- Over 7 years Experienced in IT industry in SAP as SAP Security Analyst/GRC Consultant on SAP R/3 ECC 5.0/6.0, 4.7, 4.6C, 4.6B.
- Worked on 3 full life cycle implementation of SAP Security projects from design phase to post implementation phase in SAP Security Realm.
- Assisted on various modules like PP/MM//WM/HR/FI-CO/SD and new Dimensions products BI/BW, HR/HCM, CRM, SRM , XI, SCM,APO.
- Performed SAP Security related task and Implemented Security policies and procedures, Experienced in SAP Security Maintenance (PFCG), maintained the roles for all the instance (DEV, QAS, PRD and Training Environments) profiles in development and production systems.
- Provided support for User Maintenance, Roles/Profile Maintenance using Profile generator.
- Experienced in Setting up Central User Administration (CUA) and maintenance.
- Provide SAP Basis administration support, performance monitoring &
tuning, problem analysis & resolution, and other activities require to maintain system integrity and maximize uptime
- Implemented and configured SAP GRC Access Controls applications versions v5.1 and v5.2 such as the Access Enforcer, Compliance Calibrator, Firefighter and Role Expert tool
- Working Experience in Role remediation and user remediation of segregation of Duties (SOD) within SAP implementation, GRC -Virsa Systems 5.X tools (Compliance Calibrator, Access Enforcer, Fire Fighter and Role Expert).
Extensively used Fire Fighter 5.2 for creating Fire Fighter IDs, designing and assigning Fire Fighter roles and monitoring Fire Fighter logs activities
- Experienced in Netweaver Basic of User maintenance Thru UME (User Management Engine).
- Experienced in SAP Security related task such as SOX (Sarbanes Oxley) Compliance.
- Remediation of Segregation of Duties (SOD) within SAP implementation, VIRSA Systems VRAT tool, Fire Fighter, Role Expert, Access Enforcer, Profile Generator (PFCG), Role Creations modifications, User Administration. Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.
- Experienced in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users.
- Experienced in troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI.
- Experienced with creating & working on Production Support Tickets using Remedy tool.
- Self starting, highly dependable results oriented SAP Security Functional Analyst with hands on R/3 implementation, system enhancements and production support responsibilities.
- Effective, imaginative problem solver with excellent problem solving skills, team player and good communication skills.
SAP Security and Sales and Distribution module
SAP R/3 ECC6.0, ECC 5.0,4.7, 4.6C,4.6B
Security(R/3 and BW), CUA, Profile Generator, User Maintenance, Authorization.
SQL, Ms- Access 2000/97, Ms-Sql Server2000
Visual Basic 5.0, Visual Basic 6.0, C, C++, Vb.Net, Ado.Net, Core
Java, PL/Sql, Web Services, Xml
Windows 2000 Professional server, Windows 95/98
Confidential,Lebanon, NJ March 2007 to Till Date
SAP Security Analyst (FDA Regulated Environment)
Roles and Responsibilities:
Implementation Activities (RELEASE-1 & RELEASE-2)
- Responsible for Security role development like creation of Roles(including Single role ,Composite role, Parent & child role) creation of Users, Maintained Authorization Objects, and Assigning Roles to Users as per Documents provided by the Management
- Participated in Security Testing and UAT for Mexico/Bermuda client users for release-1 and help in resolving the defects using Mercury for ticketing purpose.
- Participated in Security Testing , UAT and OQ for USA market client users for release-2 and help in resolving the defects using Mercury for ticketing purpose.
- Created roles for USA market (plant based) as per Global role template.
- Work with QVC Team in adding aditional TCodes or Organizational values (derived roles) to the roles as a part of Security Testing and UAT Testing in Mercury before going live.
- Created job roles for Mexico and Bermuda as per the relevant test ids and also participated in security roles testing.
- Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards to meet FDA requirements.
- Documenting all development procedures, sensitive objects, manual inputs and all other critical changes as per FDA regulations and guidelines
- Completed all required Safety and FDA compliance training courses
Post GOLIVE support Activities (RELEASE-1)
- Hands on experience on production Support for Mexico/ Bermuda (LA HUB) plant for post GOLIVE support for COMET MERCK.
