We provide IT Staff Augmentation Services!

Sap Security Lead Consultant Resume

Carlsbad, CA

PROFESSIONAL SUMMARY:

  • Having around 10+ Years of Extensive Experience in “SAP Security and GRC Lead Analyst”.
  • Having around 3 years of onsite experience at Client Location in Stuttgart Germany and Travelled Multiple Countries Based on the Project Requirements.
  • Worked as a SAP Security architect for HR, NetWeaver Portal, PI, PO(7.5), ECC, BW/ BI, BOBJ, SCM, HANA and S/4 HANA in Confidential .
  • Worked as CI/PMO (Project Manager) for 3.1 IT Role Cleansing Project for Across BOSCH Worldwide SAP systems on Agile Methodology.
  • Having around 5 Plus years of experience in Project manager for SAP Security Projects.
  • Working as a Subject Matter expert in Confidential for FIORI, HANA, S/4 HANA, GRC AC 10.0, BI, BPC, BOBJ, ECC, PI/XI, PO and HR and Success factor.
  • Having expertise on SAP Testing like Access request management, GRC Components Testing.
  • Implemented full end to end green field implemented experience on ECC, BOBJ, SRM, CRM, IS U, HR (Success factor), EP, BI, PI,GRC 10.0, HANA, S/4 HANA, S/4 HANA Cloud.
  • Got STAR Performance more than 4 times in Confidential .
  • Extensive experience in Implementation, Rollouts and Support in R/3 security, SAP HCM (Success factor and Structural Authorization) Security, SAP SRM, BI, BW, BPC, EP, SAP HANA, SAP S/4 HANA 1610(On premise) with Fiori Launchpad and Mobility Solutions
  • Designed security for altogether modules and areas on SAP (ECC, BI, BW,PI,BOBJ, HCM, ENTERPRISE PORTAL (NetWeaver), GRC, SRM, IS U (Utilities) HANA, S/4 HANA and FIORI),
  • Extensive Experience on SAP Cyber security.
  • Designed UME Roles and Groups by Using NetWeaver in Java Stack for PI/XI Users.
  • Worked on Cloud Technologies, Cloud Operations, Operating Systems, Network Security.
  • Worked in all phases of full life cycle implementation using ASAP methodology including analysis, design development, blue print phase, configuration, Cut - over phase, Testing,, GO-Live and Post implementation support for Security Design for SAP Modules, HANA and S/4 HANA.
  • Customer engagement for the scope of role concepts of travel management and travel Planning
  • Actively involved in customer meetings and Change approval plan meetings
  • Configured Single Sign On (SSN).
  • Experience in discussion with process Owners, Managers to get the business requirement for Authorization concept development and Stake holder management and Communication.
  • Coach, mentor, and lead personnel within a technical team environment.
  • Execution of the Project in time, Budget, Schedule and Quality as per the PEP (Project management Process of BOSCH in line with PMI Guidelines Process.
  • Experience on People management and Completed end to end Project Handling.
  • Define and initiate projects and assign Project Managers to manage cost, schedule, and performance of component projects, while working to ensure the ultimate success and acceptance of the program.
  • Experienced on Preparation of Project Charter, Requirement Gathering, Co-ordinate with the teams, MSR (Monthly Status Reports) WSR (Weekly Status Reports)
  • Preparation of Status Meetings weekly with stake holders.
  • Present periodic Dashboard reports on the current program, future opportunities, and client issues.
  • Expert and Hands on Experience in G.R.C 5.3 and G.R.C 10.0, 10.1 Access Control Implementation.
  • Good knowledge & experience in IDM 7.1
  • Good knowledge & experience in BASIS Administration.
