PROFESSIONAL SUMMARY:

• Over 8 years of professional experience in working on Implementation, Go - Live, Post Go-Live, Production Support, Security Re-design, and segregation of duties (SOD) remediation projects in R3, EP, HR, BW/BI, BOBJ, BPC, SM, CRM, SEM etc.
• Sound experience in SAP ERP ECC, GRC, Security (R3/BI/BW), CUA, Profile Generation, User Maintenance, Authorization, SRM, CRM, Role Creation, Role Maintenance.
• Experience in design, testing, auditing, security roles and profiles, user account management, troubleshooting.
• Expertise in designing Security roles and evaluating Security profile parameters.
• Extensively performed and monitored transaction codes SU01, SU10, SU24, SU21, PFUD, SUPC SUIM, SU53, SU56, ST01, SE54, STMS, SCC1, SE09/SE10, RZ10, SM18, SM19, SM20, SE16 and SM30, RSECADMIN in SAP Security. Used CATT and VB Scripts for creating mass users/roles.
• Analyzing user activities reports, T-codes and role usage report and detail role analysis to decide the role set for every user under the Job Title.
• Extensive experience with Automatic Profile Generator (PFCG), User Administration, Central User Administration (CUA), Authorization object maintenance, Problem analysis and troubleshooting, transporting roles, HR Security, Auditing, and Segregation of Duties (SOD).
• Extensive experience in all aspects of SAP Security Administration - Including upgradation and various SAP R/3 versions 6.0/5.0, R/3 … BW 3.5, BI 7.0.
• Sound experience in GRC concepts and Architecture.
• Insightful, result-oriented GRC professional with exceptional leadership, project management and team management skill offering vast experience of consulting which ranges from end to end SAP GRC Access Control, Process Control and Risk Management / Security Implementation, SAP Security Audits/ Risk Assessments, Risk & Advisory services around SAP GRC platforms, Enterprise Risk management, ERP Implementation & Post implementation Reviews, Business Process Re-Engineering, Internal / Business Controls assessments, Risk Assessments which includes Creating/Analyzing/ on Internal Audits and Compliance Management.
• End to End implementation of SAP GRC Risk management 10.0 which includes complete automation of Risk Identification, Analysis, Reporting, established KRI Automation and Integration with Legacy Risk tools for exposure calculation.
• Implementation and maintenance of Role Based Access Controls for various modules in SAP.
• Hands- on experience in GRC - Access Control module- Emergency Access Management, Access Risk Analysis, and Access request Management, Business role management.
• Hands on experience in Support and Maintenance activities of SAP IDM Integrated with GRC and SUIM tool in one project.
• Good analytical and problem solving skills for resolving Security issues.
• Excellent communication, interpersonal, leadership, Documentation, troubleshooting skills and flexible and ability to work in a team environment.
• Proficient in using Microsoft Office tools - Word, Excel, PowerPoint, Visio for preparing documents and presentations.
• Provided 24/7 On-call Support.
• Excellent Interpersonal skills to interact with customers, team members and the other higher personnel.

TECHNICAL SKILLS:

Operating Systems: Windows OS X, MAC, LINUX

ERP: SAP ECC 6.0/5.0, SAP R/3 4.7E/4.7, GRC AC 5.3 & 10.X, Net weaver 7.0, Enterprise Portal 7.0/6.4/6.0, BI 7.0.

Database: MySQL, MS SQL,SQL Developer

Specialization: GRC 10.X, Security (R3/Bi/Bw), CUA, Profile Generation, Role Generation, Role Maintenance

Programming Languages: C, C++, Java, HTML

Office Tools: MS Office, Acrobat reader

Software tools: Light House Gateway, Footprints

PROFESSIONAL EXPERIENCE:

Confidential, HOUSTON, TX

SAP Security/GRC Consultant

Responsibilities:

• Principal Analyst for Upgrade, Migration, Integration, Configuration and implementation of Access Request Management (ARM) tool, Access Risk Analysis (ARA) tool and Emergency Access Management (EAM) tool of SAP GRC AC 10.1 from older version SAP GRC AC 5.3.
• Designed Roles & Responsibilities matrix for restricting NWBC Work centers of GRC 10.1 front end.
• Security liaison for Business stakeholders, Subject Matter Experts (SME’s), Business Analysts and SAP Implementation teams including Functional, Technical and Infrastructure teams to build security solution as per business requirements.
• Security team member for full cycle implementation of SAP ECC 6.0, CRM 7.0, SAP GTS that includes business requirements gathering from security standpoint and realization of requirements, User administration & Roles Design, Testing & Transport of roles and troubleshoot all security and authorization errors.
• Migrated GRC 5.3 configuration data, master data and transactional data of into GRC 10.1.
• Configured all post-installation technical settings for ARM, ARA and EAM components of GRC 10.1.
• BC (Business Configuration) sets activation applicable to GRC 10.1 components.
• Configured LDAP connectors, User data source and End User Authentication for accessing GRC 10.1.
• Configured Password Self Service (PSS) and End user logon feature in GRC 10.1.
• Validated Access Control Owners migration from GRC 5.3 to GRC 10.1 including Role owners, Risk Owners, Mitigation Control Owners and Monitors.
• Automated user provisioning and role maintenance approval process through ARM tool of GRC 10.1.
• Access Risk Analysis (ARA) tool: Administered Global Ruleset and Custom Ruleset in GRC 10.1.
• Migrated GRC 5.3 SOD rules, Business units, Mitigation controls into GRC 10.1.
• Scheduled authorization sync jobs & repository sync jobs to sync target plug-in systems into GRC 10.1.
• Scheduled batch risk analysis to perform risk analysis across all systems.
• Analyzed existing security roles for SOX / SOD issues utilizing ARA tool & lead remediation effort and role redesign exercises by conducting workshops.
• Built new Mitigation controls in GRC 10.1 as per Audit team requirements.
• Worked closely with Internal and External audit teams on Segregation of Duties (SOD) conflicts to maintain systems SOX compliant.
• Emergency Access Management (EAM) tool: Configured centralized Firefighting & validated migrated GRC AC 5.3 Firefighter IDs, firefighter owners and controllers and reason codes in GRC 10.1.
• Scheduled EAM master data sync jobs to sync plug-in systems & GRC 10.1.
• Configured Firefighter logs & email notifications to owners & controllers.
• Resolved complex EAM related issues by analyzing and checking all the backend configurations.
• Administered/Designed security roles based on business requirements for all SAP ERP products within landscape.
• SAP Role administration of single, master/derived, composite roles based on business requirements via PFCG transaction using SAP Best Practices.
• Secured critical tables and programs by implementing security restrictions on critical authorization objects.
• Monitored occurrence of security incidents and responded as per SLA.
• Daily SAP R/3, CRM, APO, BW, BCP, SCM, EBP and HR security production support such as ID requests, access requirements and troubleshooting problems. Defined and maintained authorizations and roles.

Environment: SAP ECC 6.0, CRM 7.0, SAP GRC AC 5.3, SAP GRC AC 10.1, SAP GTS.

Confidential, FAIRFAX, VA

Sr. SAP Security Consultant

Responsibilities:

• Continuously reviewed current state of SAP security.
• Worked with the technical team and Client security resources to install and perform initial configuration of the GRC Access Controls Components.
• Worked with the technical team and Client security resources, configure the GRC Access.
• Configured SAP GRC components, such as RAR, CUP and SPM.
• Generated rule sets in RAR and design new rule sets according to company Compliance policy.
• Created custom Functions in RAR, assign custom functions to custom Risks.
• Created AC 5.3 technical design document, define complete RAR,SPM configuration.
• Created AC 5.3 functional design document, define all custom function risks, defining remediation and Mitigation control process.
• Controlled components to integrate with the Client Identity Management solution.
• Separated the conflicting TCODEs into new Tech Roles (TR) by using the "Query" spreadsheet and identifying the next series of TRoles.
• Mapped technical roles to the current process roles and updated client's official documentation on SharePoint.
• Worked with the Business Process Control leads and configured their requirements for GRC Access Controls.
• Worked with the Client security team to move the GRC Access Controls components and configuration into QA and Production.
• Provided knowledge transfer to the Client security team on sustaining the SAP GRC Access Controls components and processes.
• Implemented CUA-DEV Environment and trained Client's security team to Troubleshoot and Transfer IDOC from Child System using T-code BD87.
• Conducted a team work session walkthrough on CUA setup and created a detailed CUA configuration document for the Client's team to debug CUA issues in my absence.

Environment: ECC 6.0, BI 7.0, CRM 6.0, Net Weaver 7.0, GRC AC 5.3.

Confidential, WALTHAM, MA

SAP Security Consultant

Responsibilities:

• Extensively worked with Profile Generator Tool (PFCG) to design the roles.
• Performed User Administration using Central user administration (CUA) to create and maintain all user master data across the multiple systems landscape.
• Designed custom roles for end users, process and technical teams in the sandbox, development, quality, and production environments for all SAP modules.
• Responsible for day to day technical support and resolution of security issues, troubleshooting R/3security problems.
• Extensively worked with the SUIM tool every day in the process of monitoring the system.
• Extensively worked with the ST01 tracing and analyzing the trace records for the user in the process of trouble shooting.
• Did the system cleanup process by generating reports based on queries and identified the users who are withdrawn from the company and who are scattered in different organization structures.
• Extensively involved in Unit testing and Integration testing and coordinated all the testers in all the testing life cycles.
• Implemented InfoObject Security (field-level security) for Reporting Users and also created analysis authorizations.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles.
• Worked on Risk analysis and Remediation and Compliant User Provisioning in GRC 5.3.
• Used RAR and RE (Role Expert) to do the role analysis to find out the Conflicts in the roles.