- Supported production issues on ECC, BI & Portal, GTS, SCM modules which were the part of RELEASE-1.
- Worked on security tickets using REMEDY tool.
Administration (ECC, SCM, GTS, and XI):-
- Maintained Users Master Records by creating User Ids, assigning roles, copying, renaming, reset password, etc. using SU01.
- Performed mass user activities using SU10.
- Extensively used ECATT scripts for mass user creation, locking and unlocking users, assigning roles to users etc.
- Used ECATT script for mass creation of OSS Ids, Basis Ids and Production user ids across the environment.
- Created Parent/Child role for Mexico/Bermuda from the Global role template for ECC, SCM, GTS in the initial implementation phase.
- Worked with profile generator (PFCG) in creating roles, profiles, composite roles and derived roles.
- Worked on SAP Check Indicator Defaults and Field values using transaction SU24 and maintained check indicators for Transaction codes during testing.
- Worked in coordination with HR people to maintain the synchronizations of the HR data (Pa0105- user id & email) and the SU01 user data so that users receive the workflow items.
- Created Global and Market roles as per the process teams requirements for STS Workflows maintained the roles and user maintenance.
- Transported Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape.
- Transported the generated roles and profiles using Transport Management System.
- Extensively worked with security related tables such as AGR_TCODES, AGR_USERS, AGR_1251, AGR_1250, AGR_DEFINE etc.
- Worked on Job role user switch for more than 400 users for BI, SCM, ECC all gold clients.
- Worked with table authorizations to control access to tables and created custom table authorization groups using SE54.
- Lead offshore team and assigning and monitoring day-day tasks.
- Used Compliance Calibrator tool to identify the risks and remove them by making changes in the role groups.
- Worked in configuration and support of Fire fighter and CC tool.
- Extensively worked with VIRSA Complaince Calibrator 5.1 to perform risk analysis at user and role level.
- Experienced with VIRSA Compliance Calibrator 5.1 (SAP GRC) for Prevention/Remediation/Mitigation of Segregation of Duties (SoD) within Organization.
- Worked with SE93 to create custom transaction codes to control access to tables.
- Assigned authorization groups to programs using RSCSAUTH and RSABAUTH to control access to programs.
- Trouble shoot user project related issues for Solution Manager for viewing Mexico/US project folder details.
- Used the table TCDCOUPLES (TcodeSE93) to maintain the checks between calling and called transaction codes such as SM37.
- Used SQVI to generate different kinds of User or Roles reports required by QVC Team.
- Monitored access to key authorization objects such as S_BTCH_ADM, S_ADMI_FCD, S_TABU_DIS, S_DEVELOP etc for debug access and etc.
- Advised developers to use function module AUTHORITY_CHECK for custom programs.
- Performed User master maintenance through Central User Administration (CUA).
- Effectively analyzed trace files using ST01 and authorizations for users (SU53) and tracked missed authorizations for user’s access problems and inserted missing authorizations manually.
- Created Custom Reporting Authorization Objects using transaction RSECADMIN.
- Created roles for restricting access to Infocubes, ODS objects, Queries and Workbooks.
- Created custom objects to secure the roles by Company Code, Plant and Cost Center
- Created development roles for BW developers using the authorizations objects S_RS_ISOUR,S_RS_ISNEW, S_RS_TR, S_RS_RST, S_RS_ADMWB, S_RS_BTMP
- Involved in testing of the roles along with the BI team members.
- Developed authorizations and assigned it to users using RSECADMIN
- Troubleshoot authorizations related problems using RSECADMIN.
- Worked with the SRM business team to prepare and maintain role matrices and user mapping matrix.
- Created EBP, SUS roles and Involved in troubleshooting roles, identified missing objects, arranged the menu structure as per the business requirements, tested roles.
- Worked with the configuration team in building, testing and implementing the roles
- Created Users in the SRM 4.0 environment using the web browser using transaction BBPUSERMAINT
- Created SRM users using the transaction SU01 and Assigned the user to Organisational hierarchy for SRM Team members through USERS_GEN.
- Troubleshoot user administration related issues.
- Assigned users to Organizational units using the transactions PPOMA_BBP, PPOME_BBP
- Maintain the approval and spending limits at role level and user id level.
