SUMMARY:

• Sap GRC Certified consultant with 12.5+ years’ experience in SAP GRC and Security - implementation, upgrade, migration, roll-out and support projects.
• Involved in complete project lifecycle from the design phase to post-implementation phase with regards to security and redesigned security matrix whenever it is needed.
• Worked closely with Functional team and Business Process Owners in evaluating the requirements for the definition of SOD rules.
• Extensive project experience as a SME/Project lead Capacity.
• Migrated GRC 5.3 to 10.0
• GRC customization and decentralization
• Supported UAT, Go live and after go live support as a lead capacity.
• Business workshops and analysing any gaps for security build.
• Review& Creating GRC Ruleset
• Provide the guidance and enforce the SAP Security rules and instruction across various different teams and deployments.
• Work and review of Role Strategy design for end users, IT users and fire fighter roles design.
• Work on Security Configuration across different SAP systems and deployments.
• Review and approve Change orders in CAB and security changes for production supports and new deployments.
• Experienced in SAP Governance Risk &
• Compliance (GRC/VIRSA) products: Risk Analysis & Remediation (RAR) (Compliance Calibrator), Super User Privilege Management (SPM) (Fire Fighter),
• Experience in configuration in GRC 5.3, 10.0 and GRC 10.1 modules ARA and EAM
• Secured BW/BI Reports to the infocubes, hierarchies using tcodes RSSM and RSECADMIN.
• Worked in HR Security with the structural authorizations and position-based security.
• Experienced in Internal Controls, Procedures and Standard Operating Procedures (SOPs) and Work Instructions (WIs) related to Security Administration.
• Searching SAP Marketplace for SAP notes in order to troubleshoot the problems arising out of daily system administration activities.
• Excellent problem-solving skills, team player with good communication skills.
• Knowledge and worked on Hana Security.

TECHNICAL SKILLS:

ERP: SAP R/3 4.6B, 4.6C, 4.7, ECC 6.0,EHP7, BW 3.5, BI 7.0, EP 6.0, HCM(HR) GRC 5.3, GRC 10.0, 10.1, Fiori, S4Hana, S4BI

Tools: Remedy, Edesk, Service now, Revtrac,HP, ALM & Quality Control

PROFESSIONAL EXPERIENCE:

Confidential, Melbourne

SAP Security and GRC Quality Consultant, Quality and Transition Lead

Responsibilities:

• Worked on internal S4Hana and S4BI security as POC for future projects.
• User administration for internal Fujitsu SAP ECC
• Helping Biding team with the technical security architecture for any biding.
• Conducting interview for any SAP Security/GRC resources to fill project requirements.

Confidential

Responsibilities:

• Lead all cutover activities through Quality Assurance and Production environments using highly detailed and closely coordinated cutover execution methodologies including confirmation of validations as required for audit purposes.
• Establish and socialize Mid-level Release Timeline to provide visibility, focus and awareness to key Release activities including review across the landscapes, Test Cycles, Cutover rehearsals, Production Cutover/Go Live, and critical technical dates.
• Provide the guidance and enforce the SAP Security rules and instruction across various teams and deployments.
• Work and review of Role Strategy design for end users, IT users and fire fighter roles design.
• Work on Security Configuration across different SAP systems and deployments.
• Review and approve Change orders in CAB and security changes for production supports and new deployments.
• Completed Knowledge transition from GCCC to Fujitsu Australia for Security, GRC and IDM
• Stabilized security after transition and supporting independently
• Action all security related enhancements
• Migration GRC 5.3 to 10.1
• Created new GRC rulesets with business
• Performing day-to-day BAU activities as a single point of contact
• Support to off-shore team for any onsite related activities
• Troubleshooting FIORI issues

Confidential, Melbourne

Senior SAP Security and GRC Consultant

Responsibilities:

• Involved in SAP production Support, Rollouts and Hypercare support.
• Created single/derived and composite roles as per the requirements.
• Trouble shooting of the authorization errors by trace and provided the solution.
• Worked with Business Process Owners and Functional IT teams to resolve the authorizations issues
• Prepared the Security CR metrics for Change Control Board meeting and provided to the management.
• Upgrades & Maintenance of the GRC Systems.
• Preparing the systems for go-live, configuring and checking early watch reports.
• Defining security policies & procedures.
• Worked with BI/BW analysis Authorizations.
• Management of Analysis Authorizations using RSECADMIN.
• Business workshops to gather security requirements and gap analysis
• Attending team scrums to capture process change impacting security
• Maintaining issue register for presentation to management to assist in improvement to existing model
• Connected GRC to environments for SOD analysis to newly created roles
• Liaising with Business to create action plans for mitigation or remediation of new SODs
• Liaising with Developers, Business and Managers to finalise security build
• Weekly status meeting with managers to update on issues
• Single point of contact with external auditors to provide information
• Building security roles and maintaining custom authorizations for Phase 2
• Implemented BO security model to authenticate user from BW
• Setup BO security environment and provided KT to BAU team
• Building new BW roles for reporting
• Supporting project users and Running Escatt scripts to for UAT, CVT & PVT
• Single point of contact for project for Confidential IT related processes
• Involved in SOX testing and Audit with the compliance team and provided the required reports from SAP. Also, provided the evidence for the requested changes.
• Extensive knowledge in creating, maintaining roles, transporting roles, security upgrades (SU25), Authorization Objects and Authorization Groups
• Experienced in eCATT scripts and LSMW for mass changes in security.
• Developed Analysis Authorizations using RSECADMIN and added them in roles
• Role building, Unit, Integration & User Acceptance testing, Production Support and developed, resolving the defects.
• Provided and maintained the passwords of the ids like DDIC,SAP* for Basis
• Created the OSS ids to log into the SAP market place and provided developer keys

