- Over 12 + years of IT experience and specialization in SAP GRC and Security Administration. 2 Full life cycle Implementation experience with SAP Security & SAP GRC 12.0,10.1 Implementation in a complex SAP landscape.
- 2 Full life Cycle Implementation of SAP Security/GRC Projects from design Phase to post Implementation. Planning & Blueprinting and Knowledge of SAP Methodology for new Project.
- Strong experience in designing authorization roles for SAP ECC, BW, HR, SRM & E Portal
- Gathering requirements and documenting S/4 HANA Security Strategy and framework.
- Designing and building roles for S/4 HANA (Transactional and MDG) and Fiori Gateway Systems. Building roles for GRC 12.0,10.1, BW/4HANA, HANA DB and various other systems.
- Implementation and configuration of GRC 12.0,10.1 with services for apps included in the ruleset.
- Designing roles for Fiori apps by adding Catalogs and Groups to S/4 HANA roles.
- Activating services for the Fiori apps in /IWFND/MAINT SERVICE.
- Troubleshooting and Identifying the missing OData Services and authorization issues in /IWFND/ERROR LOG and notifying the Basis and Fiori configuration team to activate them.
- Optimizing the User Experience by reducing or removing unwanted groups and tiles within the groups to improve performance.
- Working with Fiori Config team to identify the areas where the inactive apps are generating frontend or backend authorization issues and customizing the catalogs to remove inactive apps.
- Working with business users to identify the issues with Fiori apps and resolving the auth issues.
- Optimizing the performance by removing the unwanted apps that are not enabled from the catalogs and reducing the number of tiles on the home page which reduces the load time there by improving the user experience.
- Providing support and issue resolution in quick turn - around during project implementation.
- Comprehensive knowledge in ITIL best practices coupled with excellent communication skills.
- Experience in documenting monthly audit reports, audit logs, policies, procedures, and other tracking documents to monitor health of the system and project.
- Adept in using Quality Center and apply security best practices for requirements management, test planning, defect reporting, defect tracking and ensuring quality standards.
- Experience in onsite - offshore engagement model, team lead offshore team for project activities and provided training and mentoring the team.
- Enthusiastic and eager to take responsibility and initiative in any given task.
- Self-motivated in handling the work assigned and adhere to SLA deliverables and deadlines.
- Experience working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.
ERP: SAP ECC 5.0/6.0, ECC 6.0 EHP8, SAP BW 3.5/BI 7.0/7.4, GRC 10.0/10.1/12.0 , SAP S/4 HANA, SAP CRM, SAP SRM, SAP SCM, APO, Enterprise Portal, SAP SSO 3.0, Solution Manager 7.2, SAP Fiori, SAP ETD 1.0.
Service Tools: Service Now, Remedy, IBM Tivoli with Lotus Notes.
Database: MS SQL Server 2008 & 2012, Oracle 10,11G, HANA DB
Operating Systems: Windows (Server Edition, Enterprise Edition), UNIX, LINUX (CentOS, RHEL)
Senior Application Analyst
- Part of the GRC 10.1 (subsequent upgrade to GRC 12) green field implementation team as consultant which includes GRC ARA, ARM, BRM & EAM and later absorbed as GRC system administrator and production support.
- Complete user administration like creating, modifying, and deleting, locking, unlocking, and resetting passwords.
- Releasing change requests and importing them into target systems based on approvals from team manager.
- Transported roles between clients within R/3 system and between R/3 systems.
- Regular support pack upgrade.
- Defined user traces and analyzed the trace for missing authorizations.
- Roles & Authorizations - Parent and Child Roles administration
- Experience in User Administration and Role Assignment.
- Performed Mass Profile Generation, User Groups, Profile generator
- SAP H/4 Hana Security Implementation (on going project).
- Regular support pack upgrade.
- S/4 Hana data migration/Conversion.
- Monthly SAP Security Patching.
- SAP Licensing Management for GRC & ECC systems.
- Authorization Tracing and Masking for user authorization.
- SOD Conflict resolution and assigning mitigation control to mitigate SOD conflicts.
- Update SOD rule set per FI Controls requirement to update existing risk ID, adding new actions to function, creating new function ID.
- Subject matter expert and point of contact to Internal and External Auditors. Coordination with IT control & Audit team to meet GITC (General IT Controls) objectives for all SAP modules, and their supporting Databases, within the company’s SAP Landscape.
- IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls.
- SAP notes review for Support Pack upgrade.
- Role Maintenance: Created Generic, Derived and Composite Roles using Profile Generator (PFCG)
- BRF+ Decision table update for approvers related to Access control workflows.
- Perform risk analysis for the end user GRC requests and mitigated the risk based on business owner approval.
- Act as Process Area Owner for AP, GA, AR and GRC and perform Role Review activity
- Maintain BRF+ decision tables for different system approvers.
