SUMMARY

• IT professional with overall 8+ Years of SAP GRC & Security Consulting in all multiple Global client environment.
• Skilled in leading SAP responsible for SAP GRC10.0, 10.1 and 12.0, SAP R/3 Security, SAP BW/BI Security, SAP S4 HANA & FIORI Security.
• Experienced in working for Implementation, Go - Live, Post Go-Live, and Production Support activities.
• Following change management process for smooth transitioning the change in production.
• Defining governance structure, best practices for implementation & project support and documentation.
• Providing training to new team members and fresh recruits to take up responsibilities and inculcating strong focus on compliance of policies, regulations and internal controls.

TECHNICAL SKILLS

• GRC Access Control AC 10.1 and 12.0 Design
• Implementation, Testing & Support.
• SAP R/3, ECC Security.
• SAP BW/BI Security.
• SAP S4 HANA and FIORI Support

PROFESSIONAL EXPERIENCE

Confidential

Sr. Consultant (SAP GRC)

Platform - SAP Security and GRC 12.0 (ARM/EAM/ARA/BRM), HANA and Fiori

Responsibilities:

• SAP user administration and Role administration in S4/Hana systems
• Role creation and authorization changes at role level and T-code level in S4/Hanna Systems
• Authorization issue troubleshooting and trace analysis respective to single and multiple servers.
• Transport management using charm process.
• Mass org level update of roles and mass authorization update of roles using PFCGMASSVAL.
• Java portal user administration, role and group administration.
• Cleanup critical profiles from users on weekly basis and Terminate SAP Inactive user accounts
• FIORI / UI5 Gateway role design to include Catalogs, Groups and ODATA for FIORI Launchpad. Inclusion of Transactional apps, Fact sheets and Analytical apps in FIORI Roles. Backend role design to include T-Code, ODATA, Webdynpro with Authorizations.
• Trace error log analysis using /IWFND/ERROR LOG for missing Services and Backend authorizations.
• New user creation with enterprise authentication.
• Enterprise group creation, access provisioning and maintaining authentication hierarchy.
• New folder structure security setup and custom access levels creation.
• BOBJ SAP Authentication setup.
• Scheduling Windows AD authentication job and troubleshooting sync error.
• HANA Studio user creation and access provisioning.
• Repository role creation in HANA editor and Catalog role creation.
• HANA IDP mapping and SAML maintenance to user.
• User specific trace configuration and authorization issue troubleshooting.
• HANA user creation and access provisioning using SQL Commands.
• HANA role design to include user access restriction at Table, View and Schema level using Analytic privileges. Design of Repository and Catalog roles in HANA studio.
• DB/ User trace using HANA Studio to find the missing access for user and provision access.
• GRC Access control with connector configuration and setup of connected systems.
• Rule sets, Function and Risks creation and maintenance according to business requirement and risk analysis.
• SOD analysis, Mitigation, Owner, Controller creation/ assignment, Risk/ Function creation in GRC Access Risk Analysis.
• Role import in GRC from connected systems using standard template and individual import formats.
• Firefighter access management and user mapping along with owner mapping details.
• MSMP workflow configuration
• IBP user creation and role assignment.
• IBP role creation from default template and custom role build.
• Master data maintenance including Attribute creation and Permission Filter creation.
• Catalog addition, template addition, key figure addition and operator addition to role.
• Ariba user administration, role administration and audit check for access assignments.

Confidential

Sr. Consultant (SAP GRC)

Platform - SAP GRC 10.1/12.0 (ARM/EAM/ARA/BRM), HANA and Fiori

Responsibilities:

• Working on SAP GRC/Security (S4,BI,FIORI) Support and Maintenance
• GRC Access control with connector configuration and setup of connected systems.
• Rule sets, Function and Risks creation and maintenance according to business requirement and risk analysis.
• SOD analysis, Mitigation, Owner, Controller creation/ assignment, Risk/ Function creation in GRC Access Risk Analysis.
• Role import in GRC from connected systems using standard template and individual import formats.
• Firefighter access management and user mapping along with owner mapping details.
• MSMP workflow configuration
• Working on Password self-service customization
• Mitigation controls setup
• Business Role methodology Configuration
• Master and derived role creation and mapping to Business Roles
• End to End BI Analysis authorization setup and role creation
• HANA Studio user creation and access provisioning.
• User specific trace configuration and authorization issue troubleshooting.
• HANA role design to include user access restriction at Table, View and Schema level using Analytic privileges. Design of Repository and Catalog roles in HANA studio.
• SAP user administration and Role administration in S4/Hana systems
• Role creation and authorization changes at role level and T-code level in S4/Hanna Systems
• Authorization issue troubleshooting and trace analysis respective to single and multiple servers.
• Transport management using charm process.
• Mass org level update of roles and mass authorization update of roles using PFCGMASSVAL.
• Java portal user administration, role and group administration.
• Cleanup critical profiles from users on weekly basis and Terminate SAP Inactive user accounts
• FIORI / UI5 Gateway role design to include Catalogs, Groups and ODATA for FIORI Launchpad. Inclusion of Transactional apps, Fact sheets and Analytical apps in FIORI Roles. Backend role design to include T-Code, ODATA, Webdynpro with Authorizations.
• Trace error log analysis using /IWFND/ERROR LOG for missing Services and Backend authorizations.

