Overview:

• Experienced in installing, implementing and documenting audit defensible security processes and infrastructure to comply with the Sarbanes-Oxley Act. These activities have included: installing, configuring and maintaining the GRC 5.3 Segregation-of-Duties, or SOD and providing methodology to analyze security roles for adequate segregation-of-duties with respect to transactions.
• Experienced in 3 Full life cycle SAP implementations including Upgrades to ECC 6.0 FI, SD, MM, HR and BI 7.0, HCM, EHP4, BOBJ 4.0, BPC 4.0,SAP GRC 10.0, SAP Netweaver Identity Management IDM 7.2,CRM 7.0 - IC WebClient UI
• More than 7 years of SAP Experience and provided SME Subject Matter Expert for Complex SAP landscapes including legacy System.
• GRC 10.0: Performed user audits for customer systems and reviewed role and profile using the GRC to identify and militate against potential security risks. Expert in Configuring, Troubleshooting of Various Components of GRC 10.0 RAR Risk Analysis and Remediation , UAM User Access Management , BRM Business Role Management , EAM Emergency Access Management
• Identity Management 7.2: Integrated with Business Suite ECC 6.0 , GRC 10.0 and non-SAP Systems. Automated SAP User provisioning with IDM within GRC. Configured Identity Center and Virtual Directory Server with in IDM.
• BOBJ 4.0: Created various Access Levels, Groups, personal folders for various Department and Assigned users into appropriate Group. Restricted various Applications BI Launchpad, BI Workspaces, Web Intelligence, Crystal Reports Universe
• BI Business Intelligence 7.0: Created analysis authorization objects for authorization relevant characteristics and Key figures and Secured the Reports at granular level by using Navigation Attribute Info Provider
• Portal EP 7.0: Assigned Portal roles corresponding to backend roles to user view and use in the portal, Created portal roles using portal content which allow access to views in Portal and Mapped the backend roles of ECC 6.0, BI 7.0 roles to Portal groups and assigned portal groups to users using User Management Engine.
• HCM Security: Extensive experience in ESS / MSS, Indirect Role Assignment, Org and Position management, Structural Authorization Position based security, Payroll, Context-Solution, PD / Structural Profile, User Administration, HR tables and Info types, in team and independent environments.
• CRM 7.0: Designed Business Roles by working closely with Functional Team and Created respective PFCG roles to provide access to logical links of work centers in Business Roles, Assigned Business roles to the Business Users in the Organization Structure, Created Business Partner and associated them with user employee .
• Expertise in Role-based Security design and maintenance , Solution Manager, BI Security, Portal Security / User management , CTS, Single Sign On.
• Analytical and creative problem solving capabilities in all SAP environments.
• Implemented SAP Netweaver Identity Management 7.1 IDM across a diverse IT landscape including all SAP systems.
• Expert in securing system and data through customization of role maintenance, tables, authorization groups, transaction codes and programs.
• Expert in master / derive and composite role implementation.
• Experience in SAP Security upgrade, CUA and RFC.
• Expert in resolving R/3, BI, CRM, HR and portal security issues and trouble shooting.

Professional Experience

Confidential

SAP GRC Analyst.

Risk Analysis and Remediation ARAR

• Post installation configuration.
• Conducted Risk and Rules Workshop with Auditors and Security Team.
• Leverage internal/external audit requirement to define custom rule set.
• Scheduled background jobs for user/role risk analysis.
• Defined and configured Risk owners and Mitigation controllers.
• Applied Mitigations for Identified and approved SOD Violations.

