PROFESSIONAL SUMMARY:

• Seasoned IT professional with 12 plus years of increasing IT responsibility with extensive experience in the architecture, consulting, planning, analysis, design, implementation, delivery and support of large, complex enterprise, web and e - commerce applications.
• SAP Security Lead, SAP HANA Security & GRC Architect and Analyst, with over 10 years of extensive experience in SAP Security and BASIS administration, system implementations, upgrades, migrations. Knowledge in data warehousing, modelling and reporting.
• SAP Certified Technology Associate - SAP Authorization and Auditing for SAP NetWeaver 7.31
• SAP Certified Application Associate - SAP BusinessObjects Access Control 10.0
• SAP Certified Application Associate - SAP Cloud Platform Integration (PI/PO).
• Detail Oriented, organized, customer focused individual, with strong professional integrity. Ability to establish and maintain high level customer trust and confidence, business relationships with excellent communication skills with both technical and business audience.
• Strong experience in Software Development Life Cycle (SDLC) Implementations, SAP Security, BASIS, HANA, GRC configuration and implementations
• Strong experience in developing, implementing, and maintaining application security using Profile Generator (PFCG) for various SAP modules such as FI/CO, MM, PP, SD, HR, HCM, PS, SCM, SRM, CRM, SolMan, BI/BW and BPC.
• Experienced in UME administration for all Java based applications such as PI, Ariba, eSourcing portal and experienced in SAP NetWeaver administration functions.
• Hands on Experience on HR/HCM Security, Organization Structures PA, PD, Payroll, Time, Travel, E-Recruiting and ESS and MSS Modules.
• Conducted User Acceptancy Tests (UAT) with business and technical teams and troubleshoot and resolved the issues.
• Experienced in working for Full Life Cycle Implementations, Go-Live, Post Go-Live, and Production Support projects.
• Experienced in Solution Manager, working with work centers, System Development Landscape (SLD), Change and Request Management (CHARM) and also used CTS+ and REVTRAC for change management process.
• Worked with ASAP, Prince 2, Agile and other project management methodologies. Experienced in Agile and Waterfall methodologies.
• SPAD, SCOT configuration and maintaining profile parameters and checking SOST for fax errors.
• Adhered to the Service Level Agreements (SLA) to complete the tickets within turnaround periods.
• Good understanding of ABAP Programming Language.
• Strong working experience with MS Excel, Visio, MS Project and MS Access for complex queries, data storage and data massaging.
• Strong ability to diversify and understand new technologies and applications and grasp them in order to stay in tune with the tech sector and its requirements and Exceptional communication & interpersonal skills.

WORK EXPERIENCE:

SAP S4 HANA Security and GRC Consultant

Confidential, Moline, IL

Responsibilities:

