We provide IT Staff Augmentation Services!

Security Lead Resume

SUMMARY:

  • Consultant with 10 years of experience in SAP GRC and Security, currently working with Confidential Services from .
  • Over 10 years of experience in SAP SAP GRC AC 10 & 10.1,5.3,HANA,ECC,HR,BI/BOBJ,CRM Security, Basis, NWA, XI/PI & Portal security.
  • Extensive and Hands on experience in GRC Implementation, Automation, upgrade experience with GRC ARQ, ARA, BRM, EAM. Experience also includes the implementation of Access Control 5.3, 10.0 and 10.1 versions, upgrade from 5.3 to 10.0, configuration testing, validation testing, integration testing and the UAT for Access Control 10.0 and 10.1
  • Completed two implementations of GRC Access Controls and Process Control implementation on a PoC mode.
  • Strong experience with multiple SAP security lifecycles (Analysis & Conception, Implementation, Quality Assurance & Tests and Cutover).
  • Excellent knowledge in role - based security, Central User Administration (CUA), Segregation of Duties (SOD), SAP Governance Risk and Compliance.
  • Extensively worked on presales activities preparing project plans, blueprint documents and costing
  • Experience in leading SAP security teams and also in audit efforts by helping in defining the audit rules and automating the reports by defining the programs specifications
  • Experience in Strategizing and implementation of SAP Security model, processes and procedures, defining various Role Matrices and designing templates.
  • Served clients across multiple industries like Utilities, Retail, Life Science, Consumer Business, Information Technology, Public Sector and Energy & Resources
  • Worked with the SAP Security team and business process owners to identity Fire fighter ID (FFID) controllers, administrators and Owners and mapped these in SAP GRC EAM 10.0
  • Experience in Strategizing and implementation of SAP Security model, processes and procedures, defining various Role Matrices and designing templates
  • Worked in all phases of full life cycle implementation using ASAP methodology including analysis, design development, blue print phase, configuration, Cut-over phase, Testing,, Go-Live and Post implementation support.
  • Extensive experience in Structural authorization & Analysis authorization.
  • Worked with auditor to remediate SOD issues and Day to day support of production system.
  • Worked in a team for developing a tool in conjunction with ABAP team exclusively to find the risk combination of the user/role community in the ERP systems.
  • Good Knowledge of SAP HANA security including User Management, Roles and Privileges.
  • Experience in SAP HANA Data Provisioning using SAP LT Replication Server (SLT) and Data services.
  • Managed SAP HANA with authorization, Authentication & also worked on Auditing.

PROFESSIONAL EXPERIENCE:

Confidential

Security Lead

Responsibilities:

  • Security Lead for the SAP Landscape role design
  • Worked in all phases of full life cycle implementation using ASAP methodology including analysis, design development, blue print phase, configuration, Cut-over phase, Testing, and Go Live preparedness
  • Discussion with the BPOs, deriving new security process and standards
  • Design of the entire security landscape according to SOX compliance
  • Documented all the initial level understanding about the business processes and used as an input for the blueprint documents
  • SAP Security Design, Rule Set creation & compliance initiative
  • Developing role matrix, authorization matrix and SOD matrix as per input from business
  • Role design in accordance with the new standards developed with strict restriction of authorization as per the job responsibilities
  • Initial Unit Testing with the internal Teams and error logs created for further verification.
  • Detail test report created with Test script
  • Detailed testing of the audit/SOD tool developed by ABAP team

Confidential

Security Lead

Responsibilities:

  • Security Lead for the SAP Landscape role Redesign
  • SAP Security Policy Blueprint Creation - Implementation
  • Role restructuring and authorization management for business and IT users
  • Worked on the project planning and blueprint phases
  • Design of the entire security landscape according to SOX compliance
  • Documented all the initial level understanding about the business processes and used as an input for the blueprint documents
  • Developing role matrix, authorization matrix and SOD matrix as per input from business
  • Detailed testing of the audit/SOD tool developed by ABAP team
  • Template based role creation in development system and movement to advanced systems through transport mechanism
  • Initiating UT and UAT for different modules and documented testing sign off
  • Complete Go Live and Post Go Live Support

Confidential

GRC Support consultant

Responsibilities:

  • Strong knowledge on SAP Security architecture creation and maintenance for SAP R/3, PI, MM, SD, & FI.
  • Creating new user accounts and user groups through GRC
  • Performed role maintenance using Business Role Management (BRM).
  • Using Emergency Access Management (EAM) tool provided Firefighter access required to address critical issues.
  • Restrict table access through authorization groups.
  • Role modifications based on proper approvals
  • Role maintenances and creating transport request for roles.
  • Effectively analyzed trace files and tracked missing authorization for user's access problems.
  • Mass user maintenance.

