Sap Security And Basis Administrator Resume
NJ
PROFESSIONAL SUMMARY:
- Highly motivated senior SAP Basis, Security and GRC administrator with 7 years of progressive experience in SAP Security Design and Authorization Administration together with hands - on skills in SAP GRC Access Control and SAP Basis Administration.
- Broad understanding of various aspects of Application Security for ERP solutions, both from a technical as well as business process perspective.
- 2 full life cycles implementation experience in design and development of security roles and authorization concepts in AS ABAP, AS Java and HANA database based systems by using industries best security practices.
- Extensive application security experience for SAP ECC modules (FI, CO, SD, MM, HR, PP), BW/BI, CRM, Native and S/4 HANA Fiori based security, Enterprise Portal and BOBJ security.
- SAP HANA database security implementation experience for information views using HANA privileges concepts.
- Experience in implementing S/4 HANA Fiori Security for transactional apps and custom apps.
- Experience in SAP Fiori Rapid Activation and good understanding of show case and cherry picking approaches.
- Experience with CUA, security role re-design and upgrade projects and move teh changes to production in compliance with customers change management procedures (CAB).
- Experience in SAP Basis and Security compliance procedures for internal and external audits, annual user access reviews, system audits, SAP user license audits.
- Hands-on skills in day to day security administration activities such as setting up user accounts, creating security policies, password resets, user management, background job administration, transports, RFC connection setups, troubleshooting user access issues, OSS connection setups in SAP support portal to name a few.
- Experience with Security Optimization Services (SOS), Early Watch Alert reports and SAP Notes.
- Extensive hands-on experience with SAP GRC Access Control configuration and administration for ARM, ARA, EAM and BRM modules.
- Good understanding of end to end SOD Risk Management process.
- Experience with SAP GRC Access Control Rulesets, MSMP workflows, BRF+ rules, running Segregation of Duties (SOD) risks, remediating and mitigating controls, monitoring sensitive access and elevated privileges and perform User Access Reviews (UAR).
- Good understanding of security policies and practices, Sarbanes-Oxley (SOX) compliance principals and ITIL best practices.
- Excellent understanding of SAP security tables, authorizations, critical actions, permissions and profiles.
- Proactively monitor for new and changing SAP security threats and implement remediation plans when necessary.
- Perform database backups, restores and system copy/refresh activities.
- Experience with SAP HANA Database Migration and Upgrade for ECC, BW, CRM and Gateway landscapes.
- Experience in implementing SAP Single Sign-On 3.0 and hands-on with X.509 s, Kerberos, SPNEGO and SNC implementations.
- Hands on in SAP Basis activities such as kernel upgrades, host agent upgrades, ST-PI and ST-A/PI patches, starting and stopping instances, profile parameter maintenance.
- Experience in working with X-Suite, Win Shuttle, Concur, On Base and EDI integrations with SAP systems.
- IBM Sterling B2B Integrator Administration experience for EDI processes with trading partners.
- Experience in using Cyber Security tools such as CyberArk and Imperva Incapsula WAF.
- Hands on experience with ITSM tools such as Service Now, Jira, BMC Remedy and PIER.
- Experience in documenting Basis and Security runbooks, monthly performance reports, policies, procedures, audit logs and write technical documentations.
- Ability to apply best practices for test planning, requirements management, defect reporting and tracking.
- Prepare cutover assessments, baseline estimates and projections of projects using best practices.
- Experienced in using MS Excel (VLOOKUP, HLOOKUP, Pivot tables, Macros), Power point and hands-on in document writing.
- Experience in onsite - offshore engagement model and lead off shore team.
- Enthusiastic and eager to take up ongoing challenges, responsibilities and initiatives in any given task.
- Experience with working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.
TECHNICAL SKILLS:
ERP: SAP ECC 6.0 (up to EHP8), SAP BW 7.4/7.0, SAP CRM, SAP HR, SAP PI Java, Enterprise Portal, BOBJ, Solution Manager 7.1/7.2, S/4 HANA with SAP Fiori, SAP HANA 1.0/2.0.
Compliance: VIRSA 4.0, SAP GRC AC 10.0/10.1, SSO 3.0, SAP ETD 1.0.
EDI: IBM B2B Sterling 5.2 (AS2, X12, SFTP).
Cyber Security: Cyber Ark Privileged Account Security Solutions (EPV & PSM), Imperva Incapsula WAF.
ITSM: Service Now, Jira, BMC Remedy, PIER Tool and HP QC ALM.
Operating Systems: Windows (Server Edition, Enterprise Edition), UNIX, LINUX (Red Hat, CentOS).
Networking: TCP/IP Protocols, SMTP, VPN, LDAP, DNS, DHCP, PUTTY, Ethernet, LAN/WAN.