  • Expertise on Central User Administration Configuration (CUA)
  • SAP security Process Assessment and Advisory experience.
  • Expertise in SAP Security AUDIT and User access reviews.
  • Having good experience with end-users for handling and resolving the issues.
  • Expertise on Central Concepts and AIM Concepts of Confidential Group
  • Having excellent experience on Task and enabler role design implementation.
  • Having excellent problem-solving skills, with good Analytical, Decision-making and team building skills.
  • Installed Client s like X.509, Kerbos etc..
  • Having good experience and understanding the all functional (FI, MM (Material Management), SD(Sales Distribution), CO(Controlling), PP, INV (Inventory), Fixed Assets, SRM, Customer Relationship Management ) modules of SAP for Preparation of SOD and Handled SOD conflicts for SOX compliant at authorization object level and transaction code level using ARA.
  • Well-defined, designed and documented support policies, procedures and guidelines.
  • Assisted companies build support teams onsite and offshore to handle all security/basis related activities
  • Strong organizational and communicational skills combined with an attitude to work both as a team member as well as an individual with minimum supervision, good work ethics, quality service, and proven results
  • Adding user to SAP HANA System, Exporting/ Importing SAP HANA System. Managing SAP HANA License, Managing SAP HANA users and monitoring system.
  • Worked on debugging on some of the ABAP Programs
  • Role Administration (Roles, Groups) and User Administration (Dialog and Non- Dialog)
  • SOAP Administration
  • Understating the Requirement and Preparation of Role Matrix.
  • Solving the NetWeaver Authorization issues by Using the Portal Trace.
  • Having good Understanding about AEX, IE, UME, BOM, BPE, ES, ACL BASED Authorizations.
  • Configuration of SSO in Portal.
  • Involved in Collaborating with Client managers, DBA's, Reporting team, Business users and other Stake holders to understand SAP HANA, the existing landscape and identify key business use cases for the Poof of Concept POC
  • Having good experience with GTS Team for establish the connection of HANA and SAP Systems.
  • Designing, Configuring and Managing Servers and Service properties in SIA, CCM and CMS
  • Having good knowledge and experience on SQL Writing commands on HANA.
  • Experience in Backup and disaster recovery in Business Objects.
  • Adding SAP HANA System in SAP HANA Studio, Stopping, Starting and restarting SAP HANA
  • Adding user to SAP HANA System, Exporting/ Importing SAP HANA System.
  • Managing SAP HANA License, Managing SAP HANA users and monitoring system.
  • Worked on S/4 HANA Implementation and Visible the Apps as per the Business Users
  • Experience in installing Enhancement packages in various systems
  • Involved in SAP HANA Monitoring and Troubleshooting.
  • Implemented role-based privileges for functional users in BI reports restricting data access to DB users in SAP HANA.
  • Configured Single Sign on SSO to the SAP ECC and BW systems. Configured portal security using the logon tickets for SSO.
  • Creation and Maintained RFC destinations to integrate between SAP Systems.
  • Monitored ECC system with CCMS daily and Upgraded Support packs using transaction SPAM from SAP services.
  • Extended TMS support, authorization management, STMS transport rules for customizing and self-defined objects and troubleshooting

