SUMMARY:

• Worked on various Implementation and Support projects in SAP and other applications for more than ten years in US, Canada and India.
• ECC, S/4 Security: Experience in various aspects of SAP Security and Authorizations including design of Authorization Profiles/Roles using Profile Generator (PFCG), Testing, User Administration and Transport management, Troubleshooting Authorization issues and analysis. Business Analysis to translate Functional requirements into Technical design of Security roles.
• SAP GRC Admin: Expertise with implementation and management of SAP GRC 10.X and GRC 5.3 Access Control components.
• SAP GRC Access Control Implementation: Activation of business configuration sets, Configuration of Connector groups, Synchronization jobs, Mass changes to rule sets
• Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation controls. Firefighter/ Owner/ Controller management in Emergency access management.
• Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests, customization of request screens, Template management. Design of Reports of User, Role and Risk statistics as per Business input.
• Automation of user access provisioning with Compliance checks through GRC Access Control as well as IDM Security Identity Manager
• BI Security: Design/Creation of Analysis Authorizations and Roles in BI systems, troubleshooting, Security setup of Business objects explorer and Role setup in SAP HANA Studio for BI on HANA.
• HANA Security: User management, Role creation, restriction using Table, View and Schemas at Analytic privileges in Role through HANA Studio. Tracing and troubleshooting.
• FIORI / UI5 Security - Gateway role design to include Catalogs, Groups and ODATA. Backend role design to include Tcode, ODATA, Webdynpro with Authorizations. Trace error log analysis for missing Services and Backend authorizations.
• CRM Security: Creating Business Roles and mapping them to the PFCG roles based on the business role for the end users. Maintaining authorizations for CRM Services.
• Designed and owned SOX/ SOD Controls, Audit/ Process controls. Documentation of Evidences for internal as well as external audits. Design and extraction of periodic Audit reports for sensitive transactions/ Authorizations.
• HR Security: Implementation of structural authorization in roles along with relationship management, Organizational management and MSS. Design of Position based Security.
• Designed authorization roles for Change request management and CUA in Solution Manager.
• Expertise with Security for SRM, SCM, Enterprise Portal, Process integration, SOLMAN, working with CUA and Troubleshooting IDOC issues in CUA.
• Expertise in Implementing Best practices in Market in terms of Security parameters, Role design, SAP GRC Rule sets, Standard Operation Procedure (SOP) Design, monitoring and implementation of Earlywatch report suggestions etc.
• Security Role redesign in support projects to simplify design, Ticket reduction and better Access control.
• Basis knowledge in Support pack/ SAP note implementation, Transport Management, OSS Connections, Parameter and RFC configurations.
• Team Lead for 15-member Offshore Support team, in charge of Teams SLA Adherence, Training and Documentation.
• Dedicated team player with good communication and written skills. Innovative and proven ability to identify, analyze, solve problems to increase customer satisfaction and flexibility to learn new applications.

PROFESSIONAL EXPERIENCE:

Confidential, San Antonio, TX

SAP Security/ GRC/ Fiori/ HANA Consultant

Responsibilities:

• Design of Single and Composite roles using GRC 10.1 - BRM for S/4, Fiori and BW systems. Maintain authorization through BRM phases and in Back end systems.
• SOD analysis, Mitigation, Owner, Controller creation/ assignment, Risk/ Function creation in GRC Access Risk Analysis.
• FIORI / UI5 Gateway role design to include Catalogs, Groups and ODATA for FIORI Launchpad. Inclusion of Transactional apps, Fact sheets and Analytical apps in FIORI Roles. Backend role design to include Tcode, ODATA, Webdynpro with Authorizations.
• Trace error log analysis using /IWFND/ERROR LOG for missing Services and Backend authorizations.
• HANA role design to include user access restriction at Table, View and Schema level using Analytic privileges. Design of Repository and Catalog roles in HANA studio.
• DB/ User trace using HANA Studio to find the missing access for user and provision access.
• Provide Firefighter access through GRC Access Request and maintain Firefighter Owner/ Controller, Risk Owner.
• Analysis authorization design in BW roles to restrict at Info object and Key figures. Restriction of Business Objects Folder through BW roles.
• Mandate authority check for Custom transactions at program level and make relevant changes in SU24.
• Move the Role and transaction changes to other systems using Charm change management tool.
• Design of Business roles maintained through BRM and reduction of Single role assignment outside Business role.
• Role cleanup to modify Authorization objects in PFCG Changed status to make them Standard or Maintained.
• Role cleanup to identify Users with Multiple Business roles assigned to them in BRM.

Senior Associate Consultant

Confidential, Houston, TX

Responsibilities:

• Automated provisioning of roles through IDM Security Identity Manager File upload and through IDM Tivoli DB Role provisioning tool.
• SAP GRC Risk analysis and Remediation- Analysis for Role provisioning and Monthly monitoring for violation reports and Remediation of risks.
• Risk walkthrough to Business Owners to justify loss of access during Risk remediation.
• SAP GRC - Superuser Privilege Management - Firefighter/Owner/Controller changes, Access changes and validation of FF Logs.
• Business Objects explorer - BI Report access provisioning and troubleshooting through BI 7.3, BOE CMC and SAP Hana Studio.
• Design of roles with standard privileges and custom Analytic privileges to restrict report access and user management in SAP HANA studio.
• Maintenance and updating of Security tables in Tivoli - IDM DB through excel upload.
• MDM - Maintenance of Functions, Tables and Fields in roles of MDM repositories/ User maintenance and assignment of roles to users.
• Troubleshoot HR/Structural authorization issues - authorization changes in roles, relationship management, Organizational management and MSS.
• Job based access through IDM and maintenance of Job access in lower systems for Testing.
• CRM - access provisioning/ changes to business roles and Services in authorizations.
• Portal group assignment through Active directory, IDM and troubleshooting access to applications.
• User setup in Active directory and AD group mapping.
• BMC Remedy - incident monitoring for access issues related to SRM, SCM APO, PI, Solman systems.
• Role changes through Charm - change management tool with weekly CCB Meetings.
• BPC Upgrade - Design and implementation of BPC Support roles including Analysis for Office.

