EXPERIENCE SUMMARY:

• Having 9+ years of extensive knowledge and experience in SAP Security and Authorizations in S4HANA/FIORI/ECC/BW/CRM/MM/BPC/FICO/SD/PS/PPM/BS/HCM/Portal
• Extensive knowledge and experience in implementing GRC AC 5.3/10/10.1/12.0.
• Experienced in Implementation, Go - Live as well as Support projects.
• Implementation and advisory experience on various ERP products and solutions for GRC.
• Have 6-7 end to end implementations for ERP / GRC covering the detailed configuration settings for Access Controls modules - ARM, ARA EAM, BRM , UAR, SOD review.
• Experienced in hands on configuration for user provisioning, role management, super user management, risk analysis, continuous control monitoring, risk assessment and management.
• Have worked on all AC component with an understanding of the rule set, risks, functions and mitigation controls.
• Have worked on the pre-installation and post installation steps, syncs, connectors, rule building and workflows for GRC solution.
• Have implementation/configuration experience of BRF+ and MSMP framework.
• Good knowledge on SAP SOX Compliance and SOD policies.
• Exposure to Banking, Utilities, CMT, Oil & Gas, IT and Retail clients.
• Project Documentation - Document preparation experience in Solution Architecture, SOW, Blueprint, Business Process document, Configuration and Implementation Guide, UAT documents, Cut-Over activities plan & documentation capabilities
• Experience in leading the team.
• Excellent problem solving and analytical skills.
• Ability to handle crisis, customer-critical situations, escalated client issues with composure.
• Focused and driven to achieve results.
• Confident at reaching out to stakeholders and building rapport with partner teams.

PROFESSIONAL EXPERIENCE:

Confidential

SAP Security and GRC Consultant

Responsibilities:

• Implementation of GRC Access Control 12.0 - ARA, ARM, EAM & BRM with S4HANA and FIORI.
• Analysis on Master and derived role inconsistency.
• Building the new versions of the Master and Derived role in order to maintain the consistency between master and child roles.
• Analysis on org.level values inconsistency.
• Designed SECATT script for mass role assignment to mass users, mass org value update, deletion of roles, creating new version of mass master and derived roles, push authorization from master role and mass update of composite roles (replacing old roles to corresponding new roles in composite roles)
• Delivered workshops to client during Project Preparation Phase.
• Project Documentation like Solution Architect, Workshop PPT’s, SOW, Project Plan, RACI matrix, Cut-over plan etc
• Supported UAT, Cut-Over, Go-Live and hyper care.
• Supported Hyper care single handedly by supporting business, troubleshooting authorization issues or defects and providing the resolution.
• Day-to-day security activities.

Confidential

SAP GRC Consultant

Responsibilities:

• S/4 HANA Implementation with GRC Access Control 12.0 - ARA, ARM, EAM & BRM and FIORI integration.
• Security design and support for S4HANA - MM, SD, FICO, PS/PPM, Fiori.
• BRF+ and MSMP workflow configuration for Approvals and HR Trigger.
• Configured HR Trigger in GRC to automate user creation, user change and user termination once HR master data is created by HCM/HR Consultant.
• Position based or default roles assignment for HR Trigger.
• Address SoD Conflicts from the input of Securiy/Business/Audit once earlywatch report is received
• Collaborate with other team members and functional consultants to gather requirements for role modification/design like authorization objects, activity, field values, SU24 entries etc.
• Giving KT to clients on Authorization concepts and GRC 12.0.
• Preparation of documents like configuration guide, design document, BPD, UAT, manual
• Presented workshops on SAP Security and GRC Concept.
• Supported UAT, Cut-Over, Go-Live and hyper care.
• Troubleshoot authorization related issues using SU53, ST01 and STAUTHTRACE
• Preparing Audit report

Confidential

Technology Lead

Responsibilities:

• GRC 10.1 Access Control Implementation and support in all modules - ARA, ARM, BRM and EAM.
• SAP Security and authorizations implementation, upgrade as well as support in S4HANA, BW, CRM MM, SD, FICO etc
• Post installation steps, syncs, connectors, rule, risks, functions building and workflows for GRC solution based on business requirements.
• Configuration of BRF+ and MSMP framework for approval workflow.
• Preparing Audit report by working with Internal Auditor.
• Configuration, UAT & documentation
• Handling team of 4 members in day to day activities.

Confidential

SAP Security Authorizations and GRC Consultant

Responsibilities:

• SAP Security and authorizations implementation as well as support in S4HANA, BW, CRM, BPC and HANA integrated with Hybris and myquotes.
• User and role administration using IDM.
• Implementation and advisory services on ERP products and solutions for GRC AC 12.0.

Confidential

Software Engineer Senior Analyst.

