Sap Security And Grc Consultant Resume
5.00/5 (Submit Your Rating)
Bridgewater, NJ
SUMMARY:
- 6 years' experience with SAP Security (Authorizations) and GRC Access Control and Process Control.
- Have been working on design & implementation of SAP roles that meet SOX regulatory, taking into account their sustainable maintenance and segregation of duties requirement
- Provide advanced SAP Security technical support for cross application SAP Support teams, including ABAP development, and SAP Business Support teams, to identify and resolve issues related to SAP Security.
- Lead & Implement custom SoD rule set implementation; update MSMP workflow & email template; and User Access Review at Confidential
- Implement ARM; update BRF+ rule based Initiator rules and create new routing rules Box/System (Phase III) at Confidential
TECHNICAL SKILLS:
- SAP SECURITY
- ECC
- BI
- CRM
- SRM
- HANA
- BOBJ GRC
- GRC 10.x Access Control
- GRC 10.1 Process Control
- GRC 5.3 (Production Support)
- VIRSA 4.0
- SOX Compliance
- Segregation of Duties
- MS Office
- VLookup & Pivot tables (Excel)
- BMC Remedy
- HP Service Manager
PROFESSIONAL EXPERIENCE:
Confidential, Bridgewater, NJ
SAP Security and GRC Consultant
Responsibilities:
- Integrate new SOLMAN system with GRC to enable automated user provisioning for users and firefighter.
- Implement Firefighter exit and Update Initiator rule, Routing rule and MSMP Workflows as part of Integration.
- Set up Process Control in GRC Sandbox.
- Perform Post - implementation steps & implement Continuous Control Monitoring and Issue Management.
- Set up Control Objectives, Business rules and Data Sources & Issue Management Workflows. Implement Controls for Security and Business related scenarios.
- Lead Global SoD Matrix Implementation for GRC 10.1 and VIRSA 4.0 Systems.
- Update Ruleset based on custom rule set definition provided by organization global compliance team; update risks - enable/disable risks, change risk level; create new risks (from Standard SAP functions).
- Perform User and Role Level Risk Analysis & prepare action plan to remediate & mitigate risks with Internal Control team.
- Identified roles with role level SoD Conflicts and remediated them.
- Work with Business & Internal Control team to remediate/mitigate user level risks Identify custom transactions with SoD Conflict and include them in SoD Matrix.Create test scripts & co-ordinate with business for testing role changes.Help Internal control team create Mitigation Control and mass assignment of Mitigation Controls
Confidential
SAP Security and GRC Consultant
Responsibilities:
- Responsible for production support for Confidential SAP Systems. Resolve service requests for user authorization issues; role updates and user access requests
- Add SAP system into GRC Landscape: Co-ordinate with Basis and GRC Implementation to add GRC Plug-in new target systems; implement User exit to prevent direct firefighter login. Setup Firefighter IDs in Target system and perform SIT testing
- Responsible for Role Design & development for Phase II (Business roles) and Phase III (Merge EM & EWM systems to TMS box) implementation of SAP Transportion Management System.
- Develop SRM PFCG and enterprise portal roles. Develop role menu based on the enterprise role/group authorizations.
- User administration including managing business partners (BP) and PPOMA (Org Mgmt) assignment for users.
- Also portal user administration for SRM users. Troubleshoot user access in NetWeaver and SAP SRM systems.
- Manage User administration and Role administration in SAP HANA System.
- Developed SAP HANA Repository roles.
- Worked on BOBJ Security. User, access rights and access level administration through Central Management Console.
- Creates users, user groups and assigned users to user groups and one user group to another user group. Experience on maintenance of access levels.
- Use of default access levels provided by SAP and creation and maintenance of new access levels as per business requirements.
SAP Landscape : GRC 10.0, ECC 6.0, SRM, HANA Studio, BOBJ, SOLMAN 7.1
Confidential
SAP Security and GRC Administrator
Responsibilities:
- Responsible for Security of SAP (modules SD, MM, FI, CRM, BI, GRC & EP) for production support.
- Responsible for Access provisioning in SAP ERP systems and trouble shoot issues with user access and authorizations.
- Part of role development; create new roles as per design specifications. Role redesign initiated to reduce role redundancy & improve efficiency and effectiveness.
- Prepare test scripts and co-ordinate for Unit Testing with functional teams.
- Assist Internal and External Auditors in Annual Authorization Review.
SAP Landscape : ECC 6.0, CRM, BI 7.0, Enterprise Portal, GRC 5.3