We provide IT Staff Augmentation Services!

Sap Security /grc Consultant Resume

Branchburg, NJ


  • Having 8 years of experience in SAP security for various environments like ECC (SD/MM/FI/PP/PM), BW/ BI, BOBJ, HR, HANA, Portal, GRC 10.1 tools (ARA, EAM & ARM).
  • Involved in 3 full life cycle implementation, interacting with business to gather requirements, configuration and building the new security, managing the transports by following SDLC & managing all the required documentation for project life cycle, coordinating the unit testing, deployment and hyper care support.
  • Maintained and configured Central User Administration (CUA
  • Experienced working on various projects involving SAP Security and GRC Implementations, Upgrades, Security Redesign/Remediation and Support projects
  • Executed the SAP upgrade and rollout projects & hands - on experience.
  • Have worked for top Fortune 500 client company globally, which has provided me an opportunity to learn and perform with the high level of professionalism and work ethics.
  • Experience in establishing mitigation controls, SOD Analysis, Management reports, internal audits and compliance audits.
  • Establishing and maintaining SOD and Critical Access rules and risk rankings within SAP GRC and maintaining rule set in GRC system and relating it to business controls.
  • Designing SOD/SA controls as per the organization control framework/SOX and execute.
  • Conduct workshops to business functions to identify the risk and make changes in rulesets.
  • Experience in Design, develop and implement security matrix, roles & Authorization.
  • Experience in Creation of Master role, Composite roles, and derived roles for various modules.
  • Designed Analysis Authorizations using RSECADMIN in BI, based on securing queries down to Info Object level in BI/BW based on Organization structure.
  • Build role on SAP BI/BW at Info Cube /Info Providers (Cubes, DSO, Infoset, and MultiProvider), Info Area, and Info Object level.
  • Experience in Troubleshoot authorizations related problems using RSECADMIN and ST01.
  • Experience in BOBJ users access setup and migration of private profiles. (Importing roles, assigning the roles to the user group and SSO).
  • Experience in restricting access on BOBJ folder based on user, and user group created.
  • Good experience in ECC Security Activities like User Administration (creating, changing, maintaining user accounts and assigning roles) and Role Administration (Created and modified Single roles, Composite roles and Derived roles using automatic profile generator).
  • Strong in SAP application Security development by taking business requirements and building Security using the SAP Authorization Concept using Profile Generator tool (PFCG).
  • SOX Controls:
  • Review of User Access Rights-Applications
  • Audit log review
  • Critical/High Sensitive Access Review
  • Restricted Company data review
  • Users with Assigned Mitigation Controls - SOD
  • Medium Sensitive Access risk review
  • Mitigating Master control data
  • Unmitigated SOD review
  • Custom T-code review
  • Sod Matrix review


Confidential, Branchburg, NJ

SAP Security /GRC Consultant


  • Prepared the role matrix based on the requirement created the Position and Derived and single roles.
  • Created over 2000 single/derived roles for Global Role outs implementation.
  • Maintaining user master records though Central User Administration (CUA).
  • User Administration and Role Administration (ECC, BI, SCM, GTS, and PO).
  • Creation/Maintenance of Task Profile & Member Access / Teams in BPC.
  • Implemented user security for various modules/systems SAP ECC, GRC, BW/BI, BOBJ, MM (PTP), PP, OTC (SD), GTS, SCM, BPC, PI/PO, FIORI.
  • Implementation of SAP GRC (ARA, EAM, ARM)
  • ARA: Establishing the SOD risks for CertainTeed Corporation by discussing with Business Controllers and Customized the GRC Ruleset Accordingly.
  • Establishing the risk remediation/mitigation plan and discuss with business to remediate or mitigate and make necessary changes to SAP roles.
  • EAM: Configured EAM components and establishing FFID Owners and FF controllers, Customized MSMP Workflow for both approval process and log review process for EAM.
  • ARM: Customized the Workflow and BRFPLUS as per business requirement for User Access Management.
  • Establishing various reports in GRC which are required for internal and external Audit.
  • Working on external audit finding and establish relevant controls to address the audit findings.
  • User administration, Role administration, troubleshooting authorization issues.
  • Tracking user’s day to day issues using ticketing tool.
  • Addition, Removal of Transaction Codes, authorizations, authorization objects by modifying existing roles based upon change request.
  • Performed Transportation of newly created roles/ modified roles.
  • Performed User comparison in PFCG.
  • Critical authorization objects such as S TABU DIS, S PROGRAM, S DEVELOP were restricted and monitored.
  • Analyzing authorization checks & troubleshooting Security problems using ST01 and SU53

Confidential, Atlanta, Georgia.