- Create and maintain MSMP workflows for New account, Change account & all other request types.
- Assist with the daily and monthly reporting of SOD (Segregation of Duties) activities from SAP GRC in support of meeting applicable compliance objectives.
- Mass update of security role approvers for different areas.
- Create and maintain stages, Path Id’s as part of Workflow configuration.
- Create Function id’s and Risk id as per the business requirement
- Perform Action, Role Usage & other synchronization jobs
- Actively involved in EAM configuration.
- Experience in coordinating within team and with other teams. Handled roles related to the team.
- Worked with clients during pre & post-implementation of SAP GRC in identifying and designing control.
- Work with SOX, Audit and Security team to ensure compliance in user provisioning.
Environment: SAP ECC 6.0, SAP BW, SAP GRC (AC 10.1,12), SAP Solution Manager 7.2, SAP CRM, SAP SRM, SAP SCM, SAP APO, SAP PI, Enterprise Portal, SAP S/4 HANA.
Senior Security & GRC Consultant, Advisor
- Well experienced in planning, designing, documenting, and implementing security related standard procedures for the user administration, roles, and profile generation.
- Creating new roles as well as deriving and extending existing roles using PFCG
- Setting up security roles and user accounts for over 1800 End Users for primary Go Live.
- Monitored User maintenance on day-to-day and role maintenance on requirement.
- User Administration and Password Management (Expiry of users and Profiles).
- Maintained Assignment of Authorization Objects (SU24).
- Created custom Authorization Classes and Authorization Objects (SU21).
- Involved in the installation and Configuration SAP GRC Access Control 10.0.
- Identified Segregation of Duty conflicts and propose recommendations that lead to implementation of mitigating controls and elimination of risks.
- Preparing Weekly & Monthly Quality Reports, Progress reports etc for management and client, conducting and coordinating weekly/monthly meetings.
- Creating Mass roles and Users using SECATT scripts.
- Created and maintained the user groups for assigning the roles and performing mass generation of roles.
- Traced and troubleshooting - Identifying the missing authorizations using SU53/ST01 trace and maintaining them in suitable role and SU56 in order to find security problem.
- Troubleshooting performance issues & adjustment of SAP profiles.
- Worked with the Business Process Owners to restrict sensitive transactions and security authorizations and ensured segregation of duties (SOD) over all fields of business areas. Successfully created segregation of duties.
- Successfully transported the generated roles and profiles using SAP transport management system (STMS) and handled normal & mass generation of roles and transport of roles.
- Creating connections from R/3 systems to GRC systems.
- Creating, modifying of functions, risks and business process based on business request.
- Creating Mitigation controls and mitigating users.
- Repository Sync (Roles, Users and Profiles).
- Performed risk analysis at User level and Role level and to mitigate risks for the users using Risk Analysis and Remediation (RAR) tool.
Environment: ECC 6.0, GRC 5.3/10.0
SAP Security & GRC Consultant
- Main responsibility included working closely with the technical and functional leads to create and maintain security roles and policies related discuss status reports to the SAP R/3 systems.
- Handled Security designing roles for modules of SAP R/3 such as FI, MM and PP.
- Used Central User Administration (CUA) to handle User Administration/maintenance activities: setting up USERID’s, assigning roles, resetting password, locking/unlocking users (SU01, SU10, SCUA, SCUL, SCUM)
- Involved in all aspects of SAP security from setting up naming conventions for roles, profiles, and test ids, while working closely with various functional teams to collect role requirements.
- Worked on Authorization objects, Activities/values/authorization groups, Roles, Role derivations, Activity groups, Composite Activity groups and User id assignments.
- Administered entire CUA landscape monitoring & improving performance.
- Well analyzed Segregation of Duties (SOD) with in the region of ECC and for provisioning and de-provisioning users using GRC Access Request Management.
- Responsible for creating multiple Composite and Master-Derived roles.
- Excellent understanding of risks involved & risk control recommendations of business processes Administered entire CUA landscape monitoring & improving performance.
- Worked with business to discuss SOD issues and suggested removal violations.
- Transport Management System (TMS): Creating Transport Requests for transporting Roles and transporting the changes from Dev to Quality/Staging to Production systems.
- Authorization checks using transaction SU24 and maintained check indicators for Transaction Codes.
- Firefighter creation/assignment through SPM (Super user Privilege Management) Map Firefighter ID’s to owners and controllers and Assigning firefighter Id to users.
- Worked with Security related tables (AGR* & USR*) and User traces using ST01 and using SU53 for troubleshooting authorization issues.
Environment: ECC 6.0 SAP GRC (AC,10.0) BW 7.0, BW 7.4 on HANA, VIRSA 4.0, Solman 7.1, XI/PI (ABAP and Java stack), HR, SCM, SAP SSO 3.0