Super-user Privilege Management SPM

• Post installation configuration.
• Defined Reason Codes for Fire fighter use.
• Identify create communication users administrators access for SPM.
• Set up master data in SPM dashboard.
• Configure SPM backend system per provided SPM Master Data.
• Configure SPM Java frontend system for Reports.
• Super User Privilege Management Installation Configured Validated.
• Expert implementing and automating Structural authorizations in HCM.
• Expert in user licensing using USMM and SLAW.
• Resolved the OSS tickets for different customers with different components.
• Responsible for security of Solution manager 4.0 CUA Central User Administration systems which was used to monitor customer systems.
• Expert of Central user administration and security maintenance of CUA environment.
• Worked securing the workflow objects and release strategies.
• Worked on multiple implementations involving Order to Cash and Procure to Pay processes.
• Worked in tight deadlines to complete the deliverables.
• Designed roles for the 000, 001 and 066 clients for the customer systems for the quarterly release.
• Installing, implementing and documenting audit defensible security processes and infrastructure to comply with the Sarbanes-Oxley Act. These activities included: installing the VIRSA Segregation-of-Duties compliance calibrator tool, providing methodology to analyze security roles for adequate segregation-of-duties with respect to transactions.
• Development and implementation of structural authorization profiles with context-sensitive security for HR Master Data.
• Functional management and configuration expertise in planning, implementing the SAP R/3 and HR Security Authorizations concept.
• Worked with HR Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Designed and created roles for Solution Manager 4.0 to control and limit the access of SAP's Hosting Team's.
• Designed and created portal roles in the EP6.0 and EP 7.0
• Generated the authorization profile for the portal roles in the backend systems.
• Worked closely with the Customer Service manager and was directly involved with the customers to resolve and answer their security concerns and helped them understand the scope and delta features of add-on tool VIRSA 5.1 Compliance calibrator and Fire fighter.
• Worked with Approva Biz Rights to make sure roles are complaint with COSO, HIPPA and PCI.
• Resolved authorizations issues for the Customer Service manager's to generate the early watch reports.
• An active part of the CCMS Monitoring and development team. Helped the team to resolve authorization issues for SMSY functionality.
• Designed and developed roles for CRM 2007 WebClient UI and configured Access control engine ACE .
• Performed user audits for customer systems and reviewed role and profile using the VIRSA compliance calibrator to identify and mitigate the potential risks by implementing management internal controls MIC's .
• Managed the test CUA landscape for internal SAP system working on WAS 7.0.
• Documented all the activities according to the series of versions, to make the knowledge transfer process as clear as possible.
• Designed authorizations for Enterprise Buyers Professional GTS 3.0 .
• Strong exposure to BASIS support and TMS.
• Strong exposure to SAP Identity Manager.

Confidential

SAP Security /GRC Consultant

• Developed reports for user access to sensitive info types for OM, PA, Compensation and Benefit roles.
• Created Roles for Employee Self Service and Master Self Service.
• Worked with HR Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Designed the Security Structure for SAP BI 7.0.
• Created analysis authorization objects using for authorization relevant characteristics and Key figures.
• Designed and created portal roles in the EP6.0 and EP 7.0.
• Worked on CMC Central Management Console in BPC 4.0 by Creating Access levels, Groups, assigned users into proper Group and Transferred users from BI 7.0 System into BOBJ 4.0.
• Worked Closely with BOBJ Functional team and configured Components such as Web Intelligence, Dashboards and provided Business users proper access to such components to run the ad-hoc reports.
• Created users in Portal, assigned to proper Portal Groups and Roles to them in EP 7.0.
• Configured plug-ins for Backend Systems such as ECC 6.0, BI 7.0 and Created a Communication user WF-BATCH for workflow infrastructure.
• Configured Enable/Disable Parameters related to Change Log, Mitigation, Risk Analysis, Workflow and EAM.
• Created Custom Rule sets after discussing with Key Stake holders as per there business process.
• Configured Risk Analysis and Remediation by working closely with business folks after identifying Role owners, Mitigation Controls Monitors and Mitigation Control owners.
• Configured Emergency Access Management by working closely with Business users and Functional team. Created Fire Fighter user id's after identifying Fire fighter owners and Fire Fighter Controllers.
• General Support
• Coordinated with the offshore teams and monitored the progress of the project.
• Managed and coordinated daily tasks with the global offshore Teams.
• Created and defined the deliverables for the Blue print phase.
• Communicated technical and non-technical issues to the client supervisors.
• Reviewed the custom code and closed the security GAP's by comparing with the Tech specs.
• Experience in setting up users with AOD Access on Demand access.
• Responsible to prepare the deliverables for the role redesign project.
• Develop and document policies to fill the GAP's in the security architecture.
• Created roles for SAP modules FICO, MM, QM, PM and HCM.
• Resolved the OSS tickets for different customers with different components.