Responsibilities:

• User and Role administration in ECC, BW, CRM, HANA, BS, Portal systems
• Played key Role in implementing/Configuring ARA, ARM, EAM and BRM for GRC AC Suite 10.1.
• Post configuration activity and SPRO configurations.
• MSMP and BRF+ configurations for ARM and EAM Approvals.
• SMTP/E-mail setup using SCOT and troubleshooting (during basis absence).
• Producing GRC reports and analytics as per client requirement.
• Mitigation and remediation of users and roles for SOX using User/Role Risk Analysis.
• Experience in HANA Security administration, with deep understanding in authentication, user/role management, authorization methods, data encryption, audit logging and license management.
• Experienced in implementing Central User Administration (CUA) in SAP ECC, BI 7.0, CRM and Banking systems.
• Redesigning roles to accomplish SOX compliance.
• Setup of Analysis Authorizations using transaction RSECADMIN in BI 7.0
• Configuring Security Audit log.
• Was the Security point contact for all Audit issues based on SOD and assisting External Auditors by providing standard SAP Auditing reports.
• Mass user maintenance and automation using SECATT & LSMW.
• Troubleshoot authorization related issues using SU53, ST01 and STAUTHTRACE.
• Collaborate with other team members and business consultants to gather requirements for role modification/building like authorization objects, activity, field values, SU24 entries etc.
• Managing ticketing tool to resolve the incidents & defects in different kinds of SAP Security modules.
• Staffing and giving KT to new members of the team.

Confidential

Sr. SAP Security and GRC Consultant

Responsibilities:

• User and Role administration in BW, CRM, ECC and GRC systems.
• Building Data access profiles, Tasks profiles and User’s team.
• Building BW analysis authorization as per client requirement.
• Focused on supporting client by providing resolution to GRC10.1 errors/defects, giving KT to clients on GRC10.1, testing, documentation, Ticket resolution adhering to the agreed SLA etc.

Confidential

Sr. Software Engineer - SAP Security

Responsibilities:

• User and Role administration in BPC, BW and CRM systems.
• Building Data access profiles, Tasks profiles and User’s team.
• Building BW analysis authorizations as per client requirement.
• Configuration and Support experience in GRC 10.1 ARA EAM and ARM.

Confidential

Application Developer - SAP Security Consultant

Responsibilities:

• Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP applications security.
• Extensive User and Role maintenance experience.
• Broad experience in maintaining single, composite, and derived roles using Profile Generator (PFCG).
• Working with tables like AGR*, USH*, USR*.
• Very good knowledge of producing and analyzing reports in SAP using SUIM.
• Implementation and support experience in GRC 5.3 RAR, CUP & SPM
• User/role remediation support using VIRSA tool.
• Firefighter ID assignment to business consultant.
• Analyzed the user problems by using SU53, SUIM. Effectively analyzed trace result, tracked missing authorization for user access using ST01 and inserted missing authorizations manually
• LSMW and SECATT usage for mass user/role activity.
• Extensive experience in resolving ticket issues and troubleshooting security authorization problems while adhering to Service Level Agreements (SLA).
• Risk Analysis by simulating the addition of transactions, Roles, or Profiles to a User ID.
• Identify SOD conflicts and propose options and recommendations that lead to implementation of mitigating controls and elimination of risks.
• Collaborate with auditors and business process owners for Security audits for any violations, risks and mitigation recommendations.
• Restricting user access via authorisation object.
• Experienced in adhering to the Change Management Process for transporting roles and maintaining the change documents.
• Auditing - Preparing and Checking monthly, Weekly and Daily report for Critical Tcode access, Parameter change, Critical Table change, SAP ALL & SAP NEW usage, 30/90 Days+ No logon check, locking the users who left the organization and making sure critical Tcodes such as SCC4, SCC9, SCCL, etc are locked, checking developer access key assigned to any dialogue users in production.
• Experienced in providing security authorizations /KT to the client.

Confidential

Associate Software Engineer - SAP Security Analyst

Responsibilities:

• User and Role Administration
• Creating derived and composite roles with proper approvals.
• Role modifications based on proper approvals and business requirement.
• Setting up the profile generator - PFCG
• Mass and single role transport using PFCG.
• Mass Profile generation.
• Assigning authorization groups to users.
• Password resetting and reactivation of users.
• Locking and unlocking Tcodes.
• Mass user maintenance using eCATT
• Mass user Maintenance.
• Analyzed the user problems by using SU53, SUIM.
• Effectively analyzed trace result, tracked missing authorization for user access using ST01 and inserted missing authorizations manually.
• Monitoring the system logs, user overview and workload analysis.
• Monitoring and managing user session.
• Periodical checking daily firefighter ID logs.
• Identifying potential SOD issues before assigning roles to the user.
• Giving fire call access and extending fire call access.
• Extracted all client requested data using SE16 and SUIM.