PROFESSIONAL SUMMARY

• Overall 9 years experience in IT industry and over 7+ years experience in SAP as SAP Security/GRC/Basis Consultant on SAP R/3 ECC 5.0/6.0, 4.7, 4.6C, 4.6B.
• Worked on 5 full life cycle implementation of SAP Security projects from design phase to post implementation phase in SAP Security Realm.
• Assisted on various modules like PP/MM//WM/HR/FI-CO/SD and new Dimensions products BI/BW, HR, CRM, SRM, Portal, XI, and SCM.
• Perform SAP Security related task and Implemented Security policies and procedures, Experience in SAP Security Maintenance (PFCG), maintained the roles for all the instance (DEV, QAS, PRD and Training Environments) profiles in development and production systems
• Worked on designing the Security requirements for SAP Business Objects.
• Provided support for User Maintenance, Roles/Profile Maintenance using Profile generator.
• Experience in Setting up Central User Administration (CUA) and maintenance.
• Experienced Netweaver Basic of User maintenance Thru UME (User Management Engine).
• Experience in SAP Security related task such as SOX (Sarbanes Oxley) Compliance.
• Working experience in Role remediation and user remediation of segregation of Duties (SOD) within SAP implementation, GRC-Virsa Systems 5.X tools (Compliance Calibrator, Access Enforcer, Fire Fighter and Role Expert).
• Experience with VIRSAComplianceCalibrator5.1 (SAPGRC) for Prevention/Remediation/Mitigation of Segregation of Duties (SoD).
• Extensively used Fire Fighter 5.2 forcreating Fire Fighter IDs, designing and assigning Fire Fighter roles and monitoring Fire Fighter logs activities
• Remediation of Segregation of Duties (SOD) within SAP implementation, VIRSA Systems VRAT tool, Fire Fighter, Role Expert, Access Enforcer, Profile Generator (PFCG), Role Creations modifications, User Administration.
• Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.
• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users.
• Experience in troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI.
• Experienced with creating & working on Production Support Tickets using Remedy tool.
• Self starting, highly dependable results oriented SAP Security Functional Analyst with hands on R/3 implementation, system enhancements and production support responsibilities.
• Effective, imaginative problem solver with excellent problem solving skills, team player and good communication skills.

SAP Skills:

SAP Security and Sales and Distribution module

SAP version:

SAP R/3 ECC6.0, ECC 5.0,4.7, 4.6C,4.6B

Specialization:

Security(R/3 and BW), CUA, Profile Generator, User Maintenance, Authorization, IDM.

SAP EP 7.0:

Administration: iViews / Roles / Pages, EP 7.0, UME, System Definitions, Folders, User, Groups, Transport Packages.
Security: Single Sign on (SSO) using logon tickets. User Mapping, LDAP Directory with UME

Office Tools

MS OFFICE(MS-Word,MS-Access,MS-Excel,PowerPoint)

Databases:

SQL, Ms- Access 2000/97, Ms-Sql Server2000

Languages:

Visual Basic 5.0, Visual Basic 6.0, C, C++, Vb.Net, Ado.Net, Core  Java, PL/Sql, Web Services, Xml

Web Servers:

Windows 2000 Professional server, Windows 95/98

Confidential, Lebanon, NJ March 2007 to Till Date
SAP Security Analyst/Team Lead 

Roles and Responsibilities:
Implementation Activities (RELEASE-1 & RELEASE-2)

• Responsible for Security role development like creation of Roles(including Single role ,Composite role, Parent & child role) creation of Users, Maintained Authorization Objects, and Assigning Roles to Users as per Documents provided by the Management
• Participated in Security Testing and UAT for Mexico/Bermuda client users for release-1 and help in resolving the defects using Mercury for ticketing purpose.
• Participated in Security Testing, UAT and OQ for USA market client users for release-2 and help in resolving the defects using Mercury for ticketing purpose.
• Created roles for USA market (plant based) as per Global role template.
• Work with QVC Team in adding aditional TCodes or Organizational values (derived roles) to the roles as a part of Security Testing and UAT Testing in Mercury before going live.
• Created job roles for Mexico and Bermuda as per the relevant test ids and also participated in security roles testing.
• Created roles for GTS (Global trade service) Business Objects for Mexico Go-Live release 2.0(A) and involved in security unit/UAT testing. Also worked with the end users to resolve authorization issues
• Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards.

Post GOLIVE support Activities (RELEASE-1)

• Hands on experience on production Support for Mexico/ Bermuda (LA HUB) plant for post GOLIVE support for COMET MERCK.
• Supported production issues on ECC, BI & Portal, GTS, SCM modules which were the part of RELEASE-1.
• Worked on security tickets using REMEDY tool.