Confidential

SAP Security / GRC Consultant

• Worked on implementation of structural authorizations and structural authorization profiles by activating various switches from the required Tables.
• Maintenance of HR organizational structure to administer and control user access, including time-delimited access e.g. temporary assignments to positions .
• Created PD Profiles According to business requirements and Assigned to users.
• Created/Updated Business BI Roles by Publish Queries into the Role Menu and map BI Business Roles into Portal Groups.
• Assigned Portal groups EP 7.0 and corresponding backend roles BI 7.0 , to users to view reports through portal.
• Created User Groups and access levels in Central Management in BOBJ 4.0 and assigned the users to proper groups for access reports in Dashboards and Webi.
• Configured the background jobs in BOBJ for retrieving the data from BI Systems such as new users and Roles.
• Created backend roles in BI for BOE crystal reports to access data from SAP BI.
• Created roles for BI Data ware house objects and BI Reporting layer objects.
• Implemented BI security by Creating Analysis Authorization objects and secured them in Roles.
• Activated required Info objects and made authorization relevant in order to Create Analysis Auth Objects.
• Worked Closely with CRM 7.0 Functional team and Configured Business Roles Adjust Work centers, Adjust Work Center Group Links .
• Run the reports to generate .txt file for Business Roles and imported in PFCG Roles.
• Adjusted PFCG Role Authorizations for Corresponding Business Roles.
• Created PFCG roles for the Business Roles in CRM 7.0 IC WebClient UI.
• Created Organizational Structure and Positions according to business requirements.
• Creating Business Partner and associating them with user Employee Role .
• Assigned Business roles to the Business Users in the Organization Structure.
• Assigned Corresponding Business partners to positions in Org Structure to inherit the required Authorizations.
• Worked extensively with the PFCG tool to created roles for Finance, HR, SD and MM Modules.
• Worked with business leads in order to develop requirement role matrices.
• Worked with process experts and head of departments for SOD conflicts and assigned appropriate roles to the users.
• Traced the transactions for required authorizations and adjusted the SU24 for those T-Codes.
• Analyzed the impact of SU24 changes to proactively avoid issues.
• Blueprinted and created the enterprise the performance management and compensation management roles.

