SUMMARY:

• SAP Certified Security & GRC Senior Consultant with total experience of 12.8 years.
• Handled security for various modules: ALE, BI / BW, HANA, HANA Roles/Privileges and HANA Studio, APO, FI, CO, Fiori, GRC AC, MM, NWBC, SD, SRM, PM, EHS, HANA, HR / HCM/ Core HR (Personnel Administration/Organizational Management), IAM, ESS, MSS, CRM, SCM, XI and Enterprise Portal (EP).
• Experience in Security Administration by creating and assigning roles, user administration, password management and troubleshooting authorization issues.
• Experienced in Creating, Maintaining, Modifying existing customized roles (Single, Composite and Derived) and authorization objects which include complex design restrictions and promote to Production Strategy.
• Responsible for extensive coordination with functional and technical SAP development team.
• Experience setting up users and security on Enterprise Portal and creating users/user groups through UME for SAP Netweaver.
• Experience in handling GRC/VIRSA tools Compliance Calibrator, Role Expert, Fire Fighter, and Access Enforcer.
• Configured GRC Version 5.2 Compliant User Provisioning (Access Enforcer), Risk Analysis and Remediation (Compliance Calibrator).
• Worked on GRC 10.0 EAM & ARA, configuring workflows, CUA user management & authorizations error troubleshooting.
• Working Experience in Role remediation and user remediation of segregation of Duties (SOD) within SAP implementation
• Good understanding of SAP IT and process controls (configurable, automated and manual controls - SAP GRC)
• Experienced in troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI.
• Experienced with creating & working on Production Support Tickets using Solman Service desk tool.
• Experienced in Net Weaver Component - Enterprise Portal Authorization.
• Extensive Experience In Critical Security Settings In Sap Hana Cockpit To Customize The System For Implementation Scenarios & System Environment.
• Having experience in Configuring Sap Hana For User Authentication And Single-Sign On.
• Having experience in Auditing Activity & License Management In Sap Hana Systems
• Designed Roles for SD&MM Module (Business Pricing roles).
• Having real time experience during the testing and APAC Go-live phase.
• Having real time Implementation experience in client place in USA.
• Coordinate with the business leads to prepare the Role Matrix of each work stream like FI, MM, and SD in client location in USA.
• Part of team that successfully upgraded ECC 6 systems to EHP5 in Corrections project.
• Prepared a detailed document of Security Re-implementation Approach DOC Proposal.
• Experience in handling user administration using Identity Management.
• Managed roles and privileges for SAP NetWeaver IDM across the landscape.

SKILL:

Strategy: SAP Security & GRC Consultant

Technology: ERP, SRM, PI, BW, IDM, SOLMAN & EP

SAP: SAP 4.7, ECC 5.0, ECC 6.0, SRM 7.0, PI, IDM7.1, EP 7, BI 7.3X & GRC 5.2, GRC 10.1

SELECTED PROJECT EXPERIENCE:

Confidential, AZ

Sap Security & GRC Consultant

Responsibilities:

• Provide best practices expertise with SAP security architecture
• User administration support in SAP systems including -
• Communication with the IT and business users on new access requirements
• Resolve end-user production support security issues in a timely and accurate manner
• Monitor incoming tickets related to security and user administration.
• Facilitate testing of new or updated security with business role owners
• Work within change management guidelines to ensure that all transports moved into production maintain system integrity.
• Work with basis team to manage any system upgrades, focusing on any security impacts
• Document all security policy and procedures
• Responsible for SAP GRC connection and interface
• Administration of SAP GRC including -
• Identify role owners and approvers
• Configuration of workflows - User provisioning & approvers
• Run Segregation of Duties analysis on users and roles
• Update GRC rule sets
• Add mitigations to roles and users that have SOD’s that cannot be removed
• Emergency access (Firefighter) management
• Work with internal and external audit for audit reviews
• Work with compliance team to ensure IT controls are being adhered to.