Confidential

GRC implementation consultant

Responsibilities:

  • GRC 10 Implementation and Configuration in development and production landscapes
  • Access Control, Process Control and Risk Management configuration
  • Complete module configuration under access control suite 10.0
  • Configuration of MSMP workflows for access control scenarios with working knowledge on BRF+ workflows.
  • Extensively used VIRSA/GRC Access Control Suite to meet the SOX compliance.
  • Performed risk analysis at User level and Role level and to mitigate risks for the users using Access Request Analysis tool.
  • Worked on cross system rule connector setup
  • Automated workflow for user maintenance using auto provisioning tool Access Request Management

Confidential

Application Architect

Responsibilities:

  • Exposure on GRC AC C5.3 Compliance Calibrator and Firefighter
  • Post configuration activities in GRC AC 5.3 CC and FF
  • Risk recognition by identifying authorization risks and approve exception, by running risk analysis tool in Compliance Calibrator.
  • Rule building with best practices rules for the organizational environment, validate rules, and customize rules and verifying against role cases.
  • Mitigation on the basis of alternative controls to mitigate risks and educate management about conflict approval and monitoring, document process to monitor mitigation controls.
  • Involved in go-live, post go live activities
  • Risk Analysis, Risk Identification, classification with to Business Process Owners, Identifying the Critical Tcodes with in Business Processes, taking the Industry recognized Tcodes.
  • Rule Design and Management, Classifying the Rules and generation of rules at Tcode (Action) & authorization levels (Permission).
  • Achieving continuous compliance by communicate changes in roles and user assignments, Simulate changes to roles and users and implement alerts to monitor for selected risks
  • Making reports of all user activities accessing higher authorization privileges generates an audit trial which is used for document reasons
  • Ensure users assigned to specific firefighting IDs with defined authorizations and validity dates and Separate logon is required, as well as documentation regarding reason for use.
  • Ensuring the Role definition clean before creating Role in SAP master database, role management is a central functionality to ensure all roles are complaint with company’s rule set.

Confidential

Application Architect

Responsibilities:

  • Daily work include writing technical specs, review the specs written, build the changes for the that needs to be implemented in the system
  • Implementation in systems like R/3, BI, APO, CRM, XI
  • Interaction with the functional business users and understanding of the restrictions to be applied in various scenarios.
  • Verified the roles, T-Codes & user master records in all SAP Landscapes for appropriateness and correctness and issues timely reported
  • Involved in security implementations/testing related to country specific go live
  • Involved in gathering end user requirements and implement SAP R/3 security authorizations
  • Created analysis authorization, tracing failed BI authorization errors and user assignment through RSECADMIN.
  • System Security Monitoring
  • Creating and modifying Single Roles, Composite roles and Derived roles
  • Experience with using Audit Information Systems (AIS) logs (SM19, SM20 and SM18
  • Solving ticket issues in Security related tables and reports/program. Problem fixing in assign of Authorization Groups, User Groups and User Administration
  • Documentation in various security processes, procedures, auditing; knowledge transfer and an active team player.
  • Worked with auditor to remediate SOD issues and Day to day support of production system
  • Experience in coordinating within team and with other teams
  • Analyze and resolve day to day authorization issues for the users
  • Creation, maintenance, and configuration of Fire Fighter user IDs for IT and Project Users.
  • Used Profile Generator for creation, modifying roles, composite roles, and derived roles.
  • Perform user administration (creating, changing, maintaining, deleting user accounts and assigning roles).
  • Effectively analyzed trace files and tracked missed authorizations for user’s access problems and resolving the issue either through appropriate role assignment/role modification as per the business process.