SKILL:

SAP R/3: ECC5.0, ECC6.0, ECC 7.0, 7.1 GRC 5.3, GRC 10.0/10.1, BW, BI, EP, HR, SCM, SRM, CRM, BOBJ, BO,PI/PO 7.4/7.5 HANA SPS 11, S/4 HANA (1511,1610,1702,1709) FIORI

Operating systems: Windows NT/ 95/98/2000/2003/2008/2012

Databases: ORACLE 10g/9i/8i, HANA 1.0, HANA 2.0

GUI Tools: SAPGUI 700/710

SAP Ticketing Tools: Remedy, HP Open View Service desk, Service center, Jeera

Domain Experience: SAP Security, GRC, BASIS, HANA and S/4 HANA

SAP PROJECT EXPERIENCE:

Confidential, Carlsbad, CA

Environment: SAP S/4 HANA, HANA DB 12.0 SP12, S/4 HANA (1610), 1709 Fiori, HR, PI, PO 7.5 and GRC 10.1 (SP21), BPC,

SAP Security Lead Consultant

Responsibilities:

  • Preparation of Role Matrix and develop the roles for HANA DB, S/4 HANA (OTC, P2P, Quality, Ware house management, Production, Planning, RTS, BW, ME/MII).
  • Design the Security Concept for Business Process like RTR, O2C, P2P, FTS, PRD) Creation of Business Catalog, Target Mappings assign them to groups then build the respective roles.
  • Configured Single Sing on (SSN)
  • Created Business CataLog, Target Mappings, Groups by Using FIORI Launch Pad Customization.
  • Designed UME Roles and Groups for PI, PO (Process Orchestration)Users by Using NetWeaver (JAVA Stack)
  • Resolving the Authorization Issues in Portal (Process Orchestration ) by using the trace in Portal.
  • Creation of Custom Catalog, Tiles by Using App Descriptor.
  • Creation of Roles and Groups in HANA Database (Maintain Restriction at Analytical, Object, Package, Application, System Privileges)
  • Resolve the HANA Database Authorization issues by Using HANA Trace in Console.
  • Implemented Decentralized Emergency Access management, Access Requests Management,
  • Implementation of business role concepts in more robust way in GRC System
  • Creation of Connectors, Connector Groups, Logical Systems then assignment to Scenarios.
  • Scheduling the GRC Background Jobs and Maintain the Parameter Setting for respective component (ARA, ARM, EAM, RAR).
  • Define the Role Attributes in Business Role Management then assign the respective Connector Groups.
  • Creation of End User Personalization forms for Access Request.
  • Worked on BRF+, then creation of Agent Rule, Initiator Rule Id’s then Maintain into MSMP.
  • Define the Role Methodologies for Business Roles, Composite Roles, And Derived Roles in GRC System and Uploading the Roles into GRC System by Using the Role Template.
  • Define the Access Request workflow (User Creation, Deletion, Password Self-service, Role Assignment and Removal from Users) in GRC System.
  • Creation of RISK ID’S, Functional Id’s, then Generate the Rules in Ruleset based on the business Requirement.
  • Resolving the S/4 HANA Authorization issues at Fiori and SAP level by Using Console, /IWFND* and Checking App level (Semantic, Alias) etc.
  • Designed the Roles for S/4 HANA Cloud Technology.
  • I coordinated with functional consultants and business-users for requirement gathering and preparing the security design for HANA and S/4 HANA and Prepared the documentations on security role design and given the required to the end users and functional consultants on role concepts.
  • Customer Acceptance Test, And Live Environment Simulation (Client Specific Test Cycles in Roll out Projects) using HP Quality Center.
  • Prepared the S/4 HANA and FIORI Authorization Concept and Management documentations.
  • SOD Matrix preparation based on the Project Requirement then define the workflows with help of MSMP.
  • Design the BW Developer, Admin Roles in S/4 System and designed the Apps for executing the Reports and restricted the authorizations at CDS Views.
  • Configurations of Connectors, Logical Connector Groups, and mapping the Business Process and Sub process to respective Connector Groups.
  • Creation of Business Roles and Technical Role Registration through Role design in GRC.
  • Setup of FFID, Controller, Monitor in EAM and Activation of respective Parameters.
  • Preparation of Status Meetings weekly with stake holders.
  • Build the FIORI Role Concept in front end systems and Customized LPD CUST as per the requirement.
  • Resolving HANA, S/4 HANA by using the console and checking the backend system error log report, GRC Authorization issues and Setup and Configure the SU24 Authorization objects to respective Services (TADIR)
  • Creation of End User Templates as per the requirement in GRC Access Request Management.
  • Configuration of LDAP Attributes to GRC Access Request forms.
  • Visible the Required Applications (Apps) as per the customer requirement in NetWeaver (S/4 HANA)
  • Customize the Tile Groups and Tiles as per the requirement then in corporate into the respective roles

Confidential

Environment: SAP R/3 ECC 6.0, 7.1 HANA DB 12.0 SP12,PI 7.4 S/4 HANA (1610), 1709 Fiori, HR and GRC 10.1

Lead Consultant

Responsibilities:

  • Experienced on Preparation of Project Charter, Requirement Gathering, Co-ordinate with the teams, MSR (Monthly Status Reports) WSR (Weekly Status Reports)
  • Preparation of Status Meetings weekly with stake holders
  • Customer engagement for the scope of role concepts of Security Role Matrix
  • Preparation of Status Meetings weekly with stake holders.
  • Implementation of ONAPSIS and Code Profiler for ABAP Code and Vulnerabilities checks
  • Create RFC users for integrating SAP Systems to ONAPSIS-OSP
  • Create/Update roles with required access for RFC users.
  • Created UME Roles and Groups then Assigned to PI/XI Users by Using Java Stack (NetWeaver)
  • Scan Systems using black box & White box approach from ONAPSIS-OSP.
  • Present periodic Dashboard reports on the current program, future opportunities, and client issues.
  • Identify the Risks and Mitigate risk as per the company policies.
  • Identify the Critical Security gaps then fix it on priority basis.
  • I ntegrate ONAPSIS-OSP to Ticketing tools for creating incidents for any breach Worked on SAP Cyber Security Activities like secure the RS ABAP SOURCE SCAN, Service Id’s, Functional Module (GET CLIENT REMOTE) and activating the change documents, download the trace files etc.…
  • Worked on S/4 HANA, GRC Access Control 10.0 and HR end to end Implementation.
  • Primary Focal Point for Security in Implementation of security implementation for Confidential Systems.
  • I coordinated with functional consultants and business-users for requirement gathering and preparing the security design for HANA and S/4 HANA and Prepared the documentations on security role design and given the required to the end users and functional consultants on role concepts.
  • Customer Acceptance Test, And Live Environment Simulation (Client Specific Test Cycles in Roll out Projects) using HP Quality Center.
  • Prepared the S/4 HANA (1610) Authorization Concept and Management documentations.
  • SOD Matrix preparation based on the Project Requirement then define the workflows with help of MSMP.
  • Creation of Mitigation controllers and Provide the mitigation controls at user level and role level based on the requirement.
  • Prepared the Role Matrix (Backend and Front (NW, FIORI)) for S/4 HANA and HANA Security based upon the customer requirement and take the from SAP FIORI APPS Library.
  • Created custom roles in HANA DB for Developers, Modelers, Data Base Administrators and Business End User Roles and Worked on System, Object, Analytic, Package and Application Privileges
  • Resolving HANA, S/4 HANA by using the console and checking the backend system error log report, GRC Authorization issues and Setup and Configure the SU24 Authorization objects to respective Services (TADIR)
  • Worked on end to end implementation on HANA and S/4 HANA Security (HANA Database and Analytics)
  • Created Customized roles based upon the project requirement and take the of Standard SAP HANA Roles like (Modeling, Monitoring, Public, Content Admin, IC Modeler, IC Public etc.)
  • Activation of OData Services, UI5 Components and webservers etc.
  • Build the FIORI Role Concept in front end systems and Customized LPD CUST as per the requirement.
  • Visible the Required Applications (Apps) as per the customer requirement in NetWeaver (S/4 HANA)
  • Customize the Tile Groups and Tiles as per the requirement then in corporate into the respective roles
  • Restricted & controlled the FIORI APPS through AUTH objects (S SERIVICE, S RFCACL, S PB CHIP, /UI2 CHIP)
  • Performed post installation steps for ARA, ARM, BRM and EAM in SPRO
  • Integration of HANA and SAP Systems with co-ordination of ESB and GTX Teams.
  • Role Administration and User Administration in HANA Console
  • Worked on both Catalog (Run Time) and Repository Roles (Design Time)
  • Worked on License Check Properties and Activating Audit Policy
  • Installation of HANA client and HANA studio and performing post installation steps
  • Monitoring SAP HANA system landscape and Starting and stopping of SAP HANA systems
  • Administered SAP security including project and module implementation, SOD detection and resolution, role creation and maintenance, and user ID creation and maintenance.
  • Position based access has been granted in SAP HCM by creating structural authorization (PD) profiles.
  • Risk ID creation and assignment to appropriate approvers & monitors for the risk. All the risk are later stored in the companies rule set.
  • Role based Simulation of SOD at Transaction Code Level, Authorization Object Level, and Critical Role Level & Mitigation Level.
  • Creation of a new Mitigation Control to reduce risk at User, Role and Profile levels. Mitigation is used only when we are not able to remediate or completely remove a risk.
  • Defining, Updating/Modifying the rule sets as per request. Each organization has its own rule set based on the business structure. Mostly rule set is also defined by modifying the default rule set given by SAP that is GLOBAL rule set and Reviewing the Functional specification and technical specification for customized T-codes.
  • Customization of roles and modification of existing roles. The profile generator is the tool used for this purpose.
  • Understanding the role design document and identifying the client requirements.
  • Role design in frontend and backend servers as per the requirement and Scheduling the BATCH Jobs for Synchronization.
  • Worked with clients during pre- and post implementation of SAP in identifying and designing control points and preparing working documents in readiness for external audit assessments.
  • Proficient in analyzing and translating business requirements to technical requirements in SAP.
  • Configured Fire Fighter to capture audit logs and trigger alert and Analyze the issues and fixing using the console.