• Gathering requirements and documenting S/4 HANA Security Strategy and framework.
• Designing and building roles for S/4 HANA (Transactional and MDG) and Fiori Gateway Systems. Building roles for GRC 10.1, BW/4HANA, HANA DB and various other systems.
• Implementation and configuration of GRC 10.1 with services for apps included in the ruleset.
• Configured to integrate Java-based systems like SAP PI/PO 7.5 (Single Stack) to SAP GRC 10.1
• Configured to integrate SAP Enterprise Portal with GRC 10.1.
• Designing roles for Fiori apps by adding Catalogs and Groups to S/4 HANA roles.
• Activating services for the Fiori apps in /IWFND/MAINT SERVICE.
• Documenting and implementing cut-over tasks for the S/4 HANA go-live. Troubleshooting and Identifying the missing OData Services and authorization issues in /IWFND/ERROR LOG and notifying the Basis and Fiori configuration team to activate them.
• Optimizing the User Experience by reducing or removing unwanted groups and tiles within the groups to improve performance.
• Working with Fiori Config team to identify the areas where the inactive apps are generating frontend or backend authorization issues and customizing the catalogs to remove inactive apps.
• Working with business users to identify the issues with Fiori apps and resolving the auth issues.
• Optimizing the performance by removing the unwanted apps that are not enabled from the catalogs and reducing the number of tiles on the home page which reduces the load time there by improving the user experience.
• Providing support and issue resolution in quick turn-around during project implementation.
• Working on BW/4 HANA Security. Built roles for Developers, Modelers, Admin teams, Power and end users.
• Working on SLT security for Data load and transformation from BW/4 to HANA Studio/WEB IDE.
• Working on BODS security in CMC granting access rights to users for Information Steward and Data Services to create repositories, rules, profiles to extract data from sources systems and cleanse it.
• Also working on BOBJ, Design time studio, PI/XI, Redwood (batch-job scheduling) and so on.
• Implemented/support GRC AC10.1, Configured GRC AC Access Risk Analysis (ARA) and Emergency Access Management (EAM) components.
• Configured MSMP workflows for addressing various user request types in Access Request Management.
• Successfully integrated LDAP active directory with SAP GRC Access control system.
• Configured the MSMP Firefighter log report workflow for getting the logs to firefighter controllers.
• Successfully implemented various MSMP Mitigation control workflows like mitigation control setup and assignment.
• Configured various BRF+ rule kinds like Initiator rule, Agent rule, Routing rule and Notification and variable rule.
• Successfully configured User Access Reviews (UAR) for assessing the user’s access in all production environments.

SAP HANA Security Consultant

Confidential, Florham Park, NJ

Responsibilities:

• Role building for various markets restricting the user's access to their respective markets in line with the business needs. Building roles for processes such as order to cash, procure to manufacture, make to deliver, procure to pay, record to reports involving modules such as FI/CO, SD, MM, PP, SCM, CRM, GTS, APO, HR BI-BOBJ and so on.
• Provisioning users using Central User Administration on multiple non-production systems
• Resolving GRC issues and educating users, managers and owners with proper use of tool for Access Request submission, Risk Analysis and so on.
• Maintaining SOD Rule sets and mitigating controls for Access Control to identify risks and notify violations.
• Created and maintained Mitigating Controls to exclude certain risks for which the business had, in system and out of system controls.
• Master Data setup for Emergency Access Management for approvers, controllers, internal auditors and users along with firefighter user ids for firefighters.
• Securing Firefighter user ids from unauthorized access by creating user exit for the firefighter user ids.
• Setup batch jobs for generating Crystal Reports, Table format reports for Risk Analysis, etc.
• Setup of batch jobs to synchronize roles, profiles, users and roles from repository.
• Configuration for automatic provisioning of users, roles directly to user master record.
• Configuring secret security questions for Password Self Service functionality.
• Master data setup for Access Control owners for ARM, EAM, BRM and ARA (RAR) both in GRC system and NetWeaver Business Client (NWBC). Familiar with compliance act such as section 404 Assessment of internal control for risk assessment.
• Implemented SOX compliance by putting in place proper controls for change management such as for normal and emergency changes and approvals to move the changes to production.
• Implemented controls on SCC4 for direct configuration changes in production systems in line with SOX compliance. Every quarter the IT manager reviews and approves the changes.
• Implemented SOX controls for access to modifications of the SAP Security parameters.
• Implemented access assignment controls to other users as well as restricting access to himself/herself.
• Ran UAR reports on annual basis to enable business owners to review and approve to retain, remove or assign additional access.
• Implemented operations controls such as scheduled job creation, system configurations, backup and recovery and other system administration activities in line with SOX compliance.
• Implemented BI/BW Analysis Authorization using RSECADMIN, granting access to Multi-Providers and restricting access by company codes, plants, distribution channels and hierarchical restrictions.
• Assigned Analysis Authorization objects to roles using S RS AUTH Authorization object.
• Restricting access to reporting users by assigning display and execute permissions and power users by assigning maintain authorizations using S RS COMP & S RS COMP1 and other objects to grant access to relevant queries and reports.
• Created ODBC connections to source systems using driver, created Data Foundation layer and Business Layer to publish in the universe.
• Created project and established relational and OLAP connections to access tables and read data from tables.
• Imported and Mapped the roles in BOBJ environment and granting permissions to relevant folders by assigning the groups permissions.
• Creating Access Levels and Universes as well as folder groups and granting End user level and Power user level access to the relevant groups.
• Troubleshooting and rectifying the authorization and permission issues in BOBJ as well as in the backend using RSECADMIN.

