SUMMARY

• 15+ years of SAP Security, 7+ years of GRC 10 & 10.1 (AC & PC) experience working with multiple industries & trained on GRC 12.0
• Expert with implementation and configuration GRC 10 & 10,1 Access & Process Control
• SME in SAP HANA Database Security. SAP Security (ECC, BI/BW), worked on HR/HCM, BOBJ/BPC, PI and Portal Security
• Successfully completed 3 FLC implementations of SAP Security and 2 FLC & 3 update implementations of GRC 10 & 10.1 Suite (ARA, EAM, BRM & ARM) and One Process Control. SME in MSMP, BRF+, EAM workflow and MDUG tool
• Led client presentations for best practices in security, support, develop Role Matrix, Role Redesign, SAP ASAP methodology, SAP HANA and GRC
• Streamlined global roles creation/maintenance process by developing a best in class flow chart for a large corporation without any SOD issues, Adding and removing roles and process of user administration
• Championed processes and procedures to generate SOD free roles by working with control team, audit team and process development / Functional team
• Expertise in HANA Security using SAP HANA Studio 2.0. Experience in managing users, roles (catalog & Repository) and privileges (Analytic, System, Object & Package), Creating Classical XML & SQL Privileges, Building SQL query to extract data and report, Auditing and setting up Trace
• In HANA used SQL queries to automate multiple processes that translated into significant time efficiencies and assurance of data accuracy, which also resulting in substantial Dollar amount saving
• Led client presentations for best practices in security, support, Role Redesign, SAP ASAP methodology and GRC
• Achieved significant savings by creating Security Strategy and naming nomenclature documents for SAP applications
• Championed processes and procedures to generate SoD free roles by working with functional team
• Successfully created roles & user administration for large user base
• Ensured successful implementation of security module on time and error free by working with process team through Blueprint, Realization, ITC, Final preparation (Cutover & Dress Rehearsal), Hyper - care and Go-Live
• Experienced in employee development including coaching, mentoring, objective setting, performance management and talent planning for leading large, highly complex projects
• Implemented FIORI
• Confident, with a strong work ethic and pride in personal and team production
• Committed to the highest ethical standards in order to exceed expectations; consultative communication style

PROFESSIONAL EXPERIENCE

Confidential

Sr. Managing Consultant SAP Security, HANA & GRC (PC)

Responsibilities:

• Led a team to successfully implement & conduct pre-and post-configuration of GRC 10& 10.1 (ARA, ARM, EAM & BRM), create and modify risks, functions and mitigating controls, maintain connection setting for AUTH, SUPMG, ROLMG & PROV, activating BC sets, creating RFC connectors
• Spearheaded remediation of roles by control, audit and process development team and ensured Segregation of Duties (SOD) exist in the SAP systems using the GRC tools (Compliance Calibrator, Fire Fighter, and Access Enforcer)
• Implemented Risk Terminator across the GRC systems like Sand Box, DEV, Quality, PREPROD & PROD landscape
• Configured Fire Fighter User & Fire Fighter Role based for each business process area
• Experience in Role bases FF reporting, assigned & mapped FireFighter ID’s to owners and FireFighters, FireFighter Roles to owners and Fire Fighters.
• Increased process efficiency by configuring workflow for firefighter log approval to go to Firefighter Controllers
• Configured MSMP workflow at Global setting, maintained path for changes made through BRF+ with custom Initiator, Agent, Routing and Notification and variable rule stages at each path, Maintained rules, route mapping & version
• Selected process ids and configured different rules in process ID: SAP GRAC ACCESS REQUEST through BRF (Setting up workflow trigger based on type of request)
• Configured MSMP work for control assignment and maintenance
• Working knowledge of setting up UAR process
• Expertise in importing roles (Single, Derived & Composite) into BRM lite with status Production with appropriate role owners to enable auto provisioning using Excel template file
• Created background jobs for authorization, repository & Firefighter log synchronization plus Batch risk analysis
• Activated BC set for Process Control (PC), created connectors and maintained connector setting Automated Monitoring (ABAP REPORT & Configurable)
• Worked on Process Control - Continuous Control Monitoring jobs, creation of Data Sources, Business Rules & Controls
• In PC created Master data, Organization, Organization Hierarchy, Process, Subprocess, Controls & Custom Regulation
• Customizing of GRC PC controls including customization of manual, semi and automatic controls
• Created Flow Charts for Process Control steps, Work Inbox, CCM, Master Data Steps, Survey & Planning
• Used qualified ABAP REPORT (with Variant) & Configurable Data sources to monitor remote landscape systems
• Used Ad-hoc query, filter criteria, join tables, and creating deficiency to validate data from remote system
• Worked MDUG tool to export and import Master Data using Excel template file
• Implemented Surveys and Planner for assessments, designed question library, Ad-hoc and Policy Management
• Worked on automatic and manual test plan
• Design and Implement HANA Database security
• Creation of users and providing the roles and authorizations based on the business requirements
• Very strong experience in using SQL language and successfully created SQL to automate multiple processes that translated into significant time efficiencies and assurance of data accuracy
• Strong experience in working on HANA Studio Plus and various environment’s
• Strong experience in working on HANA Studio and Development perspective to create repository or design time roles and Analytic privileges.
• Introduced to the client the concept of composite roles to ensure more access is not granted
• Worked on both Catalog (Run Time) and Repository Roles (Design Time)
• Used Web Based Workbench tool to create various repository roles for Basis, Security, Role and User Admin, Developers, Modelers, Data Base Administrators, Transport (CTS), Audit and Business End user Roles
• Developed matrix for various types of roles with minimum access required to do the job
• Transported packages and roles (single and composite) using CTS transport
• Worked with team for development of security design document, creation of new roles, modification of existing roles, resolution of security-related issues, coordination with analyst and Basis team members
• Worked on System, Object, Analytic, Package and Application Privileges
• Worked with both XML and SQL based Analytic privileges and restriction data based on business requirements
• Experience in working with Calculation View, HANA Life cycle Management and Transport Mechanism (CTS)
• Experience in setting up audit and setting up trace to resolve security and authorization issues
• Created query to generate report listing Roles to Analytic Privilege (AP), then AP to Calculation View (CV), then AP to restrictions, days and Composite role
• Presented Statement of Work for Tier 1 Auto supplier for a SAP role redesign project and new GRC Implementation plus Configuration, based on study of exiting SAP security design and provide continuous support and improvement of GRC 10 & 10.1 and GRC12.0
• Achieved cost savings and error reduction by implementing role gathering matrix, and creating template with advanced Excel macro capabilities to sort data
• Extensive experience in enabling and disabling objects in SU24, plus created roles (Single, Derived, & Composite) and transported these roles across the landscape. (STMS, SCC1, SE01, SE09, SE10)
• Extensive use of following Tcodes: PFCG, SU24, SUIM, PFUD, SU01, SU53, ST01, STMS, SE01, SE09, SE10, SE11, SE16, SE16N, SE54, ST22, ST03N
• Expertise in Profile Generator (PFCG), User Administration (SU01 & SU10), SECATT, Maintaining Authorization Objects (SU24), User Master Data Reconciliation, Authorization Objects (SU24), CUA
• Resolving security issues during UNIT, FUT, and ITC & UAT testing using SU53 & ST01
• Worked with security tables such as AGR AGRS, AGR TCODES, AGR USERS, and AGR DEFINE, AGR 1251 & AGR 1252 etc.
• Resolving security issues during UNIT, FUT, and ITC & UAT testing using SU53 & ST01
• Created mass user IDs by using the bolt on application tool UAweb in conjunction with Excel and also assigned roles and groups
• Developed an Excel based macro in Excel, which captures requirements and keep record of all updates within the role development process and for monitoring all testing for example unit, development, functional, integration and user acceptance testing
• Developed SCATT script for creating and assigning roles to new users, assign roles to exiting users (Used Visual Basic Programming concept), resetting password for 10K users and adding email address to over 10K users
• Established common ground rules for all the applications including user naming standards, user inactivity procedures, password policy, and User management procedures to ensure security and costs savings
• Recommended and used Project IMG to create roles to give modules specific access
• Designed and prepared role matrices for security and business use
• Conducted user / role administration on daily basis in ECC 5.0, ECC 6.0, BW/BI, CRM SRM, PORTAL, SABRIX, COGNOS, and WEBSPHERE.
• Maintained and adhered to company strict policy of using password in Table USR40
• Extensively worked with the object S TABU DIS for restricting table maintenance access for users
• Setup and reviewed security parameter as per company policies using RZ10 & RZ11 transactions
• Used PFUD for Master Data Reconciliation and monitored PFCG TIME DEPENDENCY logs
• Improved IBM internal process to streamline workflow and saving labor cost
• Conducted on daily user ID administration for Enterprise portal, ECC, BW/BI, SRM & CRM
• Completed several SAP Health Checks and SAP User ID Revalidation
• Setup BW & BI security for query users, admin users & power users
• Built authorizations to grant access to data at Info-object level & key figure level
• Built analysis authorization in RSECADMIN & inserted them in the role using S RS AUTH
• Implemented HR security: Position Based Security and Structural Authorizations using Infotype 105 and 1017
• Linked user to PERNR using PA30 via Infotype 0105 and STY0001
• Used PA20, PA30, PA40, PO13, OOSP, OOSB, OOAW & PFCG transaction codes & HR Objects
• Performed indirect role assignment to the user based on position, org unit & work center
• Maintained the relation of PFCG roles with business roles and validly to position through PO13
• Maintained user position (USERS GEN) and change user position (PPOMA BPP)
• Proficiently worked with PI Java and ABAP dual stack for creating roles and Portal User administration (UME)