Confidential, CA

Sap Security & GRC Consultant

Responsibilities:

• I performed the following activities in the Project
• Role design and modification.
• Trouble shooting end user issues.
• Extracting reports in User Information system (SUIM).
• Coordinating with onsite SAP team and collecting requirement for SAP Security activities.
• Provide daily SAP R/3, APO, BW, SCM, and HR security production support such as ID requests, access requirements and troubleshooting problems.
• Configure UME (User Management Engine) Data sources in Netweaver Systems.
• Creating iViews, Worksets and Roles in SAP Portal 7.0
• Updating status of issues, using Remedy ticketing tool.
• Part of GRC 10.0 implementation team and actively tested ARA, ARM & EAM modules.
• Role administration, modification of roles and authorization through a change request process.
• Having experience in integration of SoD conform processes and authorization validation.
• Having experience in analyzing SoD risks, identifying, approaching and mitigating controls for SoD conflicts.
• Creation and maintenance of Fire Fighter (VIRSA) user IDs for Critical Authorizations for Project and End Users.
• Segregation of Duties (SODs) analysis in Compliance Calibrator (VIRSA) tool such as User level, Role level, Authorization object level etc.
• Full trouble shooting support for the users authorization failures in all SAP applications and resolving the Security issues and support in integration testing of Roles/Profiles.
• Generate SOD reports and mitigation of users via Compliance Calibrator.
• Generating Fire Fighter log review monthly and get it reviewed by Fire fighter owners.
• Handling high priority production issues.
• Designing and documenting security administration policies and procedure for the production environment.
• Updating transactions via SU24 (managing authorization objects).to reduce the scope of authorization checks.
• Troubleshooting and find out missing Authorizations using SU53, ST01.
• Co - ordinate comprehensive testing of all roles and authorization object to ensure accuracy and segregation of duties.
• Extract the Role and Role Owner reports.
• Inform the Role owners for any of the role changes before starting of creating the files for review.
• Coordinate with the role owners for the backups and the role owners for the new roles.
• Run the UAR workflow for the User Access Review request generation for all systems.
• Run the UAR workflow for triggering emails to the role owners for User Access review for all systems.
• Prepare the UAR files with the role owner s roles and Role - Transactions information.
• Extract the Reports for all systems on a daily basis.
• Configuration changes in the GRC system for the role owner changes.
• Create the GRC requests for the role removal from the users.
• Bi-weekly meeting with the role owners and the heavy role owners for getting status updates on the review completion.
• Provide technical information on the user access to role owners for doing the review.
• Create GRC requests for the role owner s role assignment for the new role owners.
• Daily meeting with the client for providing the updates on the User Access Review completion on all systems.

Confidential

Sap Security & GRC Consultant

Responsibilities:

• Role design and modification.
• Trouble shooting end user issues.
• Handle Security Related Incidents for various SAP systems, R/3, APO, XI, BW etc. We deals with creation & modification of user s access to various SAP Systems.
• Extracting reports in User Information system (SUIM). coordinating with onsite SAP team and collecting requirement for SAP Security activities.
• Updating status of issues, using Remedy ticketing tool.
• Updating transactions via SU24 (managing authorization objects).to reduce the scope of authorization checks.
• Troubleshooting and find out missing Authorizations using SU53, ST01.
• Built Analysis Authorizations using the transaction RSECADMIN.
• Providing BI reporting access for the required queries with S RS COMP & S RS COMP1
• Assigned the Analysis Authorizations to the role using the object S RS AUTH.
• Troubleshoot authorizations related problems using RSECADMIN.
• Co - ordinate comprehensive testing of all roles and authorization object to ensure accuracy and segregation of duties.
• Having experience in integration of SoD conform processes and authorization validation.
• Having experience in analyzing SoD risks, identifying, approaching and mitigating controls for SoD conflicts.
• Implement and configure Super user Privilege Management formerly Firefighter.
• Worked with Internal Control team for Role Remediation and User Remediation.
• Worked in all risk control processes including IT general controls, testing plans, testing execution in an integration testing environment and control remediation.