SAP GRC and Security Lead Consultant

Confidential, Moline, IL

Responsibilities:

• Designing Implementation guidelines for all four products under the SAP GRC Access Controls 10.1.
• Software installation guidance to Basis team & Blue print Designing and Post installation & Base line Configurations
• BC sets activation for Rules and Guiding Basis to installation of Migration tool
• Data export using migration tool & Data Validation after Migration.
• Creation of functional specifications of applications which were integrated to SAP GRC and providing technical requirements for the same
• Involved in master data management, risk documentation & analysis, preparing UAT scripts, SOP documentations for business & core team users, and strategy documents for future phases.
• Expertise in analyzing and translating business requirements into technical specifications in collaboration with application developers
• SAP Identity Management for a global SAP implementation. Provide SAP IdM integration with Active Directory.
• SAP Portal and ECC systems and Provide IdM implementation strategy, and integration architecture and road map.
• Involved in project plan preparation, review at critical points, and regular status reports for senior management.
• Involved in Planning, Implementation & Support of Security administration for a complex and well-integrated SAP landscape with ECC 6.0, BI 7.0, and BOBJ, CRM, SRM and MDM securities.
• Implemented BOBJ 4.1 Security for Universe / Folders / Groups in CMC console.
• Imported BI ABAP roles to SAP Business Objects Enterprise systems.
• Worked on internal SAP Security controls. Provided Knowledge Transfer to SAP Security team members on various SAP Security controls.
• Created new roles in MDM repository as well as perform user administration activities in MDM system.
• Created new ECC Derived roles based upon the company codes as part of the Japan and Nordic regions releases.
• Created various Analysis authorizations roles in BI system as part of release project.
• Created and maintained users for various consoles in BPC system .
• Involved in regular support activities along with the support team.

SAP GRC and Security Lead Consultant

Confidential, Sacramento, CA

Responsibilities:

• Supported and participated in 'Project Clean', a Role re-design project across all modules led by security consultants from SAP utilizing the three-tier role build strategy (display/task/gen role)
• Created roles for the technical and functional consultants and provided the access in non-production and production systems and worked in BI/BW 7.0 and Portal security.
• Also involved in upgrade ECC 6.0. Updated the authorization values from tables USOBX C and USOBT C using SU25 transaction steps.
• Experienced with SAP GRC product suite: Risk Analysis & Remediation (RAR), Super User Privilege Management (SPM) and Compliant User Provisioning (CUP)
• Limiting the query access within the BEx Analyzer using analysis authorizations (RSECADMIN).
• Experienced with troubleshooting the authorization problems using ST01 and SU53.
• Maintained authority checks for customized tcodes in SU24.
• Worked with table authorizations and created new table authorization groups to protect tables.
• Restricted and Maintained Info types using authorizations objects P ORIGIN, P PERNER and transactions PA20, PA30, and PA40.
• Maintained HR organizational structure to administer and control user access, including time-delimited access
• Implemented and worked with Central User Administration (CUA) for single point of control to user and profiles.
• Utilizing SAP Service Marketplace (developer keys, search SAP notes, user id creation, and user access within the marketplace)
• Performed some BI security support and provided access to queries/reports (incl. custom) & power user access
• Used SUIM reports and se16 security tables daily for role/user information/analysis
• Completed monthly security checks and int/ext audit requests; SUIM reports for analysis on users with critical auth objects and access and system settings.
• Performed unit testing and system integration testing for the newly created & Modified Roles.
• Coordinated overall UAT testing of the Re-Design Security project.