Confidential

SAP Security / GRC Analyst

• Designed ECC-HCM roles for OM, PA, Compensation, Benefits, ESS and MSS for Global Access.
• Created backend roles for HR Employer self-service ESS and Manager self-service MSS.
• Created PD Profiles according to business requirements and assigned to users.
• Developed reports for user access to sensitive info types for OM, PA, Compensation and Benefit roles
• Worked as a BI-HR expert to redesign the global access.
• Created PD Profiles According to business requirements and assigned to users.
• Worked with HR Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Developed LSMW scripts to assign the structural profiles to Positions.
• Worked with the ABAP team to create the custom function module for structural authorization.
• Gathered the security requirements for structural profiles and PFCG roles as per the business roles.
• Configured system connectors between CUP and SAP systems / non SAP CUP request creation, modification and deletion.
• Uploaded roles into CUP.
• Applied roles and role approvers in CUP.
• Added business processes and functional area for business processes.
• Worked on RAR Risk Analysis and Remediation :
• Uploaded rule sets, Configured Business process, Risks, Mitigation Controls in Risk Analysis and Remediation.
• Expert in Configuring CUP, RAR and SUPM.
• Expert in Creating Users like Requesters, coordinators, Role Approvers and Final approvers related to workflow of CUP for user provisioning in SAP Backend Systems.
• Worked closely with Team members to implement GRC 5.3 Support packs 13.
• Downloaded and uploaded rule set Matrix in RAR.
• Created Mitigating Control Monitors and Applied Mitigating Controls to them.
• Created analysis authorization objects for authorization relevant characteristics and Key figures related to Sales chain Finance reports related to District Managers, Directors and VP.
• Created BI 7.0 Roles for Various Department and sync the roles/users with BOBJ 4.0.
• Restricted Access to users by Creating Access Levels, Groups, personal folders for various Department in BOBJ 4.0 and Assigned users into Group.
• Configured users to login BOBJ 4.0 through SSO and run the reports in BOBJ 4.0 and replicate the data as per Roles in BI 7.0.
• Creating Portal roles for BI Portal EP 7.0 to Publish Queries.
• Assigned Portal roles corresponding to backend roles to user view and use in the portal.
• Created portal roles using portal content which allow access to IView's in Portal.
• Map the backend roles of ECC 6.0, BI 7.0 roles to Portal groups and assigned portal groups to users using User Management Engine.
• Created backend roles in BI for BOE crystal reports to access data from SAP BI.
• Created roles for BI Data ware house objects and BI Reporting layer objects.
• Created PFCG roles for the Business Roles in CRM 7.0 IC WebClient UI and assigned them in Org Structure to various positions.
• Worked closely with the CRM BSA in creating the Business Roles, Org Structure Positions.
• Traced and Resolved Authorization issues for BSP Applications in Web Client UI.
• Created PFCG roles to provide access to logical links of work centers in Business Roles.
• Assigned Business partners to various positions within the Organization Structure.
• Creating Business Partner and associating them with user employee .
• Worked extensively with the PFCG tool to create roles for FI AP, AR , HR, OM, APO, ESS and interfaces.
• Worked with business leads in order to develop requirement role matrices.
• Created Roles in Solution Manager for designing various different projects.
• Worked with process owners for SOD conflicts and assigned appropriate roles to the users
• Analyzed the impact of SU24 changes to proactively avoid issues.

Confidential

SAP Security / GRC Architect

• Worked on implementation of structural authorizations and structural authorization profiles.
• Maintenance of HR organizational structure to administer and control user access, including time-delimited access e.g. temporary assignments to positions .
• Setting of HR security authorization objects for structural authorizations based on Info Type and allowed functions / activities.
• Created PD Profiles According to business requirements and Assigned to users.
• Worked Closely with CRM 7.0 Functional team and Configured Business Roles Adjust Work centers, Adjust Work Center Group Links .
• Run the reports to generate .txt file for Business Roles and imported in PFCG Roles.
• Adjusted PFCG Role Authorizations for Corresponding Business Roles.
• Created PFCG roles for the Business Roles in CRM 7.0 IC WebClient UI.
• Created Organizational Structure and Positions according to business requirements.
• Creating Business Partner and associating them with user Employee Role .
• Assigned Business roles to the Business Users in the Organization Structure.
• Assigned Corresponding Business partners to positions in Org Structure to inherit the required Authorizations.
• Created/Updated Business BI Roles by Publish Queries into the Role Menu and map BI Business Roles into Portal Groups.
• Assigned Portal groups EP 7.0 and corresponding backend roles BI 7.0 , to users to view reports through portal.
• Created backend roles in BI for BOE crystal reports to access data from SAP BI.
• Created roles for BI Data ware house objects and BI Reporting layer objects.
• Implemented BI security by Creating Analysis Authorization objects and secured them in Roles.
• Activated required Info objects and made authorization relevant in order to Create Analysis Auth Objects.