Confidential

Project manager and Technical Lead

Environment: SAP R/3 ECC 6.0, HANA, S/4 HANA (1511, 1605) Fiori, BI, HR AND GRC 10.1,IS U, IDM, PI 7.3

Responsibilities:

  • As Technical Consultant and Handle the Offshore Team (5 Members) and Co-ordinate with Client.
  • Define and initiate projects and assign Project Managers to manage cost, schedule, and performance of component projects, while working to ensure the ultimate success and acceptance of the program.
  • IDM Integration to SAP Systems and Upload Roles to IDM,
  • Defining the workflows for Access Request (User Creation, Deletion, Updation), Password Self-service, Role Assignment.
  • Experienced on Preparation of Project Charter, Requirement Gathering, Co-ordinate with the teams, MSR (Monthly Status Reports) WSR (Weekly Status Reports)
  • Preparation of Status Meetings weekly with stake holders
  • Customer engagement for the scope of role concepts of Security Role Matrix
  • Preparation of Status Meetings weekly with stake holders.
  • Present periodic Dashboard reports on the current program, future opportunities, and client issues.
  • Creation of UME Roles and Groups for PI/XI Users in NetWeaver and Resolving the missing Authorization Issues of PI/XI Users by Using the Trace.
  • Designed the Security concept for Utilities (IS U) and Resolving the authorization issues.
  • Actively involved in customer meetings and Change approval plan meetings
  • Implemented S/4 HANA, BO, BI, IS U and GRC AC
  • Identified the migration approach to S/4 HANA through the complete analysis of the current SAP system. Road mapped the entire process and assigned tasks after mapping was complete.
  • Activation of OData Services, UI5 Components and webservers etc.
  • Created custom roles in HANA DB for Developers, Modelers, Data Base Administrators and Business End user Roles
  • Build the FIORI Role Concept in front end systems and Customized LPD CUST as per the requirement.
  • Built the R/3, HR, SRM, BI and BO Roles in Backend System and Implemented S/4 Hana roles on NetWeaver systems and Role Administration and User Administration in HANA Console
  • Administered SAP security including project and module implementation, SOD detection and resolution, role creation and maintenance, and user ID creation and maintenance.
  • Risk ID creation and assignment to appropriate approvers & monitors for the risk. All the risk is later stored in the companies rule set.
  • Identify authorization errors using SUIM, SU53 and ST01 to provide consultative support to business created Secant scripts for mass creation and deletion of users and roles during system clean ups, Mass role generation, user assignments and others as required for team
  • Reviewing the Functional specification and technical specification for customized T-codes.
  • Customization of roles and modification of existing roles. The profile generator is the tool used.
  • Visible the Required Applications as per the customer requirement
  • Customize the Tile Groups and Tiles as per the requirement then in corporate into the respective roles.
  • Activation of OData Services, UI5 Components and webservers etc.
  • Reviewed critical and sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices
  • Built the BI and BO Roles in SAP and Built the BI Roles in HANA Console.
  • Creation of analysis authorizations and resolving the BI Authorization Issues using the RSECADMIN and Trace.
  • Implementation of Access request management, Access Risk Analysis, Business Rome Methodology
  • Creation of Connectors, Connector groups and Settings of Scenarios
  • Proficient in analyzing and translating business requirements to technical requirements in SAP.
  • Reviewed critical and sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.
  • Configured Fire Fighter to capture audit logs and trigger alert
  • Prepared the S/4 HANA Authorization Concept and Management documentations.