WORK EXPERIENCE:
Confidential
SAP Security and Basis Administrator
Responsibilities:
- Involved in database migration from SQL server to HANA 2.0 for SAP ECC, BWCRM and Gateway systems.
- Implemented SAP HANA database security for system, object, analytic, package and application privileges.
- Implemented S/4 HANA Fiori security for transactional and custom apps.
- Created catalog and group tiles, activated OData Services, SICF services for central hub deployment model.
- Involved in upgrade project for ECC EHP 5 to EHP 8, CRM, BW and Gateway systems.
- Performed database migration from on premise to AWS cloud for ECC, BW, CRM and GW landscapes.
- Upgraded and updated security roles from ECC EHP 5 to EHP 8 using SU25.
- Collaborated with business users and re-designed teh security roles during upgrade.
- Implemented SAP Fiori security model for central hub deployment.
- Implemented X-Suite, Win Shuttle applications security by integrating with SAP systems.
- Responsible for supporting EDI production landscape.
- Troubleshoot day to day production issues such as AS2 communication errors, EDI compliance errors, Purchase Order outbound or inbound issues, issues, SFTP connection issues with multiple trading partners.
- Responsible for managing different EDI document types such as EDI 850, 855, 856, 861, 867, 997 and several IDOC types in SAP ECC backend system.
- Supported business users in checking and resolving teh errors in SAP ECC and also EDI application.
- Implemented and configured new trading partners for AS2 communications.
- Developed new EDI translation maps based on business requirements.
- Responsible for system administration activities across multiple landscapes such as SAP ECC, CRM, BW on HANA, BOBJ, Enterprise Portal, SAP HANA Cockpit/Studio and Solution Manager.
- Responsible for S/4 HANA based SAP Fiori security for standard and custom Fiori applications.
- Designed, developed or updated new or existing security roles across multiple SAP landscapes including SAP integrated applications such as X-Suite, Win Shuttle, HANA Cockpit, HANA Studio etc.,
- Collaborated with business users from security roles design phase, testing and until production deployment.
- Coordinate user acceptance testing (UAT) for any developmental changes, transport moves and setup test accounts as needed.
- Identify risks and compliance issues by running segregation of duties checks using security weaver and mitigate them as per company policies.
- Continuously monitor for SAP Security Patch day, Onapsis and Xiting articles for vulnerability checks.
- Performed user administration activities such as annual user access reviews (UAR), user licensing audits and user terminations, user inactive account procedures along with evidence collection, testing, reporting and documentation for auditing purposes.
- Create and secure middle ware users, RFC connections, system and communication user accounts.
- Support Emergency access requests and ensure teh key user approvals before granting firefighter access.
- Support incident management like opening OSS connections or maintaining secure area in teh SAP marketplace.
- Follow teh SAP Patch Day and Onapsis every month and apply critical SAP NOTES required for teh systems.
- Perform system administration activities such as transport moves, performance optimizations, starting and stopping servers, application servers patch management (ST-PI, ST-A/PI, Host agent and Kernel), profile parameter maintenance, background jobs administration.
- Demonstrate time management abilities, team work, analytical, problem solving and communication skills.
Environment: SAP ECC 6.0, SAP CRM, SAP BW on HANA, SAP HANA 2.0, Enterprise Portal, SAP Fiori, SAP Solution Manager 7.2, Security Weaver, IBM B2B Sterling Integrator 5.2.
Confidential
SAP Security and GRC Administrator
Responsibilities:
- Performed security impact analysis of existing Retail, Supply Chain and Procurement and Back Office Inventory roles and identified impacted transaction codes, authorization objects and business areas in SAP ECC.
- Prepared role to process owner matrix to track teh analysis and project requirements.
- Served as primary contact point for project related issues, access requests, authorization issues and environment readiness.
- Responsible for managing complex SAP landscape.
- User and Role Administration of all SAP systems in both Production and Project landscapes.
- Troubleshoot and resolve end user login issues, IDOO/Biller Direct issues, authorization issues, portal issues, BW issues and other access related issues within SLA.
- Developed security roles including single, composite and derived roles.
- Provide detail reports on Segregation of Duties (SoD) and critical access violations at both user and role level.
- Scheduling background jobs, perform MSMP workflow updates, role and user level risk analysis, mitigation of risks and roles, FFID access updates using SAP GRC Access Control 10.1.
- Supported me Phone 8 and X Launch from pre-order phase to national launch phase.
Environment: SAP ECC 6.0, SAP BW, SAP GRC (AC 10.1), SAP Solution Manager 7.2, SAP CRM, SAP SRM, SAP SCM, SAP OER, SAP APO, SAP PI, Enterprise Portal, SAP S/4 HANA.
