We provide IT Staff Augmentation Services!

Sap Security Analyst Resume

4.00/5 (Submit Your Rating)

Hoffman Estates, IL

SUMMARY:

  • Certified SAP Security Consultant with 6+ years of as SAP Security/GRC Consultant and Basis Administrator in Implementation, Upgrade, Rollout and Support projects.
  • Worked on multiple, successful, simultaneous implementation projects - - two full project lifecycles and 4 other short-term engagements encompassing R/3, ECC, HR, BI, SRM, SCM, CRM, XI, APO and GRC.
  • Complete understanding of Internal Control and Standard operating procedures of SAP Security.
  • Good at Security/User Administration, CUA and Authorization objects maintenance, Problem analysis and troubleshooting, ECATT Scripts, Auditing and GRC tools.
  • Excellent analytical and dynamic troubleshooting skills possessing inter-personal abilities and a self-starter with good communication skills and leadership qualities.
  • Experienced in SAP Security with releases from 3.1, 4.6 B to ECC 6.0 including security for SAP GRC, BW/BI, HR, EP,FI/CO, Sol-Man, SCM, SRM, MM, SD, APO, GTS, Single Sign-On (SSO).
  • Created and Used eCATT and LSMW scripts for mass changes in security.
  • Configured, Implemented and Maintained security for Central User Administration (CUA).
  • Implemented access control on security related tables (AGR *, USR *) and sensitive authorization objects (S TABU DIS, S PROGRAM, etc.).
  • Configured and rebuild SOX Compliant security roles based on business requirements.
  • Worked on SAP Governance Risk & Compliance product suite (VIRSA) Risk Analysis & Remediation (RAR) (Compliance Calibrator 5.x), Compliant User Provisioning (CUP) (Access Enforcer 5, 5.x), Enterprise Role Management (ERM) (Role Expert) and Super User Privilege Management (SPM) (Fire Fighter 5.x).
  • Experience in Trouble shooting ECC and BW issues using RSSM, RSSMTRACE and RSECADMIN, ST01, SU53 and ST03.
  • BW/BI--Worked extensively on BI 7.0 Security with management of Analysis Authorizations at Characteristics, Key Figure, and Hierarchy Node Level using T-Code RSECADMIN and secured Info area/Cubes/Objects.
  • Defined Authorization-Relevant InfoObjects using InfoObject Maintenance (RSD1).
  • Good understanding of BI Workbench, DSOs, Cubes and Multi-Cubes, Queries and Reports.
  • HR--Used PA20, PA30, and PA40 to secure HR Master Data including Position level security.
  • Thorough usage of HR Switches and Restricted Infotypes using authorization objects P PLOG, P ORGIN, P PERNR, P ABAP and various other Authorization objects and Extensive knowledge on HR security table.
  • Experience on HR Security, Structural Profiles and Organizational Structures PA, PD, Payroll, Time, ESS and MSS Modules.
  • EP--Design, Develop, Testing of Enterprise Portal User IDs, Roles and iViews, User administration and Content Development.
  • FI/CO--Enterprise Structure, Financial Accounting Global Setting, General Ledger (G/L) Accountings, Accounts Receivables and Payables, Interest Calculation, Dunning, Assets Accounting, Reporting and Closing.
  • Posting and Parking G/L Documents (FB50, FB60, FB70, and FV50/60/70) and restriction by document type by authorization object F BKPF*.
  • Searching SAP Marketplace for SAP notes in order to troubleshoot the problems arising out of daily system administration activities.