Confidential

Sap Security & GRC Consultant

Responsibilities:

• Role design and modification.
• Trouble shooting end user issues.
• Extracting reports in User Information system (SUIM). coordinating with onsite SAP team and collecting requirement for SAP Security activities.
• Updating status of issues, using JIRA ticketing tool.
• Updating transactions via SU24 (managing authorization objects).to reduce the scope of authorization checks.
• Troubleshooting and find out missing Authorizations using SU53, ST01.
• Co - ordinate comprehensive testing of all roles and authorization object to ensure accuracy and segregation of duties.

Confidential, Middlebury, CT

Sap Security & GRC Consultant

Responsibilities:

• Leading a 5 member team to successfully deliver all deliverables on time.
• First point of contact to validate all security efforts and estimates such as new Projects, enhancements.
• Root cause analysis on aged Incidents, longevity and complex issues.
• Work with Problem Managers on Severity Incidents, provide the fix and identify the permanent resolution of the problem
• Part of GRC 10.0 implementation team and actively tested ARA, ARM & EAM modules.
• User administration via CUA for 6000+ users.
• Role administration, modification of roles and authorization through a change request process.
• Creation and maintenance of Fire Fighter (VIRSA) user IDs for Critical Authorizations for Project and End Users.
• Segregation of Duties (SODs) analysis in Compliance Calibrator (VIRSA) tool such as User level, Role level, Authorization object level etc.
• Full trouble shooting support for the users authorization failures in all SAP applications and resolving the Security issues and support in integration testing of Roles/Profiles.
• Generate SOD reports and mitigation of users via Compliance Calibrator.
• Generating Fire Fighter log review monthly and get it reviewed by Fire fighter owners.
• Handling high priority production issues.
• Managing a 4 member team in team leads absence.
• Updating status of issues, using Service Now tool.
• Designing and documenting security administration policies and procedure for the production environment.
• Hands On experience in CRM security.( creation of users, web shop account unlocking and password reset).
• Weekly meetings with Service delivery managers on the progress of the calls, challenges encountered, improvements made, etc.
• Weekly Governance meetings with Client stakeholders on improvements in Operational areas such as access forms used, new projects in the pipeline, timelines for major security enhancements, Security resourcing estimates, best practices implemented, timeline for approvals, amending processes for better business continuity.

Confidential

Sap Security Consultant

Responsibilities:

• Role design and modification
• Trouble shooting end user issues
• Extracting reports in User Information system (SUIM) coordinating with onsite SAP team and collecting requirement for SAP Security activities
• Updating status of issues, using PM Smart tool.
• Updating all the defects and tracking, using HP ALM tool.
• Approve CHARM requests for Role Changes by Security team via SOLMAN.
• Work with Change Management and Deployment teams to deploy security change requests as per the release dates and projects in SOLMAN.
• Updating transactions via SU24 (managing authorization objects).to reduce the scope of authorization checks.
• Troubleshooting and find out missing Authorizations using SU53, ST01
• Co - ordinate comprehensive testing of all roles and authorization object to ensure accuracy and segregation of duties.
• Participated as a liaison between the SQL development team and IDM support team.
• Participated on the testing of new user accounts created.
• Revised current procedures and workflow processes.
• Provided an efficient method in SAP IDM 7.1 for system to access work queues and manage access requests.
• Monitored privileges that control access to tabs in the IDM portal associated with the correct roles currently assigned to users.
• Worked with SAP Identity Management 7.1 to handle authorizations whenever an employee was assigned a new position in the organization, and de-provisioning for inactive users.

Confidential

Sap Security & GRC Consultant

Responsibilities:

• Role design and modification
• Resolving issues in Central User administration (CUA)
• Supporting HR system like ESS/MSS and portal users
• Trouble shooting end user issues
• Extracting reports in User Information system (SUIM) coordinating with onsite SAP team and collecting requirement for SAP Security activities
• Proposed customer HR position based security
• Updating status of issues, using HPSC tool
• Preparing a detailed document of Security Re - implementation Approach DOC Proposal. I will be publishing this document in arkemedes once the final stage of this work is done.
• Updating transactions via SU24 (managing authorization objects).to reduce the scope of authorization checks.
• Troubleshooting and find out missing Authorizations using SU53, ST01
• Designing Security for SRM 5.0 and integrating with SAP Portal 7.0.
• Configure UME (User Management Engine) Data sources in Netweaver Systems.
• Creating iViews, Worksets and Roles in SAP Portal 7.0 for SRM Users.
• Co-ordinate comprehensive testing of all roles and authorization object to ensure accuracy and segregation of duties.
• Extensively worked with critical objects such as S TABU DIS for restricting table maintenance access. Experience in assignment of Authorization Groups to Tables
• Convert the authorization object filed value to Org. Value and vice versa.
• Part of team that successfully upgraded ECC 6 systems to EHP5 in Corrections project.