Senior Associate Consultant

Confidential, Wilmington, DE

Responsibilities:

• Security lead and Architect for SAP Project Implementation team.
• Firsthand knowledge working in a sophisticated SAP environment tackling all the major challenges right from the Business Blueprinting phase to the post go-live support.
• Working with business and Functional consultants and handling complex situations effectively.
• Initial Responsibilities during Business Blueprinting: Primary responsibility was to gather the requirement from the functional consultants and preparing high-level Security Design document.
• Build, Testing and Defect Resolution: Derived Single and Composite roles for the new Business Units with Change management guidelines ensuring system integrity. Coordinated with Functional Teams during Business Role Unit Testing and Integration Testing resolving the defects.
• Defect tracking using HPQC and change management with Charm/ SOLMAN system.
• Pre-Go live Responsibilities: Other responsibilities were to finalize the Organization Level Design, Role Design, Role matrix and BI authorization Design before the go-live.
• User Enablement: Close to 2000 users went live in the rollouts. Key responsibilities were Creation of User Master. Mass User Lock/ Unlock, reconciliation of the User Master. Loading Defaults like Printer, Date and Time, Language. Loading Parameter Id’s for the new user etc.
• Post Go-live: Primary Support until Steady state period. Prioritize and resolve issues during the steady-state period.
• Very good decision maker: Taking crucial decisions during various stages of the project in the best interest of the business.

Senior Associate Consultant

Confidential, Wilmington, DE

Responsibilities:

• SOX Control lead responsible for internal/ external audits including KPMG.
• Implementation of Approva One (SOD tool) - Customization of Ruleset based on Business requirements.
• Working on Technical Designs for new Scope Change Requests and Break-fix requests.
• Providing End to End Support which involves - Logging tickets, Problem Records, Change Records, Scope Change Requests, Analyzing the issue and coordinating with the functional and 3rd party teams, getting the necessary approvals, ensure that compliance is met at all stages, adherence to SLA’s, documenting the changes and closing the ticket.
• Designed and owned SOX reports through background Jobs on sensitive tcodes and authorizations for monthly monitoring.
• Coordinating build work with the offshore team in India. Liaising with functional teams and updating all the stake holders about the progress.
• Creating monthly reports and PowerPoint presentation for the Team Management on Work Allocation, Resource Utilization, Status of Pending and Completed Work Items.
• Security Role redesign to reduce number of roles and better access control.
• Identification of Risk area and modify Security governance process. Documentation of new security changes for future reference.
• Worked on the Pre go-live and Post Go-live Cut-over Activities of a SAP Roll-out Project in LATAM SAP.

Associate Business Analyst

Confidential

Responsibilities:

• SAP GRC Access Control implementation: Activation of business configuration sets, Configuration of Connector groups, Synchronization jobs setup and monitoring.
• Mass changes to Risk analysis Rule library through Excel upload.
• Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation controls. Firefighter/ Owner/ Controller management in Emergency access management.
• Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests, customization of request screens, Template management.
• Design of Reports in GRC Reports and Analytics for User, Role and Risk statistics as per Business input.
• End user Automated Role provisioning with Risk validation through Compliant User Provisioning.
• Updating transactions via SU24 (managing authorization objects)
• Troubleshooting issues with missing iviews in Enterprise Portals. Assigning appropriate Portal Role and groups to user.
• Develop profiles/roles which including complex design restrictions
• Develop authorization for the BI Reporting & Analytics.
• Security SAP Note implementation/ Profile Parameter recommendation to Basis.

Associate Consultant

Confidential

Responsibilities:

• User Access Provisioning using CUA (15000 users) for ECC and Non ECC systems. Mass Creation of User Master Records; troubleshoot issues with Users Authorization, assignment of Composite and Single roles (Position based security and User Based Security). Mass Assignment of roles to position by creating LSMW programs.
• Working with different ticketing tools such as HP OVSD, Remedy, Service Now and HPQC for Testing.
• Adherence to SLA’s and prioritizing issues based on the priority and urgency of the ticket. Sending end user notifications, in case of a Critical or High Priority issue.
• Troubleshooting issues with in ECC and Non ECC systems. Analyzing SU53, System Trace, finding the root cause of the issue and providing resolution following all the processes in place.
• Co-ordinate comprehensive testing of all profiles and authorizations to ensure accuracy and segregation of duties
• Designed a comprehensive security Matrix that documented the security design and controlled the user requests in the production environment.
• Developed, maintained and controlled the access of the project team members in all environments.
• Maintaining company approved audit standards for SAP Application security, resolved BW, SD, FICO, MM, PP security related issues.
• Within BW/BI done Authorization trace, analysis and identifying Info Areas Info cube, and created custom authorization objects.
• Security Monitoring & Reporting. User Trace using ST01 and analysis.
• Find out missing Authorizations using SU53 report from the user.
• Supporting Developers in Dump Analysis & Identifying and Applying relevant SAP Notes.
• Providing technical support to functional areas, configurations and developers