PROFESSIONAL SUMMARY:

• Over 10 Years of experience in SAP security administration in various SAP environments S4 HANA, Fiori, BPC10.1(embedded), RTC, BI, PI/PO, MDG, IBP, BW, EP, GRC10.0, Virsa, Solution Manager, Charm
• Expert in Administration & Authorization including Role/Content Administration and User Administration, Profile Generator (PFCG), Central User Administration (CUA), Segregation of Duties (SODs) analysis and auditing requirements.
• Have worked on Implementation, upgrade & support in multiple SAP Security projects
• Team leading experience with the size of 10 - 15 resources. Responsible for bugs tracking & assignments to the team and ensuring to complete within SLA.
• Upgrade experience- BW3.5 to BI7.0. Involved in design, development and testing phase
• Upgrade experience to EHP 7
• Full Lifecycle Greenfield Implementation to S4 HANA. Extensive experience in BI Security(SME), BPC
• Creation of new Mitigation ID based on requirement from Business.
• Worked on Security Role Implementation for embedded BPC (Real Time Consolidation)
• Extensively worked in creating custom Fiori tiles - Analytical, GUI, Transactional
• Extensively worked on Access Management in ARA for accessing and mitigating risk
• Worked on BPC for creation of Task Profiles, Data Access profiles and Teams based on the business requirement
• Worked with functional team extensively to design the roles as per their needs meeting the SOX compliance.
• Role Remediation experience to meet the business SOX compliance requirements.
• Extensive hands on experience Design & Develop Security for ECC 6.0 and BI 7.0.
• Experience in analyzing and translating business requirements into technical specifications in collaboration with application developers and functional teams.
• Expert in developing single, composite, and derived roles to restrict system access for authorized users
• Extensively worked on RSECADMIN to define analysis authorizations
• Experience using Virsa & GRC 5.3 to generate reports on Firefighter log (SPM/FF) and Compliance Calibrator (CC/RAR) SOD reports
• Updated and maintained authorization object for tcodes using SU24 to meet the business requirements and to make sure the SAP best practices are followed
• Extensive experience using SUIM, SU53, ST01 and RSECADMIN to troubleshoot authorization issues
• Good Portal Security experience with assigning Groups, and importing roles
• Good production support experiences, provide 24x7 on call production support, making sure tickets are resolved in timely fashion to meet the deadlines well in the SLAs and in compliance with the change management policies.
• Good experience on Position based security
• Good knowledge and experience with Solution Manager and CHARM
• Created OSS Message, OSS ID, Generating Developer & Object keys, Registering Objects in service marketplace (Service.sap.com)
• Excellent problem-solving skills, team player with good communication skills. Quick learner, efficient communication skills, problem solving and analytical skill
• Extensively worked on ticketing tools: HP-ALM, ISM

PROFESSIONAL EXPERIENCE:

Confidential, Philadelphia, Pennsylvania

SAP Security and GRC Consultant

• Responsible for S4 HANA 1710 Greenfield full lifecycle Implementation
• Working on designing and implementing Security for BPC 10.1 embedded authorization
• Designing custom Fiori tiles for the BW- BPC reports and securing access
• Working on implementing security for MDG, IBP and ARIBA
• Worked with functional team extensively to design the roles as per their needs meeting the SOX compliance

Confidential, Allentown, Pennsylvania

SAP Security and GRC Consultant

• Responsible for S4 HANA 1610 Greenfield implementation
• Key Contributor for designing and implementing Security for all process areas
• Worked with functional team extensively to design the roles as per their needs meeting the SOX compliance
• Responsible for Designing Fiori Tiles and securing the access
• Implemented Security to secure BW CDS views in S4 HANA
• Responsible for designing and implementing BPC, APO and BW Security
• Responsible for VIM roles design for Security RTP roles
• Defect Coordinator for all Release cycles and used HP ALM for defects
• Designed and Implemented Security for Charm

Confidential, Sunnyvale, California

SAP Security and GRC Consultant

• Responsible for monitoring the production support queue and ensuring timely resolution
• Worked on BPC for creation of Task Profiles, Data Access profiles and Teams based on the requirement from the Business.
• POC for Auditing Requirements/SOX- Pulling reports for auditors and trying to make it compliant. Working on any new SAP recommendations
• Involved in ECC SP upgrade. Executed SU25 and analyzed the changes needed in objects & roles based on business requirements.
• Eliminating Security related issues per the Early Watch Reports
• Extensively working on PFCG on designing roles for enhancements related Projects (Ongoing activity)
• Leading the team of 5 resources and providing support to team
• Extensively worked on GRC ARA
• Used Ticketing tools - Service Now, Espresso, RADAR
• Troubleshooting of user roles, tracing the users, security authorization objects
• Involved in testing of newly implemented GRC BRM tool, reporting any issues, ensuring it is behaving exactly the same as PFCG.
• Trained on SAP HANA Security
• Maintained authorization object assigned to tcodes using SU24 to meet the business requirements and to make sure the best practices are followed.