Confidential

Project Manager

Environment: SAP R/3 ECC 6.0, SRM, Apollo (G.R.C 10.0), RB-AIS 4.3, HR, BI, BO, EP

Responsibilities:

  • Technical Lead Consultant and Handle the Offshore Team (5 Members) and Co-ordinate with Client.
  • Define and initiate projects and assign Project Managers to manage cost, schedule, and performance of component projects, while working to ensure the ultimate success and acceptance of the program.
  • Experienced on Preparation of Project Charter, Requirement Gathering, Co-ordinate with the teams, MSR (Monthly Status Reports) WSR (Weekly Status Reports)
  • Preparation of Status Meetings weekly with stake holders
  • Customer engagement for the scope of role concepts of Security Role Matrix
  • Preparation of Status Meetings weekly with stake holders.
  • Present periodic Dashboard reports on the current program, future opportunities, and client issues.
  • Involved in Implementation role matrix and requirement gathering for HR, BI and GRC
  • Created Web Dynpro Roles and FIORI Roles.
  • Built the single roles as well as composite roles based on Role Matrix.
  • Develop, maintain and enforce security policies and procedures
  • To identify the risks involved in the user’s access with the help of ARA (Access risk analysis) and then minimizing those risks with the help of mitigation control document.
  • Participate in performing security updates specific to SAP support/enhancement packs and upgrades
  • Day to day update for problems ticketed by users, follow up with other teams, effective communication and adhering to service level agreement (SLA) is must for performance in this project.
  • Creation of Travel Plaining and Travel Accounting Roles.
  • Trouble shooting authorization issues in ECC, HR, BI, BO, EP, SRM and BW systems
  • Assisted in setting-up, and knowledge of the Transport Management System (TMS) enabling changes throughout our environment and Worked on Client Administration and CCMS.
  • Installing the OSS, Plug-in’s Implementations and Configuration of SOA Manager.
  • Provided daily and on-call support that included data backups, transports, printer administration, database administration, SAP/Oracle parameter changes and SAP batch job coordination.
  • Worked on Role Generation Program for Cost Center Roles for Travel Planning and Accounting.
  • Mapping the Roles to Users via Position based.
  • Integration of Apollo Tool and Build the Risk-Free Roles as per the Custom Rule Set (RB-AIS 4.3)

Confidential

Security Lead Consultant (SME) and Project Manager

Environment: SAP R/3 ECC 6.0, SRM, Apollo (G.R.C 10.0), RB-AIS 4.3, IDM7.0

Responsibilities:

  • Technical Lead Consultant and Handle the Offshore Team (6 Members) and Co-ordinate with Client.
  • Implemented SAP SRM Role Administration.
  • Created Web Dynpro Roles and Built the single roles as well as composite roles based on Role Matrix.
  • Resolving the SRM Authorization Issues.
  • Integration of Apollo Tool and Build the Risk-Free Roles as per the Custom Rule Set (RB-AIS 4.3)
  • Built the Roles via BRM Tool
  • Integration of IDM to SAP System and visible the roles into the IDM and Maintain the day to day support activates (for update the roles, workflow, risk level of role, Master of role information in IDM)
  • Creation and Maintained the RFC Connections
  • Extended TMS support, authorization management, STMS transport rules for customizing and self-defined objects and troubleshooting
  • Manually pushed IDOC's between production servers

Confidential

Technical lead and Project Manager

Environment: SAP R/3 ECC 6.0, H.R, G,.R.C 10.0

Responsibilities:

  • Technical Lead Consultant and Handle the Offshore Team (6 Members) and Co-ordinate with Client.
  • Preparation of Project Documents and upload into the central folders
  • Co-ordinate with offshore team and worked as SPOC for Client location.
  • SAP Security redesign to meet SOD policies and as per SAP best practices
  • Involved in H.R Authorizations Implementation.
  • Created Custom Info types based on the Business Requirement and Maintained Info types in Authorization Objects and Creation of Structural Security Concept and Based on roles Developed.
  • Creation of Time management, Payroll, Fiori Roles and Created SAP HR Connector, HR Triggers, Field Mapping
  • Creation of Persona Data Profiles as per the position for Structural Authorizations.
  • Scheduled some back-ground jobs after assigning the PD Profiles.
  • Worked on ESS/MSS and Maintained Authorization Objects P ORIGIN, P PERNR, P ORIGINCON, P SIGN, P PCLX and Resolving HR Authorization issues.
  • Integration of Apollo Tool and Build the Risk-Free Roles as per the Custom Rule Set (RB-AIS 4.3)
  • Built the Roles via BRM Tool and Integration of IDM to SAP System and visible the roles into the IDM.

Hire Now