SAP Security Lead/Architect Resume

SUMMARY:

9+ years of experience as a SAP Security Consultant in various SAP ERP central components, SAP NetWeaver components, SAP Business Suite components, SAP Solution Manager, SAP IS and SAP compliance/SOX
Comprehensive understanding of SAP Security for various modules
Rich technical experience in SAP R/3 Security (ECC), SAP BW, HR, CRM, SRM, APO, BOBJ, HANA, Solman, PI/XI Security.
Experienced with GRC Tool - have experience of working with Firefighter, Compliant User Provisioning (CUP), Compliance Calibrator (CC), Risk-Analysis-Remediation (RAR) components of GRC.
Experience of working independently with Functional & Business users to understand the security requirement.
Responsible for providing customers with Security design, Implementation, Development, Enhancement and Support activities for their SAP applications.
Expertise in managing the security requirement gathering, technical activities and proficiency in coordinating with the clients, enhancing their process operations.
An effective communicator with excellent relationship, management skills and strong analytical, problem solving with organizational abilities.
Experienced in SAP R/3 and Enterprise Portal security.
Implemented and upgraded security in R/3-ECC systems.
Extensive use of SAP Profile Generator(PFCG) to create and maintain authorization data
Design experience implementing single, derived and composite roles
Worked on SAP Check Indicator Defaults and Field values using transaction SU24 to maintain check indicators & specific field values for Transaction codes.
Frequent use of SUIM and Ad-hoc SE16, SQVi reports for analysis.
Assisted with security on various SAP modules like SD/MM/FICO/IS-FSCD/BPC/SRM/SEM/IS RETAIL/APO
Multiple implementations, upgrade, risk management, re-platforming and change management experience.
Considerable SAP security role design strategy knowledge.
Performed basic ABAP code trouble shooting and programming error determination.
Worked with all security related tables (AGR *, USR*).
Developed custom authorization objects (SU21/SU20) based on client’s business needs.
Converting field RESPAREA (Profit Center / Cost Center) into Organization field using SAP standard program PFCG ORGFIELD CREATE
Set up security by INFOAREA, INFOCUBE, ODS, INFOOBJECT, QUERY and WORKBOOKS.
Worked and implemented BI security based on new BI 7.0 analysis authorization concept.
Marked info objects as Authorization Relevant / Non-authorization relevant
Created new analysis authorizations with specific info object access
Configured and built custom roles and authorization objects to restrict data view access.
Limit query access within the B-Ex Analyzer.
Tracing standard and custom reporting authorization objects using ST01, RSECADMIN
Knowledge of BI objects development methodology from a developer standpoint.
Experienced in interacting with BI techno-functional consultants for problem diagnosis.
Upgrade experience from BW 3.5 to BI 7.0.
Limiting the Query access within the BEx Analyzer
Building security for Administrative users using SAP provided templates
Design HR Security roles - General authorization & Structural authorization
Configure HR Security switches using Transaction OOAC
Restrict security access by different info types owned by HR / Payroll
Familiar with PP01, PPOME, PA20, PA30 Transactions for Organization Management (OM) and Personnel Administration (PA)
Set up security roles for different HR modules like BSM, EDM, Recruiting, Benefits, Compensation, Payroll etc.
Running Reports & Batch Jobs for Programs like RHBAUS00, RHBAUS01, RHBAUS02 to keep the structural authorization profile updated
Familiar with the use of critical HR authorization objects like P ORGINCON, PLOG, P PERNR, P ABAP etc.
Knowledge on PII (Personally Identifiable Information) info types and restricting access to them
Running SOD reports and keeping the roles SOD free
Setting up PFCG Security Roles mapped to Business Roles in CRM
Running Trace from backend ABAP system when users accessing the CRM system using Web UI link
Restricting security access to one Business Role per user
Experience of working with Trusted RFC connections with different systems
Design SNP (Supply Network Planning), DP (Demand Planning) & gATP (Global Available to Promise) security roles
Restriction on access at workbook & location level
Converting location into Organization level field using the program PFCG ORGFIELD CREATE
Experience of using BI Security Analysis authorization concept in Demand Planning area
Setting up MDG (Master Data Governance) Security roles for Finance, Customer & Material Management
Restricting access based on Web Dynpro links
Running Trace from backend ABAP system when users accessing the MDG system through Web UI link
Restricting security access at object level
Providing access to Master Data update Transactions only in MDG system and locking them in regular ECC system
Controlling Master Data changes through workflow (Requestor vs Approver Roles)
Setting up Business Object authentication by LDAP / Enterprise
Creating new Groups with specific permissions in BOBJ system
Providing Folder level security in different Groups - Granting permission / Blocking permission
Setting up alias user IDs in BOBJ system to map with HANA system
Creating HANA Security Roles as run time objects
Creating HANA Security Roles as Repository Objects under Package
Granting permissions to HANA privileges like System, Analytic, Package, Schema etc.
Assignment of HANA security roles via SYS REPO user ID
Export / Import of HANA Security package / roles across the systems
Using Solman system as a Change Management Tool for the whole system leandscape - creating new Change Request, work on Correction requests, changing the status, creating transport from solman for all the satellite systems, releasing them, moving changes to production etc. Familiar with CRMD ORDER transaction.
Using Solman system as a Ticketing tool - create / change new Service requests based on user request and keeping all the log of the activities.
Using Solman system as a repository of all Documents. Familiar with SOLAR01 Transaction.
Design Solman Security based on different Job Roles - Requestor, Approver, Change Manager, Release Manager, Developer, Tester, Solman Administrator etc.
Using Solman system as a CUA (Central User Administration) - Configuring CUA and managing the complete user administration of the child systems from CUA. Worked extensively with CUA Transactions like SCUA, SCUL, SCUG etc.
Creating Portal users in Database
Creating Portal groups and map them to portal roles, assigning users to roles
Locking/Unlocking & resetting password of user ids in portal
Familiar with GRC Business Objects Access control v5.3 set up (BOBJ AC 5.3).
Used GRC BO Access control version 5.3 tools RAR (compliance calibrator), SPM (Firefighter) and CUP (Access Enforcer).
Worked with VIRSA 4.0 Rule Set & Mitigation Control set up.
Assisted in Sarbanes Oxley Compliance in SAP System Audit’s and documented significant processes and controls.
Familiar with ITSM Incident & Request Management Tool - creating new tickets, working on them and closing tickets.
Worked with ClearQuest/Remedy Tool - Opening change management requests, changing their status and keep log of all activities.
Managing SharePoint for all project documents - MS word, Excel, Power Point etc.