Confidential, Philadelphia, PA

SAP Security Analyst - R/3 4.7, ECC 6, BI 7.0, EP 7, NW 7.0, SolMan & GRC 5..3/10.0

• Closely worked with business process owners, functional and technical team to gather and analyze requirements, create tcode to role mapping, User to role mapping, unit test the role changes, perform SOD analysis and role remediation
• Upgrade experience to EHP 7 - Involved in analysis using Panaya tool, making changes and adjusting roles
• User maintenance (User creation/deletion/lockdown/activation/Password management)
• Leading the team of 10 resources and driving the defects to completion within SLA
• Role Remediation experience to meet the business SOX/ compliance requirements
• Identifying roles and making changes to remediate the SOX issue if possible
• Conducting workshops with the business users to brief about SAP Security, SOX and SAP GRC tool
• Generate weekly SoD and FF log reports for the management, Setup FF, Create and assign FF IDS to users once approved by the FF ID owner
• Work with profile generator (PFCG) to creating roles, composite roles and derived roles
• Extensively worked on RSECADMIN to define analysis authorizations
• Involved in Business Reorganization project which involved design and development of new AA and roles in BI7.0
• Implemented Special authorizations using colon and key figure authorizations
• Maintained authorization object assigned to tcodes using SU24 to meet the business requirements and to make sure the best practices are followed
• Created Authorization Groups to restrict the HR table access and review/correction of sensitive authorizations (S TABU DIS, etc.), including assignment of authorization for sensitive tables
• Creating authorization groups using SE54
• Performed troubleshooting of user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error for SAP systems for DEV, QAS and Production Environment
• Extensive experience in SAP Security Administration & Authorization including Activity Groups, Profile Generator (PFCG), Central User Administration (CUA), Role/Content Administration and User Administration and an extensive use of transactions like SUIM, PFCG, SU01 SU10, SU24, ST01, SU53
• Worked with the management on CSS which helped to improvise thins as per user requirements and make it more user friendly
• Extensively worked on authorization issues related to BI Security and was leading the team as BI SME
• Used ticketing tools like HP-ALM and ISM
• Provide On-Call support 24x7for all SAP Security related issues and activities

Confidential, Benton Harbor, MI

SAP Security Administrator - BW Upgrade Project

• Closely worked with business process owners, functional and technical team to gather and analyze requirements, create tcode to role mapping, User to role mapping, unit test the role changes, perform SOD analysis and role remediation.
• Checked Security upgrades using SU25 for BW upgrade from 5.3 to 7.1
• Performed Steps 2A, 2B,2C and 2D in SU25 for post process the settings after Upgrading to Higher Release
• Extensively worked on complete role designing and developing new AA using RSECADMIN as per client needs
• In testing phase, being at client facing role, was POC for any defects(QC) raised for Security team and UAT in HPQC
• Used BI Tables: - RSECVAL, RSDCHA, RSDCUBE and RSDCUBEIOBJ
• Created new authorization with proper naming convention standards which would reduce the ambiguity & objects can be distinguished and reduce the maintenance effort
• Created LSMW scripts to copy user master record from old BW system to upgraded BI system
• Worked with the end-client to train their resources on the new features provided to manage analysis authorizations
• Actively interacted with all members of client team

Confidential

SAP Security Administrator - HR and R3 Consultant

• Working on ESS/MSS, Talent Management, Position based Security, and SSO issues.
• Role Remediation experience to meet the business SOX compliance requirements
• POC for all the enhancements related to role changes, new role creation and new object assignment to tcode . The main objective is to ensure that everything get delivered on time by planning the hours and setting up probable dates for delivery.
• Responsible for designing and developing roles.
• Created Composite, Master - Derived roles to meet the business requirements.
• Worked closely with the business and functional team to define Composite role, Role to tcode mapping, User to role mapping.
• Creating authorization groups using SE54 .
• Maintaining Infotype 105 (Communication) for all new employees.
• GRC Upgrade experience from 10.0 to 10.1

Confidential, Arlington, TX

Security team lead

• Responsible for Design and development of security strategy for enhancements and Development projects.
• Perform troubleshooting of user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error for SAP systems for DEV, QAS and Production Environment.
• Updating role as requested by business process owner and run through GRC (10.0) to make sure the new addition does not cause any SOD violations within the role.
• Used transaction RSECADMIN for creating analysis authorization and S RS AUTH for assigning analysis authorization to end user roles.
• Maintained authorization object assigned to tcodes using SU24 to meet the business requirements and to make sure the best practices are followed.
• Created Authorization Groups to restrict the HR table access and review/correction of sensitive authorizations (S TABU DIS, etc.), including assignment of authorization for sensitive tables.
• User maintenance (User creation/deletion/lockdown/activation/Password management).
• Work with profile generator (PFCG) to creating roles, composite roles and derived roles.
• Creating weekly reports which include SOD (SOX) reports, Inactive user reports, User termination reports and Firefighter log reports.
• Created OSS Message, OSS ID, Generating Developer & Object keys, Registering Objects in service marketplace (Service.sap.com).
• Performed User Administration activities like Creating, Deleting, Modifying, Locking and Unlocking users using SU10 & SU01.
• Good experience using CUA for central user administration.
• Maintained security for Folders, Reports, Universes and Universe connections in BOBJ XI 3.1 CMC (Business Objects Enterprise Central Management Console).
• POC for escalations (if any) for Security area
• Responsible for status call with client for discussing current activities and issues going on in Security Area.