Administration (ECC, SCM, GTS, and XI):-

• Maintained Users Master Records by creating User Ids, assigning roles, copying, renaming, reset password, etc. using SU01.
• Performed mass user activities using SU10.
• Extensively used ECATT scripts for mass user creation, locking and unlocking users, assigning roles to users etc.
• Used ECATT script for mass creation of OSS Ids, Basis Ids and Production user ids across the environment.
• Created Parent/Child role for Mexico/Bermuda from the Global role template for ECC, SCM, GTS in the initial implementation phase.
• Worked with profile generator (PFCG) in creating roles, profiles, composite roles and derived roles.
• Worked on SAP Check Indicator Defaults and Field values using transaction SU24 and maintained check indicators for Transaction codes during testing.
• Worked in coordination with HR people to maintain the synchronizations of the HR data (Pa0105- user id & email) and the SU01 user data so that users receive the workflow items.
• Created Global and Market roles as per the process teams requirements for STS Workflows maintained the roles and user maintenance.
• Transported Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape.
• Transported the generated roles and profiles using Transport Management System.
• Extensively worked with security related tables such as AGR_TCODES, AGR_USERS, AGR_1251, AGR_1250, AGR_DEFINE etc.
• Worked on Job role user switch for more than 400 users for BI, SCM, ECC all gold clients.
• Worked in configuration and support of Fire fighter and CC tool.
• Extensively worked with VIRSA Compliance Calibrator 5.1 to perform risk analysis at user and role level.
• Experience with VIRSA Compliance Calibrator 5.1 (SAP GRC) for Prevention/Remediation/Mitigation of Segregation of Duties (SoD) within Organization.
• Worked with table authorizations to control access to tables and created custom table authorization groups using SE54.
• Worked with SE93 to create custom transaction codes to control access to tables.
• Assigned authorization groups to programs using RSCSAUTH and RSABAUTH to control access to programs.
• Trouble shoot user project related issues for Solution Manager for viewing Mexico/US project folder details.
• Participated in creating Solution Manager roles for Change Request Management (CHARM) and testing of those roles.
• Used the table TCDCOUPLES (TcodeSE93) to maintain the checks between calling and called transaction codes such as SM37.
• Used SQVI to generate different kinds of User or Roles reports required by QVC Team.
• Monitored access to key authorization objects such as S_BTCH_ADM, S_ADMI_FCD, S_TABU_DIS, S_DEVELOP etc for debug access and etc.
• Advised developers to use function module AUTHORITY_CHECK for custom programs.
• Performed User master maintenance through Central User Administration (CUA).
• Effectively analyzed trace files using ST01 and authorizations for users (SU53) and tracked missed authorizations for user’s access problems and inserted missing authorizations manually.

BI 7.0

• Created Custom Reporting Authorization Objects using transaction RSECADMIN.
• Created roles for restricting access to Infocube, Info/ODS objects, Queries and Workbooks.
• Created custom objects to secure the roles by Company Code, Plant and Cost Center
• Created development roles for BW developers using the authorizations objects S_RS_ISOUR,S_RS_ISNEW, S_RS_TR, S_RS_RST, S_RS_ADMWB, S_RS_BTMP
• Involved in testing of the roles along with the BI team members.
• Developed authorizations and assigned it to users using RSECADMIN
• Troubleshoot authorizations related problems using RSECADMIN.

SRM 6.0

• Worked with the SRM business team to prepare and maintain role matrices and user mapping matrix.
• Created EBP, SUS roles and Involved in troubleshooting roles, identified missing objects, arranged the menu structure as per the business requirements, tested roles.
• Worked with the configuration team in building, testing and implementing the roles
• Created Users in the SRM 4.0 environment using the web browser using transaction BBPUSERMAINT
• Created SRM users using the transaction SU01 and Assigned the user to Organisational hierarchy for SRM Team members through USERS_GEN.
• Troubleshoot user administration related issues.
• Assigned users to Organizational units using the transactions PPOMA_BBP, PPOME_BBP
• Maintain the approval and spending limits at role level and user id level

Enterprise Portals 7.0

• Interacted with Portals configurators and developers in implementing Portals security and participated with Portal team for SSO login for various instances such as BI, SRM, and T&E.
• Worked with Portal Architect for assigning proper roles for STS business stream.
• Created SUS external vendors under Purchase order collaboration tab.
• Loaded Mass users on Portal with Security program for Hypercare/UAT activities.
• Created Users and assign appropiate Roles or groups on Portals as per Role matrices.
• Created groups in Enterprise Portal and assigned all roles to that relevant group.

Environment - SAP BI 7.0, SCM 5.0,GTS7.1,ECC6.0,XI 7.0,NetWeaver, Solution Manager, Enterprise Portal 7.0(SSO), SRM 6.0.