- Worked on setting up the roles for Web-based User Management for CRM5.0.
- Worked on setting up users for B2B and Converted existing SU05 (internet) users to SU01.
- Involved in testing of roles along with CRM team as part of Security Unit Testing and UAT Testing.
- Provided daily security and authorizations management
Enterprise Portals 7.0
- Interacted with Portals configurators and developers in implementing Portals security and
and participated with Portal team for SSO login for various instances such as BI,SRM,T&E.
- Worked with Portal Architect for assigning actions and permissions to role.
- Created Users and assign appropiate Roles or groups on Portals.
- Created a groups in Enterprise Portal and assigned all roles to that relevant group.
Environment - SAP BI 7.0, SCM 5.0,GTS7.0,ECC6.0,CRM 6.0,XI(PI) 7.0,NetWeaver, Solution Manager, Enterprise Portal 7.0(SSO), SRM 6.0,APO,PP.
Confidential,CA Jun 2006 to Feb 2007
Sr SAP Security Administrator
- Provided daily security and authorizations management of SAP R/3 and BW systems.
Comprehensive knowledge exchange and documentation on different topics related to Security, Profile Generator (PFCG) and related functions, BPC.
Working with Functional heads for Segregation of duties and Security changes based on SOX requirements.
Responsible for daily security checks, monitoring unsuccessful logons, monitoring inactive users and
- Locking inactive users in production systems
Ensure role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/controls teams.
Monitoring R/3 system with CCMS Monitoring short dumps, system logs.
User Maintenance/User creation, deletion, modification on PRD, QAS, TST & DEV Server. Create & manage the scheduling of batch jobs working with T-Codes SU53 and SUIM for giving authorizations.
- Worked on creating users in UME (User Management Engine) and assigning appropriate roles.
- Created Custom Reporting Authorization Objects using transaction RSSM
Responsible for creation and maintenance of Roles for BW queries, Info Cube, Info Area using Profile Generator PFCG Involved in testing of the roles along with the BW team members
Participate in requirement gathering, assessment, design and configuration for SAP security.
Creation of Authorization Groups to restrict the R/3 table access and program access and review and correction of sensitive authorizations (S_TABU_DIS, S_USER_TCD etc.), including assignment of authorization for sensitive tables.
Working with respective functional heads for SOD tools & security changes based on SOX violations at T-code level & object level
Worked on integration of Access Enforcer for Fire Fighter
Participated in workflow design and testing of AE tool .
Participated in configuration of FF and AE tool for Compliance Calibrator 4.0.
Extensively worked with VIRSA to perform risk analysis at user and role level.
Used GRC Virsa tool extensively for handling SOD conflicts for each user.
- Provided various Risk analysis reports to Management and Audit teams.
- Worked with internal audit team to resolve SoD conflicts.
Coordinated SOX audit documentation preparation with internal audit team
Used Virsa tool extensively for handling SOD conflicts for each user.
Responsible for day-to-day transport support for moving objects from one system to another system.
Developed and provide knowledge transfer to client personnel on security authorization concept and security design/implementation.
SAP R/3 Prod Support in all areas of security with modules like FI, MM, SD, PS, PP, CRM and BW.
- Worked and Created roles for CRM for functionality Product Catalog, IC WebClient, Product, Administration console, also worked on setting up Internet users and roles for B2B.
Worked on assigning the users to organization structure for BP.
Responsible for creation and maintenance of Roles for BW queries, Info Cube, Info Areas using Profile Generator (PFCG).
Interacted with BW Team in design of security roles
Involved in testing of roles along with BW team.
Created roles using authorization objects S_RS_ICUBE, S_RS_MPRO, S_RS_ISET, S_RS_ODSO.
Created hierarchy authorizations using S_RS_HIER.
Created Custom Reporting Authorization Objects using transaction RSSM.
Troubleshoot authorizations related problems using RSSMTRACE and ST01.
Environment - SAP BW 3.5, Netweaver, R/3 6.0 ECC, FI, MM, PP, SD, CRM 4.0Education:
- Post Graduation Diploma in Computer Applications
- Bachelor of Commerce
- Advance Diploma in Software Engineering (ADSE).