Performed transports and mass transports of roles and Used CATT scripts for mass user creation
- Re-designed role as per the compliance check
- Worked on GRC GTS access control process
- Assisted users in testing phases like UAT and SIT
- Used traces and display authorization checks reports for resolving the end user problems during UAT phases.
- Coordinated with super users and users on testing unit test cases.
- Simulated User based, Role based background jobs in RAR Tool to Identify Any SOD issues.
- Prepared process documentation, identified process control owners and reduced the gap
- Migrated SOD ruleset from other system to GRC
Environment: ECC R/3, BI/BOBJ, CRM, SRM, GTS, GRC, BPC GRC 5.3, GRC 10.0
Confidential
SAP BASIS Consultant
Responsibilities:
- Role matrix design analysis/creation, User Access control, Extensive User of SUIM and PFCG
- Roles redesign as per new Virsa Patch level and reduced conflicts
- Carried out testing of roles assisted testing team in UAT phases
- Sarbanes - Oxley (SOX) Implementation, Roles and authorizations re-implementation using Virsa tool. Role simulation, Mitigation controls etc.…using Risk assessment tool /VIRSA/ZVRAT
- Trouble shooting and end user issues, extensive use of SU53 and ST01
- Continuous interaction with client and end users
- Worked on Transport Management System and updating all the activities in DMS
- Scheduling and monitoring hourly, daily, monthly back ground Jobs
- Including Satellite systems in SOLMAN and Generating "RFC connections" & assigning the logical system to them
- Maintain SAP security policies and documentation
- Applied Latest Virsa patches for SOX compliance
- Started & stopped the servers during critical Server related activities
- Monitoring Inbound & Outbound queues on daily basis
Environment: SAP ECC R/3, Solution Manger, BW, CRM, MDM,EP
Confidential
Associate consultant
Responsibilities:
- Role Matrix design, creation of roles and modification of roles.
- Done SU24 changes in SAP Security
- Resolving issues in CUA and involved in testing in UAT and Pre-prod
- User Administration (User Access Control) and mass user creation using eCATT scripts
- Resolving SAP Security authorization
- Trouble shooting and end user issues, extensive use of SU53, ST01, SU56
- Involved in SAP Role transport, Monitoring SAP System Health Checks
- Applied support packs, OSS notes and analysed ABAP dumps
- Importing change requests, troubleshooting transport related problems
- Implemented Client security policy and similar actions
Environment: SAP ECC R/3, Solution Manger, BW, EP