Confidential, Marinette, WI

SAP Security Consultant

Responsibilities:

• Solely accountable for the security aspects of this entire project.
• Prepared the schedule for SAP Security implementation and worked out accordingly.
• Built the Role Matrix for over 130 Job titles and over 1000 Transaction codes after consulting with the work stream leads of each work stream like FI, MM, SD etc
• Designed and developed over 600 parent roles as per the Role Matrix. and over 6000 child roles.
• Created 700 plus users as per requirement.
• Carried out the phases such unit testing, integration testing, User acceptance testing and cutover from SAP Security perspective.
• Supporting the project after Go live.

Confidential

Sap Security Consultant

Responsibilities:

• Designed the process flow for requests like new user creation, role change, and new role for the AMS project.
• Involved extensively on the removing the SOD conflicts on the existing roles available in the system with coordinating with internal audit
• Reviewed all the documents exists for TYCO security & authorization and identified the area where an action has to be taken.
• Involved In the implementation of CUA and maintenance of the same.
• Involved on the implementation of Security Weaver, This add - on tool does mostly the same functionality of the GRC.
• Transport management across the landscape using STMS.
• Involved in Roles creations and modifications with respect to Business requirement.
• Involved in Unit testing, Integration testing.
• Maintaining user management via CUA Central systems and Child systems.
• Distributing the equal task within team.

Confidential

Sap Security & GRC Consultant

Responsibilities:

• Role Development - Created roles as per the specification documents through the standard profile generator and other related SAP transaction codes.
• Mass user management using custom developed tools, LSMW, Macro based excel tools
• User administration in Enterprise Portal
• Dependent role concept in Virsa Access Enforcer.
• Installation and configuration of VIRSA on test environment (ECC 6, 5.2)
• Configured CC and Access Enforcer
• Hands on experience in Virsa tools (RE for new role creation & Compliance Calibrator to check SOD violations & report generation)
• Hands on experience with Access Enforcer for compliant user access provisioning
• Fire Fighter setup (Creation and maintenance of Firefighter ID and assigning firefighter IDs to Owners, Firefighters and Controllers
• Designed a Role optimization Tool in Co-ordination with ABAP team, which can able to Perform Mass Role creation, Mass user creation, Role assignment.
• Periodic clean-up activities on Roles
• User Administration - User creation, managing the access assignments, etc.
• Designed roles for SD&MM Module, Restriction done on Confidential Pricing related areas.
• User Info System - Worked with SUIM and other custom created tools to generate periodical reports for various needs
• Updating transactions via SU24 (managing authorization objects).to reduce the scope of authorization checks.
• Troubleshooting and find out missing Authorizations using SU53, ST01
• Co-ordinate comprehensive testing of all roles and authorization object to ensure accuracy and segregation of duties.
• Extensively worked with critical objects such as S TABU DIS for restricting table maintenance access. Experience in assignment of Authorization Groups to Tables
• Restriction for Employees to access others Travel and Entertainment report through HR authorization objects like P PERNR, PLOG, and P ORGIN.
• Convert the authorization object filed value to Org. Value and vice versa.
• Clean-up based on EWA.

Confidential

SAP Security Administration and Transport Administration

Responsibilities:

• User management & Security maintenance
• Maintaining user management via CUA Central systems and Child systems.
• Role creation & modification
• Transport Management using Rev Trac
• Batch job management using the third party tool MAESTRO.
• Spool and printer Administration
• SOD Risks analysis via Compliance Calibrator, Role Creation via Role Expert & Emergency repair via Fire fighter.
• Managing SAP OSS connections.