SAP GRC and Security Lead Consultant

Confidential, Toledo, OH

Responsibilities:

• As a SAP Security Consultant working for the implementation project, performed administration activities such as setting up user login ID's, designing Roles, Authorization Objects, Profile Generator, User Tracing and Troubleshooting.
• Extensively involved in Re-designing the SAP Security for ECC system. Designed the Role based security for the users by knocking out Task based security and worked with Profile Generator Tool (PFCG) to design the roles.
• Involved in Complete full life cycle implementation of Redesigning the Security from requirements gathering to after Go-live support.
• Designed custom roles for end users, process and technical teams (Basis, Configurations, Developers and Security) in the sandbox, development, quality, and production environments for all SAP modules.
• Extensively worked with the SUIM tool every day in the process of monitoring the system.
• Worked with the ST01 tracing and analyzing the trace records for the user in the process of trouble shooting.
• Extensively involved in Unit testing and Integration testing and coordinated all the testers in all the testing life cycles.
• Implemented InfoObject Security (field-level security) for Reporting Users and also created analysis authorizations.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles.
• Portal Security - Designed, Developed, Testing and Implementation of Enterprise Portal User IDs, Roles
• Involved in Blueprint and Redesign existing security roles to maintain SOX Compliance.
• Created FF-IDs for functional people and regularly monitored FF log reports.
• Develop SoD rules based on audit findings and recommend best practices to client.
• Attend customer meeting with business stakeholders to understand their business requirements and provide solution designs and Conducted User Acceptance testing and Train the trainer sessions
• Conducted sessions to IT team regarding the best practices of job scheduling

SAP Security Lead Consultant

Confidential, Manchester, CT

Responsibilities:

• Led the Role Redesign project on ECC and CRM to address large number of SoDs within SAP security roles.
• Build a connection in between all Back-end systems and GRC system by setting up connectors, Connector groups and maintaining target connectors information’s in each group.
• Created and Maintained Various Risks and Functions based upon the requirement comes from the business.
• Created various Mitigation controls as per the audit requirements.
• Performed Emergency Access Management configuration in GRC AC system like setting up FF user id’s, FF owners and FF controllers.
• Scheduled Firefighter log synchronization jobs for pulling the Firefighter log.
• Determine cause and find solution to a variety of GRC issues in Access Risk Analysis and Emergency Access Management and Develop SoD rules based on audit findings and recommend best practices to client.
• Implement role changes based on SoD findings.
• Created new roles in MDM repository as well as perform user administration activities in MDM system.
• Created new ECC Derived roles based upon the company codes as part of the Japan and Nordic regions releases.
• Created various Analysis authorizations roles in BI system as part of release project.
• Created and maintained users for various consoles in BPC system .
• Involved in regular support activities along with the support team.
• Involved in creation of CRM Role matrix for new CRM roles with the help of Business process owners without any SOD violations and Created Various Business roles as per the business requirement.
• Created and maintained the various PFCG roles and their authorizations and assigned various services based on customer requirement and Assigned multiple positions to users by using organizational management approach.
• Assigned Business Roles to position in CRM by following different approaches.
• Provided extensive support in hyper care period for various rollouts.

SAP Security and GRC Consultant

Confidential, Fort Worth, TX

Responsibilities:

• Responsible for developing, testing, documenting and implementing security policies, procedures and methodologies across all environments in SAP.
• Reviewed and analysis roles and conflict using GRC to find out conflicts. Running queries in GRC to find out users and T-codes valuation.
• Performed mitigation at the user level by applying mitigation control id. Analysis of the roles in Compliance Calibrator by simulation for remediation.
• User administration (SU01, SU10, CUA and Solution Manager): setting up User IDs, assigning roles, resetting password locking/unlocking users, creation of Multiple R/3 User IDs using eCATT.
• Creation of Authorization Groups to restrict the R/3 table access and program access and review and correction of sensitive authorizations (S TABU DIS, S USER TCD), including assignment of authorization for sensitive tables.
• Troubleshoot user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving the issue by giving required authorizations (SUIM, SU53, RSECADMIN, ST01) in different modules.
• Used transaction RSECADMIN for creating analysis authorizations and S RS AUTH for assigning authorizations for BI query end user roles.
• Made the info objects authorization relevant and created analysis authorizations to provide security on Hierarchies and Info Objects.
• Worked on BEx analyzer using transaction RRMX and restricting the users to see the queries using S RS COMP and S RS COMP1.
• Set up structural authorizations for HR module which involved activating, creating and assigning structural authorization.
• Worked with the P PERNR, P ORGIN, P ORGINCON and P ORGXXCON objects in designing the HCM Roles.
• Created Test IDs and attach appropriate Business Role, support Testing team and also performed Unit Testing, Integration testing on created roles using Test Director Tool.
• Used Compliance Calibrator (Risk Analysis and Remediation) to automate all SOD related activities like defining SOD conflicts, monitoring SOD conflicts, prevention of SOD conflicts and mitigating controls.
• Day to day technical support and resolution of issues and the Missing Authorizations after analyzing the SU53 dump.

SAP Security/GRC Consultant

Confidential, MN

Responsibilities:

• Designing the SOD compliant GRC roles by using the Segregation of duties matrix in ECC, SRM and Venus systems.
• Created Business Authorization Matrix for various modules in ECC and for purchasing module in SRM as well as Venus systems.
• Developing and maintaining the SAP security process design documentations during the implementation phase.
• Created a core solution in ECC and SRM for enhancing/deploying the same solution to various delivery units.
• Followed SAP best practices for creating master, derived and composite roles in various systems.
• Created new master and derived roles as per the business authorization matrix without any SOD violations.
• Involved in end to end SRM Security rollouts for various countries.
• Involved in creation of SRM Role matrix for new SRM roles with the help of Business process owners without any SOD violations.
• Created new SRM roles as per the Rule codes mentioned in Authorization Matrix.
• Activating the BBPSTART services for enabling the end users WEBGUI logon without any intervention.
• Created new derived roles based upon the Organizational value, purchasing organization for various countries.
• Assignment of attributes and value limits to user using PPOMA BBP.
• Provided extensive support in ELS phase of the all rollouts for various countries.

SAP Security/GRC Consultant

Confidential, IL

Responsibilities:

• Handling all security issues and providing security support on timely manner along with attending regular security team calls.
• Streamlined most of the SRM roles by restricting at organizational values like purchasing organization.
• Allowing fixed supplier fields for Employee and Requisitioner roles in SRM system.
• Created Various Value based analysis authorizations and Hierarchy level analysis authorizations for HR Specific Characteristic values in BI environment.
• Created and maintained BI Reporting roles and Analysis authorization roles.
• Allowing fixed supplier fields for Employee and Requisitioner roles in SRM system.
• Restricting the Info types at various Authorization profiles level, personal area level and sub type levels in HR area.
• Maintained various roles in HR system and Setting up Idoc movement jobs from CUA system to child systems.
• Built and troubleshooting Analysis Authorizations using the transaction RSECADMIN.
• Assigned the Analysis Authorizations to the role using the object S RS AUTH.
• Creating a New Organizational Values to restricting users at different plant levels.
• Creating Parent roles and their Derived roles and maintaining Organizational values as per the business requirements.
• Providing the limited access to various Business Tables at S TABU DIS authorization object level by using authorization groups.
• Extensively working with CUA (Central User Administration) to process requests such as creation of new users, change of role assignments to existing users, deletion/lock of terminating user and several other day-to-day operations relevant to the user administration.
• Handling end user day to day BIW security support and Creating Reporting roles and Authorization roles in BIW systems and creating new BIW authorization objects based on the business requirements.
• Adding / deleting the reports and their technical names to / from Reporting roles at various authorization objects.
• Reviewed SAP Security and documented the recommendations and suggestions to implement best SAP Security solution such as table maintenance via SM30.
• Designed roles for new projects following proper naming conventions and robust security standards.
• Re-designed existing roles which were poorly designed.
• Tracing (ST01/SU53) users authorization errors.