SUMMARY:

• 7 years of consulting experience includes SAP Security and GRC. Design, Implementation and Support of SAP Security & Authorization, SAP GRC Access Control, Segregation of Duties Analysis, Risk Mitigation, Risk Remediation.
• Design, Build and Implement security roles to help address the client access requirements including segregation of duty (SoD) controls.
• Expertise in Design and Built Security for S/4 HANA and Fiori for clients to help address the clients access requirements.
• Defined strategy for activation of FIORI Tiles, Launch Pad, Transactional apps, Odata services and mapping of catalog and groups for S/4 HANA roles.
• Defined strategy for Fiori roles (Front - End Server roles to start apps & Back-End Server role to data access.
• Proficient in SAP authorization concept, role matrix, creating users and assign roles. Analyze, design, configure, build, test and deploy roles/profiles.
• Identify Segregation of Duties (SoD) issues within the security design and worked with the business to formulate viable remediation solutions.
• Access Risk Analysis (ARA), Access Request Management (ARQ), Emergency Access Management (EAM), Multi Stage Multi Path (MSMP) workflow, SoD rule-set customization, Risk remediation and Risk mitigation.
• Define and implement SAP GRC Process Control implementation that includes planning, requirements activities, master data gathering, SPRO configuration, defining testing strategies and establishing cutover and go-live activities.
• Coordinate with Compliance and Internal Audit team to ensure that compliance requirements pertaining to various SAP processes were addressed in the SAP Security and GRC implementation.
• Experience in understanding and gathering business rules, business requirement and end user cases.
• Excellent interpersonal skills & ability to learn and adapt new technology concepts
• Strong, proven problem-solving skills and ability to identify, analyze, and resolve problems, driving solutions through to completion
• Apply understanding of business processes and technical skills to successful completion of projects
• Good Exposure of ERP Technology, Concept & Methodology
• Implementing Security in ECC, S4 HANA,BI and Fiori
• GRC Access control(ARA,ARM and EAM)
• Review controls in the current and ‘to-be’ business processes and help identify gaps and potential risks associated with the revised processes.
• Troubleshooting
• SAP Security tables.

WORK EXPERIENCE:

Confidential

SAP GRC & Security Consultant

Responsibilities:

• Define and develop new roles for SAP S/4 HANA/ECC.
• Manage engagement teams and provide technical leadership in the strategy, design, and implementation of application security for SAP S/4 HANA.
• Advise on requirement gathering session with business and guide to establish S/4 Hana and Fiori security
• Responsible for creation and updating of user.
• Perform Role and User analysis to assess remediation effort and prepare remediation approach and action plan.
• Define rule set and SOD matrix.
• Worked with business and technology leads to develop SOD rules for different business areas.
• Define roles for EAM.
• Define testing strategy for Manual Controls
• Involved in Password Resetting, Lock/Unlock of user, added decimal notation and maintained user information.
• Worked on different types of users.
• Involved in Mass creation, mass modification, locking and unlocking of users, assigning common role to users through SU10.
• Responsible for creating user groups.
• Involved in Role administration.
• Defining the strategy of master and derived roles
• Worked on Conversion of authorization object into Org level value.
• Effectively analysed trace files and tracked missed authorizations for user access problems and inserted missing authorizations manually.
• Extensive use of SUIM for reports related to users and roles.
• Extensive use of AGR tables for audit the role information.
• Extensive use of USOBX and USOBT tables.
• Extensive use of su24 to check the standard T-code authorization objects and maintain authorization checks.
• Responsible for Scheduling background jobs repository sync, FF log and users sync.
• Authorization transports.
• Conduct design and requirement gathering workshops with Process Control stakeholders to identify business requirements and ensure that identified requirements are addressed in proposed Process Control
• Performed Entire IMG SPRO configuration for SAP GRC Process Control
• Managed the entire Master Data (Organization hierarchy, Process, Sub process, Control) load using MDUG (Master Data Upload Generator).

Confidential

SAP Security Consultant

Responsibilities:

• Created and implemented Authorization concept and SAP Security for IS Utility (Billing, Device Management, FICA & Customer Services).
• Creation & implementation of customized of Segregation of Duties (SOD) matrix for core utility business process viz; Metering, Billing, Customer Services, FICA as SAP GRC lacked standard SOD risk matrix for utility company.
• Define strategy for ARA, EAM and ARM
• Configure MSMP for User creation, UAR, EAM
• Involved in project plan preparation, and regular status reports for senior management.
• Prepare audit check list for ITCG and application control.

Confidential

SAP Security

Responsibilities:

• Under Access Risk Analysis, performed User & Role analysis to identify existing SoD violations.
• Using Access Risk Analysis produced Analytical Reports on User, User Groups, Roles and Profiles. Analysis reports provide real-time data and Management reports retain an offline history of SoD status.
• Performed remediation and mitigation against various risks associated with roles and users.
• Schedule the various background jobs to perform the risk analysis based on business unit. The background job can be scheduled based on the user requirements. It is usually scheduled for day ending or weekends.
• Defining, Updating/Modifying the rule sets as per request. Each organisation has its own rule set based on the business structure. Mostly rule set is also defined by modifying the default rule set given by SAP that is GLOBAL rule set.
• Experience in creating and assigning FF ID’s and extracting Fire Fighter logs. A firefighter ID is a temporary user ID that grants the user exception-based, yet regulated, access. The firefighter ID is created by a system administrator and assigned to users who need to perform tasks in emergency or extraordinary situations.
• Assigned firefighter controller to the firefighter ID
• Distributing Fire Fighter logs to owners.
• Assigning temporary ID to super users allowing emergency access and reporting for audit purposes.

Confidential

SAP Security

Responsibilities:

• User master Record creation/ modification using SU01, including complex design restrictions.
• Mass user creation using SU10.
• Utilized SECATT for mass user creation allowing automatic testing of SAP business processes.
• Role creation/ modification using Profile Generator (PFCG) including complex design restrictions.
• Ensured accuracy and segregation of duties through comprehensive testing of all profiles and authorizations.
• Expertise in resolving Authorization issues by analyzing Authorization Checks.
• Troubleshooting user access through authorization error analysis (SU53, SU56) and System Trace (ST01).
• Work with Functional, BASIS, and Network teams to troubleshoot complex access problems
• Monitor and maintain user ID through User Information System (SUIM) - created monthly audit reports.
• Worked extensively with SE01, SE09 & SE10 in managing mass transport
• Worked on audit logs using SM18, SM19 and SM20.
• Monitoring & analyzing system logs, monitor background job logs .
• Proficient in working with the tables USR*, AGR* .

Confidential

SAP Security

Responsibilities:

• User master Record creation/ modification using SU01, including complex design restrictions.
• Mass user creation using SU10.
• Extensive use of SUIM for reports related to users and roles.
• Extensive use of AGR tables for audit the role information.
• Extensive use of USOBX and USOBT tables.
• Extensive use of su24 to check the standard T-code authorization objects and maintain authorization checks.
• Responsible for Scheduling background jobs
• Backup
• Transport Management
• Authorization transports.
• Worked on audit logs using SM18, SM19 and SM20.
• Proficient in working with the tables USR*, AGR*.