PROFESSIONAL EXPERIENCE:

Confidential, Hoffman Estates, IL

SAP Security Analyst

Environment: SAP R/3 ECC 4.6C & ECC 6.0, BI 7.1, HR 6.0, SRM 5.0, SCM 5.0, GRC 5.3, Service Management Tool suite (SMT) 2.3.2, IBM AIX, Linux, Oracle 10.2

Responsibilities:

  • Worked with Business Analysts and Techno Functional Team members to design technical security solutions including table, report, program, and interface security for the production environment.
  • Assist in documenting and maintaining security policies and procedures and all SAP authorizations, profiles and roles on SAP ECC 6.0, Netweaver 7.x, HR/HCM 6.0, BI 7.0, SRM 5.0, SCM 5.0.
  • User Creation/Deletion/Lockdown/Password management for SAP technical and functional consultants in Development, Quality, and Production instances.
  • Follow the established standards and naming conventions dictated as per client’s security schema.
  • Extensively used Profile Generator to design/create and modify IT Single, Composite and Derived role specs and role build up.
  • Develop profiles/roles which including complex design restrictions.
  • Co-ordinate comprehensive testing of all profiles and authorizations to ensure accuracy and Segregation of Duties.
  • Worked with Business Users in placing mitigations for conflicting and critical roles.
  • Schedule the various background jobs to perform the risk analysis based on business unit.
  • Transported the generated roles and profiles using SAP Transport Management System.
  • Mass transport of changes done to development and end user team roles to various instances available.
  • Critical authorization objects such as S TABU DIS, S PROGRAM, and S DEVELOP were restricted and monitored.
  • Worked with security related tables such as AGR TCODES, AGR USER and AGR DEFINE etc.
  • Worked in close coordination with Audit team for user role removal in SAP R/3 and supported audit team in generating audit reports.
  • Regular analysis and monitoring on SAP Security tables and reports using user information system (SUIM).
  • Management of Analysis Authorizations using RSECADMIN.
  • Generated special authorizations with 0BI ALL.
  • Assigned authorizations to role using S RS AUTH authorization object.
  • Day-to-Day troubleshooting user requests and authorization issues using SU53, ST01 and ST03.

Confidential, San Antonio, TX

SAP Security Analyst

Environment: SAP R/3 ECC 6.0, BI 7.1, HR 6.0, GRC 5.3, HP Service Manager 7.11, HP-UX, Oracle 10g

Responsibilities:

  • Created User Id’s for the technical and functional consultants and provided the required access in non-production and production systems.
  • Created Portal accounts for the users and provided required authorizations.
  • Updated Transactions Codes, Functions, Risks, Rules, Rule Matrix in GRC.
  • Utilized the GRC Compliance Calibrator tool to verify requests for business correctness and test for any Segregation of Duties (SOD) conflicts and audit issues.
  • Submitting various audit reports.
  • Mitigate the user id against a particular risk to reduce or minimize the SOD violations.
  • Schedule the various background jobs to perform the risk analysis based on business unit.
  • Transported the generated roles and profiles using SAP Transport Management System.
  • Mass transport of changes done to development and end user team roles to various instances available.
  • Regular analysis and monitoring on SAP Security tables and reports using user information system (SUIM).
  • Used PFUD for reconciliation of user master records and SUPC for profile generation.
  • Day-to-Day troubleshooting user requests and authorization issues using SU53, ST01 and ST03.
  • Worked on BI Authorizations including standard authorization and analysis authorizations.
  • Assigned Analysis Authorization to User or Role to User in BI.7.0.
  • Worked on S RS *, S RSEC and S RS AUTH authorization objects.
  • Implemented support team roles and fire fighter access roles for production and non-production systems for ECC, BI, and PI/XI systems.
  • Configured roles and authorization objects to secure reporting and super users.
  • Built and Maintained roles in BI for Query management and Admin workbench.
  • Worked with Business Explorer and Web Application Designer for integrating reports to web.
  • Creating BW Roles and giving authorizations to Power Users to Publish Reports in Role Menus.
  • Creation of FIREFIGHTER IDs, assigning FIREFIGHTER ID to FIREFIGHTER ID owners, assigning FIREFIGHTER ID to Controllers.
  • Audited Roles and Profiles as per Sarbanes-Oxley (SOX) compliance requirements like Segregation of Duties (SOD) and analyzing Risk Assessment using VIRSA / VRAT.
  • Liaison with SAP system owners in Finance & Control, Materials Management, HR, Sales & Distribution, Supplier relationship Management to draw out business needs and translated them into specifications.
  • Created OSS User Id’s, Developer keys, Registered Objects on Service Marketplace.