Confidential
SAP Security Administrator
Responsibilities:
- Co-ordinated with project team, SAP functional team, SAP testing team and stakeholders at different phases of project.
- Involved in SAP Single Sign on 3.0 (SSO) implementation and performed analysis of teh security solutions.
- Assess functional enhancements and make recommendations per SAP security and compliance best practices and translate functional specifications into technical design for SAP Security.
- Documented Security test case scenarios for SSO implementation and performed end to end testing at both application and network level.
- Identified defects and observations during testing of SSO functionality and monitored teh progress of defects from time to time in HPQC (ALM) tool and collaborated with basis team on teh issues.
- Collaborated with development teams for custom security and performed traces, authorization checks, role build, role changes, test id’s setup etc. during build and testing phases of teh project.
- Analyzed SAP Enterprise Threat Detection 1.0 (ETD) tool functionality, CyberArk tool components (EPV, PSM IAM) and Incapsula WAF Security tool.
- Run SOD analysis checks using GRC and update teh configuration as and when needed.
- Documented architecture, technical design, security test case executions and HANA integration analysis.
- Co-ordinated with Basis team during configuration of SECM logs in ETD for both application and leveraging database logs from SIEM enforcing with organizational security policies.
- Analyzed all HTTP/HTTPS URL’s and monitored traffic through Incapsula WAF.
- Performed network related commands such as PING, TRACERT, TRACEROUTE, NETSTAT, NSLOOKUP, IPCONFIG, WHOIS, SSH, NGREP for windows and UNIX systems.
- Analyzed threats such as SQL Injection, Cross Site Scripting, Remote File Inclusions, DDoS attacks using Incapsula WAF tool.
Environment: SAP ECC 6.0, SAP CRM, SAP APO, SAP GRC (AC 10.1), SAP SSO 3.0, SAP S/4 HANA, SAP ETD 1.0, CyberArk, Incapsula WAF, HP QC (ALM).
Confidential
SAP Security and GRC Administrator
Responsibilities:
- Daily tasks include user account maintenance, Info Types maintenance in PA20, troubleshoot RFC connection issues, ESS, MSS and user authorization issues to name a few.
- Created custom parameter transaction codes in restricting teh roles for table access maintenance (SM30).
- Adept in using AGR*, USR*, PA*, HRP* and security related tables for different reporting and analyzing purposes.
- Created mass users and roles using SECATT scripts.
- Worked closely with Basis team and application support team during HR Support-packs (HRSP) along with UAT on new security enhancements from teh support packs.
- Helped team for French translations of all teh roles in multiple landscapes.
- Worked on ChaRM Lite in SolMan for transports and includes dual landscape maintenance for teh change requests and performing retrofits and solving any transport issues.
- Analyzed Security in SolMan around Change Control Management which includes change management work centers (SM WORKCENTER), CTS, Quality gate management and Change request management (ChaRM).
- Implemented PI Java Security and created new UME groups, new roles, creating users, assigning groups to users, troubleshoot and trace various authorization issues using diagtool provided by SAP.
Environment: ECC 6.0, BW 7.0, BW 7.4 on HANA, VIRSA 4.0, SolMan 7.1, XI/PI (ABAP and Java stack), HR, SCM, Fiori.
Confidential, NJ
SAP Security and GRC Analyst
Responsibilities:
- Undergone on GRC 10.0 AC tools - RAR/ARA (Access Risk Analysis), SPM/EAM (Emergency Access Management), CUP/ARM (Access Request Management), ERM/BRM (Business Role Management) modules.
- Configured teh components ARA, ARM, BRM and EAM during GRC Access Control 10.0 .
- Comprehensive knowledge of configuring and customizing teh Multi-Stage Multi-Path (MSMP) workflows and mapping teh BRF Plus rules in teh workflow.
- Setting up Fire Fighter (FF) for Super User privileges like maintaining Owners, Controllers and Fire Fighter Access to users.
Confidential
SAP Security Analyst
Responsibilities:
- SAP Security administration and maintenance
- Configuration & testing of SAP Security Roles
- Creating/ maintaining teh ORG fields in authorization objects
- Adequately securing programs, transactions and tables
- Role download/ upload, mass generation/ mass transport and mass assignments of roles/ users
- Mapping of missed authorization object in T-codes.
- Mapping of T-code with reports and programs.
- Monitoring Central User Administration (CUA).
- Maintaining (Create, Delete, Change, Copy) SINGLE, COMPOSITE and DERIVE Role in Customer Namespace.
- Locking critical transactions using SM01.
- Assigning HR ESS/MSS access to teh user as per requirement.
- Analyzing SU53 screen shots to debug authorization problems and perform ST01 traces.
Environment: ECC 6.0, BW 3.5, HR.