SAP Security/ GRC Consultant.


  • Re-designed all SAP roles and implemented a common security policy for all SAP landscapes
  • Re-designed table security, program security & custom T-codes security.
  • Prepared a clean-up plan and strategy including UAT, change communication & training.
  • Configured & trained Firefighter usage to the SOD clean-up impacted users.
  • Developed Security SOP & Guidelines document to act as a single source & point of information for SAP Security SLAs, escalation procedures, DR etc.
  • Support in Implementation, Performance, Integration Testing, Load Testing & End User Training.
  • Configuration, integration & support of all control panel Components: Risk analyses, Usage Analyses, Transport Manager, Role Manager, User Manager, Fire Call (EA), and Auto Auditor.
  • Designed Security architecture for various teams including FI, CO, SD, HR, BI, & BPC.
  • Implementing GRC Access Control components with ARA, EAM, ARM & BRM and rollout.
  • Performed post installation steps, connector specific settings & configuring ARA, EAM, ARM.
  • Discussions with Business in terms of risks to customize ruleset.
  • Create blueprint as flow charts as per the business requirement for configuring ARM.
  • Customizing of ruleset and uploading, creating mitigation controls.
  • Implementing centralized firefighting and establishing and FFID Owners and FF controllers, Configuring FF logs review workflows.
  • Created MSMP workflow for ARM according to business required and created customized BRFplus rules as per business requirement.
  • Customization of notification templates & nwbc contents as business requirements.
  • Implemented Business role concept as the established job functions.
  • Established reviews SOD & SA reviews as per required frequency.
  • Established mitigation ID reviews & Established Mitigation to business control sheet.
  • Conducting workshops with different units to understand various risks.
  • Working on audit finding to remediate risks.
  • Working on role redesigning project for ECC system by discussing with FI & SD teams.
  • Creation of new single role, derived role, composite roles and assign to business users.
  • Troubleshoot authorization issues & user access related issues.

Confidential, Wilmington, DE

SAP Security/ GRC Consultant.


  • Handling KT Sessions and client/Business calls
  • End-to-End Role Administration - Includes Creating Roles in PFCG, generating profiles, SU24 changes to Authorizations Objects, Analyzing Missing Authorizations and security support during Go-Live activities, Adding Authorization Objects Manually, User Master Reconciliation, Transporting Authorization Objects etc.
  • Requirement gathering from Customer, Business and various teams involved in project.
  • Complete user administration that includes Administering Authorized Users (add/delete/lock/modify), Security Validations for New Releases, assigning User Groups, Performing User Export/Import, modifying user data (basic user data, user default, active and expiration dates), Modifying user authorization access.
  • TMS and transporting roles between R/3 Clients and Systems.
  • Worked on Master - Child Derive role, Enabler Roles, Business Roles & CUA child system setup
  • Analyzing SAP BI platform and creating BI Analysis authorizations.
  • Reviewing ALM Tickets, gather change requests information, maintain the status in ALM, Creating ALM plan, Transport in ALM and perform testing.
  • Addition, Removal of Transaction Codes, authorizations, authorization objects by modifying existing roles based upon change request.
  • Performed Transportation of newly created roles/ modified roles.
  • Performed User comparison in PFCG.
  • Extensively worked on trouble shooting the user authorization issues, using report (SU53) and system tracing using ST01, STAUTHTRACE.
  • Created Master, Derived Roles and Composite roles
  • Performed profile setup, Team setup, User setup in BPC
  • Implementing GRC ARM process for user access provisioning for Production environment.
  • Creating blue print and requirement gathering for automation of user access provisioning process.
  • Plan” Service now” integration with SAP GRC for user access provisioning process.
  • Create product specifications to Service now and PI teams.
  • Creating MSMP workflows and BRFPlus rules for in GRC for user access provisioning process.
  • Regular follow-up with Service now and PI teams for integration.
  • Creating project documents, Work instructions, Flowcharts.
  • Working on UAT, creating test scripts.

Hire Now