Confidential

SAP Security / GRC analyst

• Created PFCG roles for the Business Roles in CRM 7.0 IC WebClient UI.
• Worked closely with the CRM Customizing team in creating the Business Roles and Org Structure.
• Traced and Resolved Authorization issues for BSP Applications in Web Client UI.
• Created PFCG roles to provide access to logical links of work centers in Business Roles.
• Assigned Business roles to the Business Users in the Organization Structure.
• Creating Business Partner and associating them with user employee .
• Maintained user parameter for CRM users in SU01 to access BSP in IC WebClient UI.
• Created analysis authorization objects for authorization relevant characteristics and Key figures.
• Creating Portal roles for BI Portal EP 7.0 to Publish Queries.
• Assigned Portal roles corresponding to backend roles to user view and use in the portal.
• Created portal roles using portal content which allow access to Iviews in Portal.
• Map the backend roles of ECC 6.0, BI 7.0 roles to Portal groups and assigned portal groups to users using User Management Engine.
• Created backend roles in BI for BOE crystal reports to access data from SAP BI.
• Created roles for BI Data ware house objects and BI Reporting layer objects.
• Implemented BI security at Info area, Info cube, Info Object, DSO's, Multi Provider levels.
• Maintained authorizations for Business Objects Enterprise BOBJ Top level, Folder level and object level.
• Worked Closely with Business and Functional team to gather Business requirements related to Organizational Management, Positions and implementation of structural authorizations and structural authorization profiles.
• Created PD Profiles as per business requirements and assigned to users.
• Created Org structure, Positions, jobs and assigned various users to there corresponding positions.
• Assigned Roles to Org Unit/ Positions as per business requirements and users got inherited there access through positions/ Org Unit.
• Maintenance of HR organizational structure to administer and control user access, including time-delimited access e.g. temporary assignments to positions .
• Created roles for Employers to maintain their personal data using ESS.
• Restricted the Employer Self Service roles to their area of responsibility.
• Working with Team members to deploy Access of ESS to End Users Departmental Users .
• Implemented, Configured and maintained CUA Central User Administration for all Systems.
• Maintained the RFC destinations for the CUA environment and controlled the authorization for communication users.
• Worked on Single-Sign-On SSO .
• Worked extensively with the PFCG tool to create roles for FI, HR, OM, PA, ECM, LSO, ESS and interfaces.
• Worked with business leads in order to develop requirement role matrices.
• Worked with process experts and head of departments for SOD conflicts and assigned appropriate roles to the users.
• Traced the transactions for required authorizations and adjusted the SU24 for those T-Codes.
• Analyzed the impact of SU24 changes to proactively avoid issues.
• Blueprinted and created the enterprise the performance management and compensation management roles.
• Created test scripts for Unit, integration and UAT testing.
• An active part of the CCMS Monitoring and development team. Helped the team to resolve authorization issues for SMSY functionality.

Confidential

SAP Security Analyst

• Developed reports for user access to sensitive info types for OM, PA, Compensation and Benefit roles.
• Worked as a BI-HR expert to redesign the global access.
• Created PD Profiles According to business requirements and assigned to users.
• Worked with HR Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Configured Risk Analysis and Remediation in GRC 5.3 to update new risks for the rule set.
• Configured SUPM Super User Privilege Management and provided emergency access through firefighter user id's for Sustainment team.
• Configured workflows in CUP Compliance User provisioning and automated User Provisioning related to different types of User requests New Requests, Change Request, Delete Request, Lock and Unlock .
• Recommend policy changes as per the Best Practices and Sox Compliance.
• Ensured no SOD's existed at the role- and user- level.
• Implemented enhancement to secure FF ID's.
• Designed the Security Structure for SAP BI 7.0.
• Created analysis authorization objects using for authorization relevant characteristics and Key figures.
• Designed and created portal roles in the EP6.0 and EP 7.0.
• Created PFCG roles for the Business Roles in CRM 7.0 IC WebClient UI.
• Worked closely with the CRM Customizing team in creating the Business Roles.
• Traced and Resolved Authorization issues for BSP Applications in IC WebClient UI.
• Coordinated with the offshore teams and monitored the progress of the project.
• Managed and coordinated daily tasks with the global offshore Teams.
• Created and defined the deliverables for the Blue print phase.
• Communicated technical and non-technical issues to the client supervisors.
• Reviewed the custom code and closed the security GAP's by comparing with the Tech specs.
• Experience in setting up users with AOD Access on Demand access.
• Responsible to prepare the deliverables for the role redesign project.
• Develop and document policies to fill the GAP's in the security architecture.
• Created roles for SAP modules FICO, MM, QM, PM and HCM.
• Resolved the OSS tickets for different customers with different components.
• Technologies