Confidential

Senior SAP Security and GRC Consultant

Responsibilities:

• Worked independently with the Business & technical teams to design program and interface security for implementing QPM
• Worked on assigning access to project team to S4Hana and Hana BI.
• Created roles using S4Hana Database.
• Liaise with Test manger, Security manager and Development team to design and build appropriate security role and as per Confidential ’s standard
• Requirements gathering, assessment, design, and configuration and testing activities
• Translate concepts and/or requirements into actionable activities or items as per Confidential standard
• Worked with the testing/ process teams to test and refine security
• Coordinating with functional consultant to build authorization around roles and modifying them as per the requirement
• Assemble the appropriate processes, components, and capabilities to address Enterprise Security requirements for SAP security and audit compliance
• Liaise with vendor to discuss security roles and design
• Research new solutions to meet current and future security requirements
• Working with the process, training, and quality leadership teams to design appropriate role based security for the production environment including role definition and job position mapping
• Designing administration policies and procedures for the production environment as per Confidential standard.
• Engaging with BAU team to implement changes into production
• Designing Cutover and ELS support roles for functional consultant
• Designing business, fire-fighter and IS support roles for BAU and support team
• Opening OSS message to SAP to get critical issue resolved for role build
• Participate in cut over and goes live activity including fixing defects, providing emergency access via SPM, fixing emergency roles and modifying authorization as per business needs.
• Determining SOD as per the business requirement
• Providing KT sessions to BAU team for supporting business after ELS
• Experienced with troubleshooting the authorization problems using ST01 and SU53.
• Maintained authority checks for customized tcodes in SU24.
• Remove excess critical access from the Users.
• Streamlining the User Provisioning and De-Provisioning.
• Remove Duplicate IDs in the system.
• Keeping procedures in place for SAP security related changes.
• Other Recommendations to make the system more secure and traceable.

Confidential, Melbourne

SAP Security Consultant

Responsibilities:

• Providing day to day technical support and resolution of SAP Security issues.
• Security specialist performing a security review of ECC, HR and BW systems including a GRC review and subsequent recommendations
• BW security implementation at a query level, BW authorization and role design and subsequent creation of authorizations and roles
• Engagement on minor projects, RFC and enhancements across all functional areas
• Design Development, Implementation and Support of SAP Security in ECC, BI, HR & Portal
• SAP user & role creations. Maintenance for production and non-production environments
• Third Level support for day to day SAP Security authorization issues and fixing them for ECC, HR and BI
• Created PD profiles as per business requirement
• Managing users access via IDM
• Trouble shooting IDM issues
• Engaging with business regarding mitigating control, Risk management and Process control with GRC
• Liaison between business, technical and functional teams relating to SAP Security, segregate company requirements following industry best practice
• Created and Ran ESCATT script for helpdesk to create multiple users
• Performing monthly and weekly housekeeping tasks and maintaining knowledge document for the team
• Participated in team weekly meetings regarding ongoing project and support work and discussing ideas to improve process & support
• Full Use of various SUIM reports, AGR, USR, trace via ST01 and creating reports using ST03N.
• Working on HR Security and updating Personnel Administration data of users via t-code PA30

Confidential

SAP Security Consultant

Responsibilities:

• Responsible for SAP User Administration and Authorization Administration
• Configured and tested SAP security profiles and authorization
• Analyse transaction functionality and ascertain alternative transactions with appropriate functionality for business needs was vital to ensuring security integrity
• Ran SU25 to populate customer tables USOBT C and USOBX C from SAP provided USOBT and USOBX tables for new authorization objects
• Comprehensive Security Script testing and QA of the built roles
• Assignment of roles to users in R3, HR and BW
• Created and maintained SAP Authorizations, User Master Records, Table authorizations
• Authority checks and profiles and transporting across DEV, QAS and PRD of R/3 systems

Confidential

SAP Security Consultant

Responsibilities:

• Troubleshooting: Responsible for analysis of end users authorization related problems in R/3 system. Analysis on basis of SU53 and trace file from ST01, provide possible solution and guidance to end user
• User Administration: Managing user master records, creating & deleting users, managing passwords, managing user groups
• SAP Portal: S-User creation and generation of developer key through SAP Portal. Also responsible for maintaining access data for OSS messages
• Creating, Deleting and Modifying users through SRDB
• Security Check for Standard Users Passwords
• Check users with unsuccessful Logons
• Users with incomplete address data
• Users not login for more than 90 days: Report for users not logged into production systems for last 90 days
• Report for the users having access to SAP ALL and SAP NEW profiles

Confidential

SAP Security Consultant

Responsibilities:

• User administration including creation, maintenance, locking, unlocking of users in SAP landscape using t-codes SU01 and SU10.
• Using tables USLA04 and USR* for determining user details for different authorization requests.
• Working in CUA Environment with about 30 child systems.
• Creation of multiple users across the CUA environment using SECATT scripts.
• Assigning roles to multiple users across CUA environment using SECATT scripts.
• Using t-code SCUL for distribution of log across CUA.
• Using t-code SCUM to maintain field distribution in child systems.