Sap Security Resume
5.00/5 (Submit Your Rating)
New Jersey, NJ
Technical Summary
- Over 3 years of experience in SAP security administration and GRC.
- Performed User, Authorization and Profile administration.
- Worked on GRC Access Control version 5.3 (All Components), Risk Analysis and Remediation(RAR), Compliant User Provisioning (CUP), Enterprise Role Management (ERM), Superuser Privilege Management (SPM)
- Very good understanding of SAP R/3 system integrity in technical as well as functional areas.
- Designed and built security roles for SD, MM, FI, CO, PP, PM, PS,
- Worked on versions, R/3 (ECC 5.0and ECC 6.0)
- Have complete familiarity with organization level security, single roles, composite roles and derived roles
- Running system trace to record authorization checks for the user sessions and tracing the missed authorization
- Global activating or deactivating of authorization checks
- Transported the generated roles and profiles using SAP transport management system
- Expert in trouble shooting using ST01, SU53
Professional Experience
Client: Confidential, Duration:-January 2009 to Till date
SAP Security Administrator
Remote Consulting project with Confidential,USA
Tasks: Production Support, Security Redesign, User Creation, Role Creation, Trouble shooting, GRC
Modules Supported: SAP Finance, SAP MM, SD, PP QM
User Administration:
- Familiar with Text Compare and User compare of roles
- Extensively used Tables like USR02, USER_ADDR
- SOD Analysis on User level using VIRSA GRC compliance calibrator
- Created Firefighter Service Users using SU01
- Assigned Firefighters to FF ids using /n/VIRSA/VFAT
- Maintenance of Firefighter Owners and Controllers on regular bases.
- Created multiple users in the system as per clients requirements
- Familiar with different types of User types
- Worked with basis and external vendors for setting up System/Communication user ids
- Created and familiar with use of user groups depending on the employee location
- Knowledgeable on the use of default values in the user master record such as date format and currency depending on the country
- Used SU10 mass change transaction to assign user to user groups and change other parameters like date format, cost center, address etc
- Trained user with use of SU3 transaction for them to update their own user parameters
- Identified all the user parameters like plant, company code, sales organization required working with functional teams
- Familiar with assigning user to role in CUA environment and non CUA Environment
SAP User Administration Production Support
- Familiar with Error ticketing process and used remedy software
- Used SUIM to perform security analysis for various purposes.
- Helped users by using sap change logs to identify the change which happened to their profile
- Trained junior people to create user ids in the system based on company policy
- Generated weekly report to see the users who have not used the system for 180 days
- Extracted reports like user assigned to roles, user by location, user by name from SUIM for functional teams and company HR
- Helped with locking accounts when the employee left the company
SAP Role Administration Implementation
- Very comfortable with PFCG transaction for creating roles
- Created role from Transaction, SAP Menu, and other roles
- Added help files and web location into the role
- Familiar with manual maintained and standard object in the role
- Worked with functional team to restrict the object values in the role
- Understand the role of organizational values for restricting roles
- Created multiple single and composite roles with proper technical name
- Understand the difference between parent and child roles.
- Familiar with Composite role concept and how it can reflect the job of the user
- Very comfortable with transporting role from one system to another
- Extensively used AGR_DEFINE, AGR_1251, AGR_1252 to extract data relevant to roles
- Familiar with the Yellow, Green and red statuses in the roles
- Inserted objects manually when required
- Manipulated SU24 to update the object values based on requirement
- Understand the implications of Upgrade from one version to another
- Used ST01 to advice the client and Functional team on object required to restrict the transaction
SAP Role Administration- Production Support
- Extensively used SU53 to interpret the error
- Used ST01 when the error message was not clear
- Identified the changes to roles from SUIM
- Generated useful reports for like Roles to transaction, Role to User and Roles to Composite roles etc
- Helped functional team with identifying the objects required for batch users.
- Helped the client secure the table and programs with authorization groups.
SAP Security Audit Compliance
- Checked for users who have any sap defined profiles
- Checked for user who have table access with SE16, SE17, SE11, SE16N in connection with object S_TABU_DIS and S_TABU_CLI
- Identified user with access to Sensitive transaction SE38, SA38 in combination with S_PROGRAM and S_DEVELOP
- Identified user with access to SM59 Connection who can created connections to external system
- Restricted access to User administration functions to specific group of users with object S_USER_GRP
- Create roles for security administrator so they cannot change roles in Quality system and production system
- Monitored the PFUD report for user comparison
SAP Security Testing and Documentation Support
- Helped user test both positive and negative testing
- Completed the unit test with test id so user will be able execute the transaction without any errors.
- Documented the on boarding process of the users and user removal process from the sap system
- Help client come up with users having elevated or extra access for limited amount of time
- Completed documentation on the User creation and role creation process plus the dos and don’ts in the system
- Trained and helped new SAP Security administrator with the transition process into the job
- Mentored the new SAP Security Administrator
Education: Associate Degree in Computer Science