PROFESSIONAL EXPERIENCE:

Confidential

SAP Security Lead/Architect

Platform: SAP ECC, SCM, CRM, SRM, RPM, BI/BW, BOBJ, HCM, PI/XI, Solman (Documentation & CUA), GRC VIRSA 4.0

Responsibilities:

Design, development and testing of authorization roles in SAP ECC, HCM, Portal, BI, SRM, SCM, RPM, XI, TREX and Solution Manager systems
Design, administration and maintenance of Virsa/GRC Tools including Compliance Calibrator and Firefighter.
Contribute to the architecture of SAP security for multiple Integration projects, Rollouts, Role Redesign and Upgrade projects
Periodic security reviews of the SAP systems to ensure application of relevant security notes and participate in audit and compliance activities.
Work closely with the Business Analysts to design and maintain security roles to ensure that systems across the entire landscape are SOX compliant.
Manage all project documents in SharePoint site and keep them updated. Also keep the approved security documents uploaded into Solman system.
Solve highly technical and complex security problems across the SAP landscapes related to security authorizations.
Recommend strategic improvements, application usage and apply knowledge of the business processes in various functional areas as it relates to overall security requirements.
Protect sensitive business information by securing custom programs, tables and ensuring that security roles are designed, developed and transported in accordance with the company regulations and processes.
Generate reports to gather relevant data and information as per the queries from internal and external auditors.
Configure & maintain the CUA set up in Solman system. Manage user administration from CUA for all child systems and troubleshoot any issues reported.
Maintain the VIRSA 4.0 Rule set in the SAP systems, updating Functions, add new/change the Risk ids, add Mitigating controls, generate & transport of rule sets after modification.
Run SOD risk reports at Role or User level using the VIRSA 4.0 cockpit

Confidential

SAP Security Lead

Platform: SAP ECC, APO, CRM, BI/BW, BOBJ, HANA, MDG, FSCM, PI/XI, Solman, GRC 5.3

Responsibilities:

Requirement gathering, scoping & analysis
High Level solution/design formation and verification of solution with client
Effort estimations, project planning and execution
Managing all phases in the project life cycle - Design, Execution, Testing, UAT, Production delivery
Quality Management and Analysis during all phases in the project life cycle
Manage day to day team activities and provide technical & functional guidance to the team
Understanding the business process of our client and designing their SAP security roles
Manage customer Relationships - Obtain feedback and responsible for customer satisfaction
Designed & developed HANA Security Roles (a HANA Repository Objects) which are transportable across the HANA system landscape
Designed & developed the CRM Security Roles (PFCG) which were mapped to associated Business Roles in Transaction CRMC UI PROFILE of the CRM system
Designed & developed the Supply Network Planning (SNP), Demand Planning (DP) and Global Available to Promise (GATP) Security roles in APO system
Designed & developed the MDG (Master Data Governance) Security Roles for Finance, Customer & Material Management modules
Designed & developed the FSCM (Financial Supply Chain Management) Security Roles for Collection & Dispute Management modules