Confidential, Skillman, NJ

Sr. SAP Security Administrator

Environment: SAP R/3 4.7EE & ECC 6.0, BI 7.0, HR 6.0, CRM 7.0, EP 7.0, GRC 5.3, Solution Manager 7.0, HP-UX, Oracle 10g

Responsibilities:

  • Used SAP templates for data gathering and buildup of Role Matrices for IT team.
  • Worked on the creation of IT Single and Derived Role Specs and Role build up.
  • Worked with OTC (Order to Cash) team, in building the Role Matrices.
  • Worked with Business experts in placing Mitigations for Conflicting and Critical roles.
  • Worked with Internal Auditors in creation of User and Role Mitigations and uploaded them.
  • Worked on Compliance Calibrator 5.1 tool in processing the SOX requests figuring out the root cause.
  • Configured and defined FF IDs and Firefighters, assignment of FF ID to Owners and Controllers, and logging of all transactions executed during firefighting.
  • Configured and defined the access provisioning approval process by combining roles and permissions with workflow using Access Enforcer tool.
  • Configured the Role Expert Tool to automate the creation and management of Role Definitions.
  • Unit testing the created IT Roles in the Development box.
  • Developed eCATT Scripts for performing mass activities like test user creation, role assignments, assigning users to user groups.
  • Implemented Line Authorizations on transaction codes like OB52 to restrict access to specific records.
  • Converted some authorization fields into Org values using report PFCG ORGFIELD CREATE.
  • Assisted in setting up ALE and configuration of Central User Administration (CUA) system to perform user administration centrally.
  • Migrated existing users from child system to central system and maintained.
  • Created Roles Specific to Indirect Procurement for IBM users.
  • Modified already live production system roles to remove indirect procurement Orgvalues and authorizations.
  • Used GRC tool to check SOD violations for SOX Compliance.
  • Responsible for changing roles for compliance with SOD.
  • Developed mitigation strategies for violation of SOD have to monitor critical usage.
  • Generated Audit Information Systems (AIS), logs (SM19, SM20, SM18).
  • Created custom T Codes using SE93 to restrict access to data as per business needs.
  • Performed reconciliation of user master record and roles using PFUD.
  • Restricted and Maintained Infotypes using authorizations objects like P Orgin, P Orgxx, P Pernr, and T-Codes like PA20, PA30, and PA40.
  • Maintained HR organizational structure to administer and control user access, including time-delimited access (e.g. temporary assignments to positions).
  • BI--Created and maintained BW authorizations on hierarchies (RSSM).
  • Extensively used authorization objects like S RS COMP, S RS COMP1, S RS ODSO, S RS IOBJ to develop and implement new analysis authorization concept.
  • Used RSECADMIN for management and analysis of authorizations and secured Info area/cubes/objects, Good understanding of BI Workbench, ODS/DSOs, Multi-Cubes, Queries and Reports.
  • Extensively worked on SAP BW administration workbench - BW Info objects, Info Cubes.
  • Created/Modified User IDs in Enterprise Portals and connected to Backend SAP Systems, Assigned Roles to Users.
  • Designed, Developed, Test and Implemented Transactional iViews.
  • Extensively supported Enterprise Portal security.