Environment: ECC 6.0, BW 3.5, BI 7.0 GRC 5.3.

Confidential, Bridge Water, NJ

SAP Security Consultant

Responsibilities:

• Performed application security assessments of web and mobile applications utilizing a variety of static and dynamic methods, processes, and tools.
• Recommended and implemented changes to enhance systems security and prevent unauthorized access.
• Proactively worked with team members to address security and compliance issues in a timely manner.
• Performed SAP Security Administration.
• Evaluated the design and effectiveness of SAP controls.
• Completed Control Self-Assessment audits of SAP environment.
• Reviewed SAP business process controls.
• Documented the procedures, run books and configurations.
• Performed analysis on GRC segregation of duties (SOD).
• Participated in SAP audit discussions, questions and help resolve the SOD/SOX issues.
• Worked with internal/ external audit, segregation of duties analysis and SOX compliance.
• Customized the SOD ruleset for custom transactions, application and consulting business units in reducing the SOD violations.
• Managed and administered SAP access request workflows.
• Administered SAP Emergency access management.
• Collected monthly security metrics and report and other duties assigned by the manager.

Environment: SAP ECC 6.0, GRC 5.2, BI 7.0

Confidential, NEWARK, DE

SAP Security Consultant

Responsibilities:

• Security resource for Full cycle implementation of SAP ECC 6.0 and SAP GRC AC 5.3 application.
• Facilitated security design workshops with Business community and SAP functional teams.
• Reviewed end-to-end Business Process Design for mapped transactions and required security restrictions.
• Coordinated security design with controls team to minimize SOD conflicts into Production role design.
• User Provisioning and Role maintenance requirements gathering from SAP GRC CUP tool perspective.
• Involved in SAP Risk management activities including Risk Identification and Analysis, Rule building and validation, Risk remediation using Mitigation controls with respect to SAP GRC RAR tool.
• Maintained functions, risk definitions, Mitigation Controls, business process and sub-process and defined risk owners, Mitigation control Monitors and Approvers within RAR tool.
• Created and Deployed CUP workflows for various request types like new, change, delete, lock, unlock, password reset, Super User access request etc.
• Extensively worked on PFCG to create Menu-based roles and maintained single, derived and composite roles.
• Coordinated with business and testing team to facilitate Unit and Integration testing of security roles.
• Secured critical tables and Programs by defining authorization groups and ownerships.
• Maintained authorizations centrally at SU24 level.
• User Administration (SU01) - Creation/Maintenance/Deletion/Termination as per the business requirements.
• Analyzed critical security authorization errors and troubleshooting using tcodes ST01, SU53 and SUIM.
• Mass user changes using SECATT and ECATT scripts to reduce administration activities.
• Emergency Access Provisioning Implementation and Administration via SPM tool of GRC.
• Helped the team to build the process documents for security/SOX.
• Provided knowledge transfer to Compliance and Business Leads on how to interpret RAR SOD reports and work with Security team to resolve SOD conflicts.
• Developed new processes and procedures within security, redefined roles and did knowledge transfer.
• Created materials and trained business team and support teams involved.
• Communicated with Business Process owners (BPO’s) to obtain approvals for Security changes.
• Presentation of security solutions to business stakeholders, development and QA team for acceptance and sign off.

Environment: SAP ECC 6.0, SAP GRC AC 5.3

Confidential

SAP Security Consultant

Responsibilities:

• Installed the Central User Administration system to have a single point control over the client systems (SCUA).
• Worked on creating and updating Roles as per the Basis team requirements and authority (FI, MM, PP and SD).
• Setup Profile Generator to create authorization profiles (PFCG).
• Created roles by using Profile Generator and assigned them to users and organizational units (PFCG).
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Mass transported roles from Development to Production System (PFCG).
• Analyzed user’s outputs and corrected security deficiencies (SU53 & SU56).
• Locked all the critical transactions (SM01).
• Unlock users and reset passwords for the data team members.
• Coordinated in completing the SAP security audit requirements checklist.
• Provided and assistance to Information System personnel and end users on efficient use of the SAP system and system resources.
• Worked on documenting roles in roles database and update database history of roles.

Environment: R/3 4.6C, BW3.5.