Confidential

Consultant (SAP GRC)

Platform - SAP GRC 10.1 (ARM/EAM/ARA/BRM)/SOLMAN

Responsibilities:

• Implementation and maintenance Experience on GRC 10.1 Access Control
• Configuration activities of all the 4 processes in GRC AC 10.1
• GRC Post Installation activities -
• Activating Applications, SICF Services, BC Sets.
• Common Configuration Activities - All the connection activities, Parameters, Creating Owners & Sync Jobs.
• Activate Common Workflow.
• Analysis on the Firefighter ID’s requirement and the designed the Fire fighters accordingly
• Maintained Owners and Controllers in Central Owner Maintenance.
• Assigning Owners to Firefighter IDs
• Assigning Controllers to Firefighter IDs
• Configured the FFID L0g review workflow in MSMP.
• Connector configurations for the clients connected to GRC Access Control
• Create, maintain, and manage Rule Sets/Functions and Risks used to generate Rules.
• Created the mitigation controls to reduce or minimize the SOD violations.
• Performed the mapping of mitigation controls to the risks of respective users in ARA.
• After performing the risk analysis based on Single role, Comp role, Role and users provided the remediation plan to remediate the risks.
• Customization of rule set and created around 40 customized rules based on business needs.
• SMP Process IDs to ARM Requests, customization of request screens, Template management.
• SPRO Customizations for ARM.
• Define Number range for Access request and activate.
• Maintain provisioning settings
• Perform Automatic workflow and task specific Customizing
• MSMP design process using BRF+ Decision Tables.
• BRF+ Rules design and development
• Maintained the notification templates as required by the business.
• SPRO Customizations for BRM
• Create the Role Methodology steps for Business Roles.
• Role imports from the connected systems using the standard template
• Working of SAP roles and authorization and User Management Process for Role Maintained through GRC BRM.
• FIORI / UI5 Gateway role design to include Catalogs, Groups and ODATA for FIORI Launchpad. Inclusion of Transactional apps, Fact sheets and Analytical apps in FIORI Roles. Backend role design to include T Code, ODATA, Webdynpro with Authorizations.
• Trace error log analysis using /IWFND/ERROR LOG for missing Services and Backend authorizations.
• HANA role design to include user access restriction at Table, View and Schema level using Analytic privileges. Design of Repository and Catalog roles in HANA studio.
• DB/ User trace using HANA Studio to find the missing access for user and provision access.
• Provide Firefighter access through GRC Access Request and maintain Firefighter Owner/ Controller, Risk Owner.
• Analysis authorization design in BW roles to restrict at Info object and Key figures. Restriction of Business Objects Folder through BW roles.
• Mandate authority check for Custom transactions at program level and make relevant changes in SU24.

Confidential

Consultant (SAP GRC)

Platform - SAP GRC 10.1 (ARA, EAM and ARM) & SAP ECC 6.0

Responsibilities:

• Uploading the FF Log report, of the GRC ARM Review Requests.
• Scheduling of Background Sync jobs and other generic jobs for the business in GRC system.
• GRC ARA-performing the risk analysis based on Single role, Comp role, Biz. Role and users provided the remediation plan to remediate the risks.
• Creating the GRC Risk ID Mitigation
• Customization of GRC rule set and created around 4 customized rules based on business needs.
• MSMP Design and implementation of GRC AC workflows involving user creation, change, lock/unlock, termination.
• GRC BRF+ Rules design as per the business requirement and development.
• Maintained MSMP Paths and Stages for each path and notification and stage task settings.
• SOX Audit report monthly and Quarterly): Inactive SAP users(90 & 180), User mitigation activity, User Group activity, Review of locked super user accounts, Review of store users, Review of service desk users, Review of Users created by Basis, List of basis and security users and many more.
• Extensively used SU53 and SUIM to assign the missing authorizations to the users. Tracing missing authorizations objects using SU53 and recommended appropriate roles for the end users.
• Created user groups with help of SUGR and assigning user groups to users.
• Managed administrative issues related to creation, modification of roles, role transporting
• Involved in maintenance of single, composite and derived roles using Profile generator
• Managed table access to users with help of S TABU DIS authorization object

Confidential

Consultant (SAP Security &Portal Admin)

Platform - SAP GRC 10.0, 10.1 (ARA, EAM), SAP Security ECC 6.0, and Portal 7.0

Responsibilities:

• In GRC -ARA-Risk Analysis and Remediation, performed User & Role analysis to identify existing SOD Violations Risk.
• Working with profile generator (PFCG) in creating Single roles, composite roles and derived roles.
• Resolved users missing authorization issues with help of SU53 and ST01.
• Create Test Ids, assign roles to the user ids give it to end-users for UAT Results
• Create the single/Master/Derived/Composite Roles in Development system and move it from Development to Production
• Creating Portal view’s, roles and pages work sets and assigned to users.
• Change Sap Portal Logon page customization.
• Configured SSO between Enterprise Portal & SAP CRM, SAP R/3 and Implemented Single Sign On using SAP Logon Tickets & User name password
• Configured RFC connection between the systems in a landscape.
• User and role mapping from portal to backend system.
• User administration modifying, and deleting, locking, unlocking and resetting passwords in portal.