Confidential, CA Mar 2006 to Feb 2007 
Sr SAP Security Analyst

Responsibilities

• Provided daily security and authorizations management of SAP R/3 and BW systems.
• Comprehensive knowledge exchange and documentation on different topics related to Security, Profile Generator (PFCG) and related functions.
• Working with Functional heads for Segregation of duties and Security changes based on SOX requirements.
• Ensure role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/controls teams.
• User Maintenance/User creation, deletion, modification on PRD, QAS, TST & DEV Server. Create & manage the scheduling of batch jobs working with T-Codes SU53 andSUIM for giving authorizations.
• Designed the security for reports which were viewed in Business Object (BOBJ).
• Involved in defining the strategies for role request, ownerships, report access in portal and business objects.
• Participated in workflow design and testing of AE tool .
• Participated in configuration of FF and AE tool for Compliance Calibrator 4.0.
• Extensively worked with VIRSA to perform risk analysis at user and role level.
• Used GRC Virsa tool extensively for handling SOD conflicts for each user
• Worked on creating users in UME (User Management Engine) and assigning appropriate roles.
• Created Custom Reporting Authorization Objects using transaction RSSM
• Responsible for creation and maintenance of Roles for BW queries, Info Cube, Info Area using Profile Generator PFCG Involved in testing of the roles along with the BWteam members
• Participate in requirement gathering, assessment, design and configuration for SAP security.
• Creation of Authorization Groups to restrict the R/3 table access and program access and review and correction of sensitive authorizations (S_TABU_DIS, S_USER_TCDetc.), including assignment of authorization for sensitive tables.
• Used Virsa tool extensively for handling SOD conflicts for each user.
• Responsible for day-to-day transport support for moving objects from one system to another system.
• Developed and provide knowledge transfer to client personnel on security authorization concept and security design/implementation.
• SAP R/3 Prod Support in all areas of security with modules like FI, MM, SD, PS, PP, CRM and BW.

BW 3.5

• Responsible for creation and maintenance of Roles for BW queries, Info Cube, Info Areas using Profile Generator (PFCG).
• Interacted with BW Team in design of security roles
• Involved in testing of roles along with BW team.
• Created roles using authorization objects S_RS_ICUBE, S_RS_MPRO, S_RS_ISET, S_RS_ODSO.
• Created hierarchy authorizations using S_RS_HIER.
• Created Custom Reporting Authorization Objects using transaction RSSM.
• Troubleshoot authorizations related problems using RSSMTRACE and ST01.

CRM 4.0

• Worked and Created roles for CRM for functionality Product Catalog, IC WebClient, Product, Administration console, also worked on setting up Internet users and roles for B2B.
• Created users and assign them relevant roles.
• Worked on assigning the users to organization structure for BP.

Environment - SAP BW 3.5, Netweaver, R/3 6.0 ECC, FI, MM, PP, SD, CRM 4.0

Confidential, NJ July’05 to Feb’06
Sr SAP Security Analyst

Responsibilities

• Participated in designing, writing and implementing security related standard procedures for the user administration, roles and profile generation.
• Created and modified Single roles, Composite roles and Derived roles using automatic profile generator (PFCG) to meet business requirements by making sure users do not get more authorizations than needed or assign missing authorizations to perform their tasks
• Performed user administration activities such as setting up user login Ids and assigning and resetting passwords, locking and unlocking users.
• Troubleshoot user roles, security authorization objects and authorizations to resolve security conflicts using transactions SUIM , SU53 and ST01
• Hands-on security upgrade using SU25 and Profile Generator (PFCG)
• Set up the Profile Generator and generated user profiles for FI, MM, PP and SD users.
• Set up the authorizations for specific BI/BW users and authorizations using Net Weaver 2004.
• Worked on different components for the query definition and restricting the authorization for BI/BW owners/users.
• Troubleshoot authorizations related problems using RSSMTRACE, RSSU53 and also using RSSM
• Provided daily security and authorizations management of SAP R/3 and BW systems.
• Worked on HR Security for setting up structural authorizations.
• Assisted with the security team for Reviewing SAP R/3 security Design for SOX remidiation Issues in SD, MM.
• Used Profile Generator to effectively restrict user access to specific Business Areas
• Involved with technical team in setting up SAP system for auto log-out, password length and expiration and specifying impermissible passwords.
• Perform reconciliation of user master record and roles using PFUD and SUPC.
• Was involved in the creation of CRM Enterprise roles.
• Segregation of Duties (SOD) and analyzing Risk Assessment using VIRSA compliance calibrator 4.0.
• Used LSMW to create mass users information and finitialise the password for the users.
• Ensure that security authorization procedures are adhered to and that users do not receive authorizations that are outside of company guidelines.
• Analyze Root Cause of Authorization Problems and fix the missing authorizations.
• Ran security reports for critical transactions and objects.
• Supported users at different levels for the security issues in different modules.