Confidential, Indianapolis, IN

SAP Security Administrator

Environment: SAP R/3 4.6 & ECC 5.0, BW 3.5, BI 7.0, SRM 5.0, HCM Security, HP UNIX, GRC 5.3, Remedy, MSSQL, Windows NT, Oracle

Responsibilities:

  • Supervised Configuration and implementation of SAP Virsa Compliance Calibrator (5.3), Firefighter/Role Expert (5.3), and Access Enforcer Workflow (5.3) applications in accordance with SOX/SOD compliance to deliver a controlled environment for critical transactions.
  • Created manual mitigated audit controls with Segregation of Duties (SOD) in Compliance Calibrator.
  • Worked closely with the integration teams during GRC design phase, identified functional and process gaps where required, recommended and implemented solutions to gaps.
  • Extensively modified, created and maintained Roles, Users, and did Profiles & Authorization Administration using PFCG, SU01/10, etc.
  • Developed eCATT scripts for Mass user creation and maintenance to greatly reduce the duration of security deployment.
  • Implemented access control on Security related tables (*AGR *, USR *) and sensitive authorization objects (S TABU DIS, S PROGRAM, etc.).
  • Role building, Unit, Integration & User Acceptance testing, Production Support and developed on-going security policies and procedures.
  • Created custom T Codes using SE93 to give limited access to required tables, created packages SE21, and executed projects using SPRO.
  • Studied and Corrected the Role structures as a part of pre-upgrade process.
  • Corrected the wrongly implemented Derived role concept to sync parent and child roles.
  • Renamed the roles to follow a fixed naming convention.
  • Upgraded the roles from SAP R/3 4.6C to ECC 5.0 using SU25.
  • Analyzed and prepared reports on Segregation of Duties (SOD) issues.
  • Extensively used SUIM and security related tables such as AGR TCODES, AGR USERS, AGR 1251, AGR 1250, AGR DEFINE etc to generate reports.
  • Analyzed the existing BW security setup and proposed pre-upgrade steps
  • Used Manual Migration (not RSEC MIGRATION) for upgrading BW 3.5 to BI 7.0.
  • Identified root cause of the BI authorization issues using “Analysis” Tab under RSECADMIN Tcode.
  • Identified all the roles with Queries and Infoproviders making use of RSRREPDIR, AGR HIER tables.
  • Unit testing, UAT was performed on the upgraded roles using “Execute as” button under RSECADMIN.
  • Monitoring, Auditing and troubleshooting on the user access related issues was performed using “Generation logs” and Execute as” button under RSECADMIN Tcode.
  • Created Technical specs for SRM. SUS and ROS roles.
  • Desinged the role to position mapping, segregating Transactions into roles with out SOD violation.
  • Mapped the backend and Portal roles for SUS and SRM.
  • Customized Business Package roles for SRM, ROS and SUS to meet the client requirements.
  • Created roles to highlight only specific Tcodes on the portal screen, though having many other Tcodes.
  • Created Separate roles for Shopping cart creation & approval, Web-payment approval, Catalog Management, Customer Assistance, Basis, Security, Workflow Admin, User Org Admin.
  • Updated SU24 for Custom Transactions (Table & Program Specific) to pull in the correct Auth Groups.
  • Segregated Authorization groups so that Admins and Super users get display/ update access to Tables.
  • Created Mass Users using SECATT scripts on Dev/ Test/ Prd/ / Sand Box environments.
  • Assigned users to Org Strucutre using USERS GEN, PPOMA BBP and BBPUSERMAINT.
  • Maintained business partners to positions using BP Tcode.
  • Maintained User Attributes in PPOSA BBP Tcode.
  • Troubleshooted Access issues using ST01, ST05, ST22 and HR Org Structure assignment issues.
  • Maintianed table T77S0 to turn OFF and ON the HR replication form HR system to SRM system.
  • Fixed the portal issues, related to User Personal settings, BBPHELP link and Connection.