Confidential

Application Architect

Responsibilities:

  • Complete responsibility of system security and GRC security . To create SAP users through GRC and to assign them authorizations and central management through GRC
  • Risk Assessment of users using GRC and mitigation of the risk,
  • User Administration, Authorization & Profile Maintenance.
  • Preparation of security and audit reports and send to business over periodic time intervals
  • Spport of BI systems. To create users and administration of users and also working with BI 7.0 components infocube and infoobjects
  • Maintaining detailed documentation of the role and the detailed risk analysis and detailed change and approval documentation.
  • Configurations regarding, Role definition stages, attributes, documentation, approval procedure, monitoring, Risk analysis.
  • Classifying the Role attributes by Business process, Sub - Process, Functional Area, Custom fields, maintenance of authorization data.
  • Configuration of system landscape, connectors, synchronizing with back end system.
  • Functionality of mass role import from back end and its maintenance, configuration of methodology process and Configuration of Workflow for Approval process from Access Enforcer.
  • Naming convention of Role, executing and configuring back ground job schedule, maintenance of Organizational values against derived roles.

Confidential

SE/SSE

Responsibilities:

  • Configuration of Compliance Calibrator and Access Enforcer and extended support of the modules
  • Maintenance of rule set as per business requirements
  • Creation of users through GRC and SOD checks performed.
  • Performed User & Role analysis to find the existing SOD violation for users
  • Provisioning firefighter id/roles using the Firefighter module
  • Detail reports taken and sent to business periodically

Confidential

SE/SSE

Responsibilities:

  • Migration of around 1600 roles from BW 3.5 to 7.0 concept of analysis authorization using RSECADMIN
  • Creation of analysis authorizations and roles with authorization object S RS AUTH
  • Involved in POC, development,, UAT, go-live and post go live phases of the authorization migration project
  • Provided effort estimation for the security activities
  • Involved in meetings with business users and functional users to understand requirements for role design
  • Troubleshooting and resolution of issues throughout the project phase using RSECADMIN/RSUDO
  • Extensively used tables AGR 1251, AGR USERS, RSECVAL, RSECTXT for troubleshooting
  • Prepared complete documentation on the new role concept and transitioned to the team
  • Design of BW roles as per functional specifications and requirements
  • Created ECATT scripts for mass user/role activities like mass user creation/mass role creation/addition of single role to composite role/etc.
  • SAP note implementations with SNOTE transaction
  • Handled issues with TR requests, transport troubleshooting, import queue unlock
  • Batch job scheduling for auto import and auto forward of TRs to next system after STMS QA
  • Batch job scheduling of housekeeping (clean up) jobs in the system
  • Impact analysis for BI 7.0 EHP1 upgrade from basis and security perspective
  • Provided ABAP team the logic to create a custom program to group the assigned single roles to a user to a set of composite roles
  • Involved in the testing of the custom program in IST and UAT systems
  • Involved in the successful go-live, where all users are migrated to a set of composite roles.
  • Assign roles and groups to portal users
  • Mass assignment of group to portal users

Confidential

Software Engineer

Responsibilities:

  • Complete responsibility of system security. To create SAP users and to assign them authorizations, knowledge of Authorizations and Profile maintenance. Also used CATT scripts for creating mass users
  • Role management in ECC, BW systems capturing all the requirement details, analyse and make necessary changes keeping audit challenges into consideration.
  • Complete responsibility of Performance/Load Analysis of the system, which includes Memory Management, Workload Analysis of the system, Profile Maintenance for Central Instance and Application Servers,
  • Performed monitoring of SAP R/3 Database, Tablespaces, Short Dumps, Error Logs, and Performance Criteria.
  • Spool Administration and printer related issues.
  • Pre and post refresh activities in all system
  • Trouble shooting system problems by analyzing system log, Update monitoring, Alert monitors, system traces, lock entries, system dump.
  • Performance monitoring, workload analysis, performance tuning, database tuning using CCMS. Analyzed buffers, operating system, database.
  • Oracle Database Monitoring
  • Scheduling and monitoring of background jobs
  • Tablespace management & administration.
  • Applying OSS Notes through SNOTE

Hire Now