Environment - SAP BW 3.5, Netweaver 2004, R/3 5.0 ECC, FI, MM, PP and SD, CRM.

Confidential, MN Oct’03 to June’05 
SAP Security Administrator/Lead

Responsibilities

• Developed, communicated and implemented security policies and procedures
• Worked with the business managers in defining access requirements for end users, maintain role design methodology and worked with Functional team members to set up end user roles. Identify and maintain secured transactions, manage and maintain access to development, quality and training instances. Created over 240 job roles in SD, FI, MM, PP and WM.
• Adhere to company policies and ensured proper approval before granting critical and restricted access to users.
• Good at Preventing, mitigating and compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.
• Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24) for authorization objects.
• Worked with the business managers in refining or changing SAP roles
• Analyzed all custom programs and transaction codes for authority checks.
• Responsible for the developing roles, Composite Roles and derived roles using the Profile Generator (PFCG).
• Reviewed SAP R/3 security Design for SOX Issues in FI, MM, SD, PS and HR Modules on SAP R/3 Release 4.7.
• Re-designed Security for FI, MM, and SD module for SOX compliance/Segregation of Duties (SOD).
• Using System trace (ST01) to record authorization checks in different sessions.
• Periodically analyze user master records and develop strategies to reduce any risks to the business from an structured authorization perspective.
• Use of Derived, Composite and Collective Roles for 4.7 using Org Levels.
• Using CATT scripts for various day-to-day activities.
• Assist users with access problems and questions using SUIM and SU53.
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
• Followed the established standards and naming conventions as dictated for the Clients security schema.
• Prepare authorization environment for Go-live and provided end-user training.

Environment - SAP R/3 4.7,SD, FI, MM, PP.

Confidential, PA Sep’01 to Aug’03 
SAP Security Administrator

Responsibilities:-

• Analyzing and evaluating the technical security requirements for SAP R/3 Security.
• Extensively interacted with the functional teams in the process of creation of roles Matrices for SD/MM the modules.
• Worked on CUA administration and maintenance.
• Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24).
• Extensively used Profile Generator (PFCG) to create single roles and derived roles /profiles for various modules such as FI, MM, and WM, SD.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
• Developed control and strategy with focus on SOX.
• Working with respective functional heads for SOD tools & security changes based on SOX violations at tcode level & object level.
• Responsible for the developing roles, Composite Roles and derived roles using the Profile Generator (PFCG).
• Assigning transactions in roles as per business requirements and setting up authorization fields.
• Used Profile Generator to effectively restrict user access to specific Business Areas.
• Performance Troubleshooting existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets.
• Designing and documenting security administration policies and procedure for the production environment.
• Troubleshoot security/authorization related problems using user information system (SUIM) and Display Authorization Data (SU53).
• Used System Trace (ST01) to record authorization checks in different sessions.
• Work with Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Set up authorizations using HR authorization objects.
• Set up structural authorizations for HR module which involved activating, creating and assigning structural authorization for administrator
• Knowledge of Context based authorizations.
• Used Transport Management System (STMS) to perform transports between clients within R/3 system.
• Involved with technical team in setting up SAP system for creating mass users, deleting mass users, locking and unlocking mass users

Environment- SAP R/3 4.6C,SD, MM, FI, HR

Confidential Jun’00 to July’01

• SAP SD Functional Consultant

Responsibilities:-

• Developed functional specifications based on business process specifications and user interaction.
• Supported, modified and made necessary changes as per client’s request.
• Configured Customer Master Data and Material master data. Worked with the technical consultants in transferring the master data from the legacy systems to the SAP R/3 system using the LSMW.
• Supported by order management, outbound deliveries, and the billing function.
• Configured billing documents, Credit memo and Debit memo process.
• Worked on Sales documents such as Quotation/Inquiry, orders return orders processing and scheduling agreement.
• Configured the sales process for cash sales, rush orders, consignment sales.
• Extensively worked on Logistics Execution functionalities like Delivery processing, Picking and Goods issue.
• Involved with the technical people and worked on user exits.
• Configuring basic shipping functions and procedures for route determination in Transportation.
• Worked on integration with MM and FI&CO modules.
• Interacted with the users to thoroughly understand the requirements and expectations.
• Generate new users and maintain user master record, changing password, locking users.
• Post Go Live support for SD module in all the areas and related integrated modules MM and PP.

Environment:-SAP R/3 4.6B SD

• Post Graduation Diploma in Computer Applications
• Bachelor
• Microsoft Certified Software Developer.
• Advance Diploma in Software Engineering (ADSE).