Confidential, Appleton, WI

SAP Security Administrator

Environment: SAP R/3 4.7EE, ECC 6.0, BW 3.5, GRC, HPUX, MSSQL, Windows NT, Oracle

Responsibilities:

  • Created of super user ids and providing the required authorizations.
  • Created the roles or changing the existing roles based on the requirement.
  • Experienced with SAP GRC Compliance Calibrator for creating Function ID/ Risk ID, generating rules, evaluating SOD violations.
  • Provided the Missing Authorizations after analyzing the SU53 dump.
  • Running the System Trace (ST01) for authorization checks.
  • Maintained the authorization checks in SU24 for the customized transaction codes.
  • Provided day-to-day support to end-users.
  • Transported the change requests to Test and Production Systems.
  • Applied SNOTE and Support Packs.
  • Created OSS user ids and opened the connections for SAP.
  • Posted the OSS messages to SAP for critical problems.
  • Provided the user information reports to the end markets using SUIM and tables.
  • Set up SAP system for auto log-out, password length and expiration and specifying impermissible passwords.
  • Monitored FAX from SAP through SCOT and RFC connections to external servers.
  • Monitored external servers Right Fax Server and MQ Series Server.
  • Performed security monitoring activities periodically.
  • Provided the access to the BW reports to authorized users by creating/changing the roles.
  • Secured the query access within the BEx Analyzer using authorization objects.
  • Performed User Administration - Creating, Copying, modifying, locking, unlocking and deleting users.
  • Created roles and assigned them to users and groups.
  • Configured the portal for Single Sign On (SSO) using User Id, Password Mapping and SAP Logon ticket.
  • Importing roles from R/3 Component system into Enterprise portal environment and assigning them to users.

Confidential

SAP Security Administrator

Environment: SAP R/3 4.6B, 4.7 EE, GRC, Windows NT, IBM AX, Oracle, MSSQL

Responsibilities:

  • Involved in upgrade from 4.6B to 4.7 EE.
  • Updated the authorization values from tables USOBX C and USOBT C using SU25 transaction steps.
  • Worked as part of remediation team and assist in elimination of Segregation of Duties (SOD) conflicts inherent within the SAP security model.
  • Created composite and single roles as per the requirement.
  • Created derived roles from the master roles for different domains and added to the composite roles.
  • Provided the missing authorizations after analyzing the SU53 dump and system trace (ST01).
  • Assigned the roles to the users after analyzing the requirement and doing the user comparison (PFUD).
  • Provided the HR authorizations with Structural Profiles.
  • Created the positions for the structural authorizations and assigned them to the authorized users.
  • Transported the change requests to Test and Production Systems.
  • Provided the user information reports to the end markets.
  • Helped the users in conducting the Quality Assurance Test for the access provided.

Confidential

SAP Basis Administrator

Environment: SAP R/3 4.6B, 4.6C, GRC, Windows NT, DB2, IBM AX, Oracle

Responsibilities:

  • Created and deleted the users and did the role assignment to the users.
  • Created and changed the roles as per the requirement.
  • Providing the Missing Authorizations after analyzing the SU53 dump.
  • Provided daily Basis support for their R/3 System.
  • Daily system monitoring: system locks, system logs, update failures etc.
  • Analyzed the ABAP dumps and the cancelled background jobs.
  • Configuring the Transport Management System and transporting the transport requests.
  • Worked with table space administration using SAPDBA.
  • Performed Local Client copy.
  • Monitored and scheduled background Jobs.
  • Applied OSS Notes using SNOTE and Support Packs.
  • Created OSS user ids and opened the connections for SAP.
  • Posted the OSS messages to SAP for critical problems.

Confidential

Service Desk

Environment: SAP R/3 3.1, 4.6B, 4.6C, Windows NT, DB2, IBM AX, Oracle

Responsibilities:

  • Created and deleted the users and did the role assignment to the users.
  • Created and changed the roles as per the business requirement.
  • Provided daily Basis support for their R/3 System at Level-I.
  • Daily system monitoring.
  • Analyzed the ABAP dumps and the cancelled background jobs.
  • Configuring the Transport Management System and transporting the transport requests.
  • Applied OSS notes and support packs.
  • Monitored background Jobs.

We'd love your feedback!