Confidential

SAP Security Lead

Platform: SAP HR, BI/BW, PI/XI, Solman, GRC 5.3

Responsibilities:

Meeting with the business & IT team to gather the security requirement
Design the HR & Payroll Security Roles for production end users & support center users
Handling the end to end delivery of the security roles build from Development system to Production
Documenting the user requirement specification (URS), functional design specification (FDS)
Coordinating the work between off shore & onsite Team
Addressing audit / compliance questions
Supporting unit testing, integration testing, system testing & user acceptance testing
Keep all project documents up-to-date in SharePoint and provide the exact location of the documents in SharePoint as & when asked by the project management team / auditors.
Providing day to day status update in the project management call
Creating Standard Operating Procedure (SOP) documents
Establishing the support model after go live
Supporting the hyper care issues after the project go live

Confidential

SAP Security Lead

Platform: SAP SCM/APO, ECC, BI/BW, Solution Manager, GRC 5.3

Responsibilities:

Handled the Security activities after Basis upgraded the SAP system from R/3 4.7 to ECC 6.0 - Run SU25, Adjust the Security objects using SU24, generate the profiles of affected Roles and captured them in Transport Request
Coordinated with the APO functional resources to identify the APO transactions to be allocated into functional roles for Demand planning(DP), Global available to promise(gATP) and Supply Network Planning(SNP) APO modules
Made initial SU24 settings for all APO transactions using trace(ST01) and testing of scenarios
Utilized BI/BW analysis authorization concept to restrict Planning book data view by region
Built analysis authorization regional roles for End users using S RS AUTH object
Created derived roles and generated menu and authorization data from parent roles
Identified and maintained organizational level values in the generated derived roles
Secured custom development upload and publish functionality in segmentation module using custom fields and authorization objects
Assisted the ABAP developer in coding the appropriate AUTHORITY-CHECK statements based on the requirements
Co-ordinated with system administrators and GRC-compliance team to connect all APO systems to GRC CUP 5.3 to make them available for users
Build technical project team roles based on Microsoft Role design strategy
Updated the change management and document management tracking tool(VSTF) for all role development activities, changes and bug fixes
Updated the PRGN CUST table and tested the parameters entered in APO systems based on client requirements
Handled security activities for support pack level upgrade in our client’s APO system using Transactions SU25, SU24c etc.

Confidential

SAP Security Consultant

Platform: SAP R/3, BI/BW, Solman, GRC 5.3

Responsibilities:

Direct interaction with client to address the production security issues with priority
Hyper care support to major project activities during off hours
Use ClearQuest Tool & Solman systems to work on Security Change Requests (end to end process)
Providing daily status update of the Security incidents (tickets) to our client
Handling audit and the following remediation activities
Onsite point of contact for any escalated security issues
Running weekly termination process for our client
Chair the weekly Team meeting with off shore team members
Role and profile management and additions using PFCG
Conducted system trace(ST01) to identify and restrict objects allowing “note” creation in B-Ex web reports
Re-designed BI security as our client’s system got upgraded from BW 3.5 to BI 7.0, created new analysis authorizations
Identified missing authorizations via trace (ST01)
Creation of OSS logins upon request and assigned the required authorization in OSS
Identified critical role assignments to users and deleted role assignments of certain user groups
RFC and ALEREMOTE user password reset
User creation and assignment to composite roles in acceptance for user acceptance testing

Confidential

SAP Security Consultant

Platform: SAP R/3, BW

Responsibilities:

Gathering the security requirement from client by direct / indirect interaction
Designing the R/3 & BW Security roles as per client’s requirement
Reviewing the security design with compliance team
Presenting the change in CAB (Change Advisory Board)
Developing the security roles and performing unit testing
Coordinating the development & testing effort with offshore team
Supporting system testing & user acceptance testing
Updating project documents and getting sign off from compliance team
Supporting go live and hyper care issues

Confidential

SAP Security Consultant

Platform: SAP R/3, BW, APO

Responsibilities:

Handling incidents / tickets raised by the client users for their SAP access
Troubleshooting security authorization issues reported by users
Running monthly SOX control reports and uploading them in SharePoint
Executing adhoc security access reports based on Compliance Team request
Providing supporting documents & evidences during audit
Joining weekly Team meeting calls and providing status update
Working in rotating shift to provide continuous support to our client
Building team spirit and sharing the knowledge among the team members
Mentoring / guiding the new team members joining the offshore tem

We provide IT Staff Augmentation Services!

Client Services

Job Seekers

Visa Sponsorship