SUMMARY

• Over 8+ years of experience as SAP Security and GRC Consultant.
• Extensive User and Role administration experience.
• Worked on BW, SRM, CRM, HR, FI, and Portal Security.
• Worked on Central User Administration (CUA) to manage multiple systems/clients.
• Working experience on GRC 5.3 and GRC 10.0 and 10.1
• Extensive and Hands on Experience in GRC Implementation and upgrade.
• Good understating of SOD / SOX / Security Assessment / SAP Authorization.
• Effectively worked with Cloud computing tool - Success Factors.
• Working experience on HANA.
• Interfaced with audit team to ensure risk-mitigating controls are in place and operating effectively.
• Audit - Process & follow-up on Audit requests every quarter.
• An analytical mind with the ability to think clearly and logically and pay attention to details.
• Contribute to the documentation for the various tasks that we perform for daily monitoring.
• Proficient in Documenting business requirements, unit test results and delivery details as well performing application design activities includes script functional specifications & technical specifications, cut-over activities, Post implementation support.
• Extensive experience inRequirement gathering,Design,Development, andmanaging team to make sure deliver tasks on time.
• Trained new joiners and team members on process, Technology as well helped them to resolve issues.
• Strong Communication and Interpersonal skills with capacity to collaborate with various stakeholders.

TECHNICAL SKILLS

ERP: SAP R/3 4.6C, SAP R/3 4.7EE, ECC 6.0, ECC 7.0

Operating Systems: Windows NT/97/98/2000/XP/2003,2007

Trainings Undergone: SAP Security- HR, BW, Success Factors

Technology: SAP Security

Tools: GRC, Success Factors, MSOffice, HP Quality Center

PROFESSIONAL EXPERIENCE

SAP Security & GRC Tech Lead

Confidential, Irving, Texas

Responsibilities:

• Involved in requirement gathering, documentation, change requests, designing, testing overseeing the development of agreed solutions and implementing new systems to meet the client business needs.
• Negotiating to build a final consensus on a common set of requirements from all clients/stakeholders and defining scope of the project.
• Responsible for user administration like creating and deleting user accounts and managing user accounts based on requirements.
• Fixing all the bugs that arises in production.
• Perform regression testing on the deliverables.
• Preparation of the technical design documents.
• Interaction with the team members to track the progress of tasks.
• Work experience on BI Security.
• Working on Analysis Authorization.
• Maintained info objects by using (rsd1).
• Maintained custom authorization Objects for BW in RSSM.
• Creation ofAnalysis /Hierarchical Authorization by using (RSECADMIN
• Extensively worked with Role Administration, Role development, Role enhancement.
• Involved in a project called Data Privacy. In which all existing roles were renamed with new naming convention according to Whitelist and Non whitelist countries as well users were classified as Non whitelist and Whitelist to restrict personal sensitive data access to Whitelist users only.
• Responsible for ACE switch off and on during patching.
• Extract and provide the list of all QA users having SAML Auth to BASIS.
• Involved in activating persons in BP.
• Developed roles with system wide access without HR data access for SAP OSS users to restrict access to SAP ALL.
• Hands on Experience onHR/HCM Security,Structural Profiles, Organization Structures PA, PD,Payroll,Time, E-Recruiting, OM, PA andESSandMSSModules.
• Working experience of HR Authorization Objects and assigning info types to roles.
• Worked with PA20, PA30 Transactions to check details of a position ID.
• Assigned roles on position (Indirect assignments) using PO13.
• Worked on Authorization Objects P ORGIN, P ABAP, P PERNR, P ORGXX etc.
• Assigned structural profiles to users using the program RHPROFL0
• Maintained authorization profiles using OOSP.
• Worked on Solution Manager, creating CRs and transporting roles from Development --> Quality --> Production.
• Created SECATT scripts for mass role assignment and deletion, User group assignment as well for position role assignment from po13 and to delete role assignment from org unit.
• Created backend roles for portal roles and mapped them.
• Extensively worked on the Basis Security issues, logged in as JIRA and Change Requests (CR). Identified issues during GO-LIVE, provided solutions and got the changes thoroughly tested and signed off.
• Worked closely with functional team to understand and deliver requirement correctly.
• Worked on defects identified in SOSS report which is pulled from Solution Manager system.
• Provided permanent and temporary solutions for identified defects.
• Mitigated identified defects.
• Review of critical and sensitive authorization, implementing improvement to meet audit requirements.
• Worked with Risk and Control team to cleanup sensitive tcode access for 15,000 users.
• Configuration role had 50,000 tcodes in ranges. Updated the role per audit requirements using table TSTC.
• Removed Users ability to Debug (S DEBUG) with update access in Production System.
• Removed Users ability to maintain Client Independent Tables in Production. (S TABU CLI).
• Extensively worked with GRC 10.
• Creating and setting up Firefighter IDs,
• Cleanup of expired firefighter IDs
• Mapping fighter IDs to Owner and controller
• Involved in Implementation of AC10 Access Request Workflow to enhance the company's upgraded GRC10 system with additional functionality.
• Configured MSMP and BRFPlus logic to enable workflow usage as an add-on to the existing design.
• Drafted tested scenarios from Dev and Qa system for future use.
• Upgraded GRC 5.3 to GRC AC 10.0 - SP11 (Emergency Access (EAM), Access Risk Analysis(ARA)
• Created test scripts and documented test objectives.
• Worked with the various Business stakeholders and Audit teams in identifying risks, mitigation controls and approval workflows in consideration with current processes.
• Created mitigation controls for SOD issues and scheduled batch jobs to provide reports to the Management team on a quarterly basis for review.
• Provided reports to the internal and external auditors and created custom audit roles based on audit needs.
• Reviewed critical and sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.
• Customized Rule creation for SOX audit tool SAP GRC RAR for action and permission level SOD violations in roles for various business processes and functions.
• Recommended and created mitigation controls in SAP GRC
• Configured Fire Fighter to capture audit logs and trigger alert
• Review of critical and sensitive authorization, implementing improvement to meet audit requirements
• Involved in end to end Success Factors Performance Management implementation from Authorization prospective.
• Designed Proof Of Concepts (POC) on creating different roles like Manager and Employee roles etc..
• Involved in preparing Role matrix sheet with permissions can be given and cannot be given based on Employee position.
• Involved in Success Factors implementation. Role development testing and go live. Received an outstanding performance award for the same.
• Extensive work experience on Performance Management.
• Managing Proxy Users to access another User's data and Functions.
• Configuring home page and Personalize Instance with various Portlets Company's Logo, Theme Management, and Password policies.
• Creating Adhoc Reports.
• Rating scales, Route Maps, Manage Template and Launch Forms.
• Create Picklist for customer specific data.
• Propagation for specific fields.
• Add Associations and Event Reasons to the Instance.
• Creating rating scale, Route map, Manage template and launch forms.
• Importing and exporting user master data into success factors from HCMS system.
• Coordinated with success factors team to add or remove permissions based on requirement from permission roles.
• Created Target groups and Permission groups and mapped to roles.

SAP Security Analyst

Confidential

Responsibilities:

• Prepare the technical and business process documents for Bug fix, maintenance and development work.
• Responsible for gathering and defining requirements,
• Played SAP Security Team lead role, Assigning tasks to team members and ensuring timely completion of tasks.
• Created users and maintained user master and established security policies and procedures.
• System study of the current landscape, handling SAP security issues in authorizations (thru PFCG) on PRD, DEV and QA servers.
• Major involvement with the Development and function teams in their day-to-day security requirements.
• Troubleshoot R/3 security problem by effectively analyzing trace files using ST01 and authorizations for users (SU53) and tracked missed authorizations for user’s access problems and inserted missing authorizations manually in order to analyze security problem.
• Experience with PA20, PA30 Transactions.
• Mapping of test IDs to existing position ID to test role enhancements.
• Assigned roles on position (Indirect assignments) using PO13.
• Implemented Position Based Security by assigning Roles to Positions in ECC 6.0.
• Assigned users and roles to positions using both PFCG and PPOM OLD
• Implemented Structural Authorizations by Evaluation path method in the Org Structure.
• Worked on Authorization Objects P ORGIN, P ABAP etc.
• Extensively worked in BW & BI for day to day role and User maintenance.
• Created/updated analysis authorizations for query reports (RSECADMIN), and also updated report authorizations derived roles to include such analysis authorizations (S RS AUTH).
• Mass generation and maintenance of users.
• Logging in to the system through Firefighter ID in case of emergency issues to be resolved.
• Weekly report generation.
• Escalating unresolved issues to the next level (if any).
• Security & Authorization Lead.
• Created and modified Single, Composite and Derived Roles using Profile Generator (PFCG) to meet business requirements by making sure users do not get more or less authorizations than needed to perform their task.
• Interacted with audit team to ensure risk-mitigating controls are in place and operating effectively.
• Providing troubleshooting and technical solutions for the issues.
• Prepared new business process document with new changes
• Prepare Approval matrix
• Generate requested controls
• Explaining auditors about business process as well extracted controls.
• Performed risk analysis at User level and Role level and to mitigate risks for the users using Risk Analysis and Remediation (RAR) tool.
• Worked with business process owners to identity Fire fighter ID (FFID) controllers, administrators and Owners and mapped these in SAP GRC SPM 5.3.
• Automated workflow for user maintenance using auto provisioning tool Compliant User Provisioning (CUP).
• Extensively used VIRSA/GRC Access Control Suite to meet the SOX compliance.
• Performed role maintenance using auto provisioning tool Enterprise Role Management (ERM).
• Using Super user Privilege Management (SPM) tool provided Firefighter access required to address critical issues.
• Responsible for GRC Compliance Calibrator, FireFighter and Access enforcer tools.
• Produced SoD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using Virsa/GRC Compliance Calibrator.
• Performing risk analysis using VIRSA Compliance Calibrator for the role assignment to the users and transaction assigning to the roles and suggesting mitigation controls or remediation when required.
• Responsible to run Synchronization jobs by weekly basis for user master data synchronization.
• Involved in SoD remediation project to mitigate role level and user level risks.
• Utilized GRC Compliance Calibrator in identifying Segregation Of Duty (SOD) conflicts.
• Creation of Fire fighter ids and mapping them with user ids, Extended validity of fire fighter ids according to the requirement and on approvals.
• Involved in Firefighter id Cleanup project.
• Generated SOD reports in GRC Compliance Calibrator before and after the mitigation for comparison.

Team Lead - SAP Security & GRC

Confidential

Responsibilities:

• Escalating unresolved issues to the next level (if any).
• Security & Authorization Lead.
• Created and modified Single, Composite and Derived Roles using Profile Generator (PFCG) to meet business requirements by making sure users do not get more or less authorizations than needed to perform their task.
• Interacted with audit team to ensure risk-mitigating controls are in place and operating effectively.
• Providing troubleshooting and technical solutions for the issues.
• Prepared new business process document with new changes
• Prepare Approval matrix
• Generate requested controls
• Explaining auditors about business process as well extracted controls.
• Produced SoD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using Virsa/GRC Compliance Calibrator.
• Performing risk analysis using VIRSA Compliance Calibrator for the role assignment to the users and transaction assigning to the roles and suggesting mitigation controls or remediation when required.

SAP Security Consultant

Confidential

Responsibilities:

• Daily monitoring which includes: Checking all application servers, Work process overview, Background jobs overview, Spool logs, system Tuning, Performance monitoring.
• Client maintenance, Creating Clients, Client Copy, Local Client Copy, Remote Copy, Importing and Exporting Clients.
• Logon load balancing (SMLG).
• Monitoring of Background jobs to recognize various logs like ABAP dumps, Old spool requests etc.
• Creating System Messages to all Users in downtime schedule.
• Creating and maintaining template roles, derived roles, single roles and composite roles using Profile Generator in SAP R/3 systems.
• Created Groups in Portal (EP7) and assigned users to that Groups.
• Analyzing authorization issues and guiding the client with best proposed solutions.
• Document and procedure for all SAP tasks, beginning with creating SAP emergency & OSS ID’s, Security daily task list.
• Creation of Fire fighter ids and mapping them with user ids, Extended validity of fire fighter ids according to the requirement and on approvals.
• Involved in Firefighter id Cleanup.

SAP Security Consultant

Confidential

Responsibilities:

• Handled User problems.
• Extending User validation.
• Maintaining Password Restrictions.
• Assigning Roles to the Users.
• Locking and Unlocking the Users and Delimiting Users.
• Strong knowledge of section 302 and 404 of Sarbanes-Oxley Act (SOX), business processes.
• Creating and maintaining template roles, derived roles, single roles and composite roles using Profile Generator in SAP R/3 systems.
• Assigning Roles to the Users based on the Service Request Approvals.
• Worked on user management like creating Users, Assign Roles, lock, unlock, and password policies etc.