SUMMARY

• 7 years of SAP experience including SAP Security Implementation & Administration, GRC, Risk Remediation and Management, User Provisioning, Role Management, ABAP Development, Basis support.
• Involved in 4 full life cycle implementations, Re - Design and production support in mySAP ERP ECC 7.0, 6.0, SAP R/3 4.7, 4.6C, Net weaver (ABAP and Java Stack) lifecycles from Design phase to Post-implementation phase on different projects.
• Strong experience at designing security for SAP R/3 Modules SD, MM, FI/CO, ISCD, PP, HR/HCM, BW/BI7.0, SRM7.0/Enterprise Buyer/EBP, CRM 7.0, XI/PI, EP 7.0, Solution Manager 7.1
• Comprehensive experience at maintaining, formulating Security Policies and Procedures, User maintenance (SU01, SU10), Role maintenance using Profile Generator (PFCG), Security TCodes and Security redesign strategy.
• Troubleshoot user roles, tracing teh users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving teh issue by giving required authorizations (SUIM, SU53, RSECADMIN, ST01 and ST22) in different modules.
• Strong Experience and knowledge of Security procedures for User administration and Central user administration (CUA).
• Experience at mass user creation and maintenance and using Computer Aided Test Tool (CATT/eCATT) scripts.
• Experience wif Role Design and Modification as per SOX and SOD security requirements and compliancy.
• Experience in security configuration supporting Portal
• Experience wif GRC Access Control(5.3, 10.0) - Risk Analysis and Remediation (Compliance Calibrator), Compliant User Provisioning (Access Enforcer), Super user Privilege Management (Fire Fighter), Enterprise Role Management (Role Expert).
• Expertise wif teh BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting teh reporting problems.
• Strong experience in implementing and working wif security wif SAP HR module including Structural Authorizations, ESS & MSS and Position Based Security and Context Sensitive authorizations.
• Extensively worked on CRM Security. Set up Web UI Security using Business Roles. Created Business Partners and assigned in Org Structure using BP, PPOMA CRM.
• Experience wif Portal Security, User Management, Development of Portal Roles, Single Sign On (SSO), Identity Management (IDM) and Security Weaver.
• Worked on Upgrade projects from R/3 4.6C to ECC 6.0 and BW 3.0 to BI 7.0 including upgrade & post-upgrade steps, assessment of authorizations and redesign.
• Strategizing and implementation of SAP Security models, processes and procedures adhering to SAP Best Practices.
• SAP BASIS Administration functions such as Transports, OSS notes, system monitoring etc.
• Worked as an onsite-offshore coordinator/team lead and able to work independently and as well as in a team environment wif multiple projects/tasks.
• Extensive experience in interacting wif business/process team for data and information gathering, integration and UAT process and sign off process.
• Excellent communication, problem solving, analytical, leadership and inter-personal skills.

TECHNICAL SKILLS

SAP Versions: SAP 4.0x/4.6C/4.7, ECC6.0/7.0, Netweaver 7.0.

SAP Modules: SD, MM,PP, PM, PS,FICO,QM, HR/HCM, BW 3x/BI 7.0, XI/PI, EP7.0CRM7.0, SRM7.0/SNC 7.0,Enterprise Buyer/EBP, SSO, LDAP, Solution ManagerSAP Identity Management 7.x, Active Directory, Basis.

GRC Risk: Analysis and Remediation (Compliance Calibrator), Enterprise Role Management

Provisioning: (Access Enforcer) Process control V 2.0 to 10.0

Databases: ORACLE 9i/10g/11g,My SQL,MS-AccessOperating Systems Windows NT/98/2000/XP/7,WINDOWS SERVER 2K/2K3 AIX 6.1,7.1,LINUX 7.2

Tools: GRC 5.3,10.0,VRAT,VIRSA CC,FF,APPROVA,SW,QTP,Remedy,HP Quality Center,FrontPage And MS-OFFICE

Scripting: CATT,ECATT,LSMW,QTP,UNIX SHELL SCRIPT, Java,PHP

PROFESSIONAL EXPERIENCE

Confidential, Atlanta,GA

Sr. SAP Security/GRC Consultant

Responsibilities:

• Teh scope of teh project was to redesign teh security for SAP ECC7.0, FI-CO, HCM, BI modules.
• Designed, Developed and maintained Single roles, Composite roles, Master and Derived roles and Secured roles by Organizational levels for different SAP Modules - FICO,HR/HCM, BI 7.0, PI and Enterprise Portal7.0.
• Involved in Blueprint and Redesign existing security roles to maintain SOX Compliance.
• Worked wif business to redesign teh roles wifout any SOD risks in roles and defined roles based on different business functions in compliance wif SOX.
• Prepared RBE (Reverse Business Engineering) data and prepared various reports showing usage analysis of transactions, programs by different business users-Very critical for role-redesign.
• Extensively worked wif Profile Generator Tool (PFCG) to design teh roles.
• Worked on SAP Check Indicator Defaults and Field values, reduced teh scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes as recommended by SAP best practices.
• Extensively worked wif teh ST01 tracing and analyzing teh trace records for teh user in teh process of trouble shooting.
• Created business partners in Solution manager usgin transaction BP GEN
• Make sure dat teh authorization groups for all teh required tables has been maintained in TDDAT table using SE54 transaction.
• Transported teh generated roles and profiles using SAP transport management system.
• Implemented HR security and provided production support on HR security and structural authorizations (MSS)
• Extensively worked wif teh SUIM tool everyday in teh process of monitoring teh system.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles.
• Exclusively worked on BI Objects by restricting teh access for Reporting and Power Users.
• Made teh info objects authorization relevant and created analysis authorizations to provide security on Hierarchies and Info Objects.
• Implemented BI Security wif management of Analysis Authorizations at Characteristics, Key Figure and Hierarchy Node Level using Transaction RSECADMIN.
• Worked on BEx analyzer using transaction RRMX and restricting teh users to see teh queries using S RS COMP and S RS COMP1.
• Designed, Developed and Tested ESS/MSS roles in conjunction wif Enterprise Portal.
• Developed and maintained T& E User and T&E Surrogate roles to submit expense reports for self and others in department.
• Redesign GRC Rule-set, Identified new risks, functions and removed false positives in GRC rule set.
• Worked wif business to build custom GRC rule sets for SAP Insurance Landscape (not provided by SAP standard rule sets).
• Based on our company’s SOD Risk Matrix, all teh roles has been done SOD checks at both role level and user level using GRC RAR and also implemented mitigation controls.
• Designed, documented and implemented teh GRC Stay Clean procedures such as Rule set change, User and Role Creation and Change process and other SAP Security Processes.
• Schedule background jobs in GRC RAR for time to time data synchronizations, Rule generations
• Actively involved in designing RAR Rule Architect,mitigating controls..
• Maintaining CUP workflow and assigning FireFighter ids in SAP
• Created Mitigation Controls and assigned it to users as part of company procedures.
• Extensively used Emergency Repair tool(ER) to provide access to teh users.
• Closely worked wif teh Internal Auditors while doing teh System Audit and implemented teh recommendations advised.
• Performed quarterly SAP Security self assessment Audit and coordinated wif external auditors for resolution of audit issues.
• Defined and documented SAP Security Standards and Operational and Administrative processes.
• Primarily responsible for teh pre and post system refresh steps for Security processes.
• Assisted teh testing group users in their security issues, at various stages of teh project.
• Extensively worked on production tickets and requests, second and third level support, fixing end user Roles/Profiles based on change requests created for breaks/fixes.

Confidential, Neenah,WI

Sr.Sap Security Analyst

Responsibilities: -

• SAP Security Support for teh below SAP Systems - SAP ECC, BW/BI, CRM, XI, SRM,SCM, Portal, HCM,CUA, GRC.
• User management in non production systems.
• Worked on setting up cutover roles; cutover users; access to cutover users; supported cutover activities.
• Working on creation and implementation of security roles and also production support, handling day to day tickets through service now.
• User provisioning in production systems via GRC / IdM workflows
• Locking/unlocking /password resets of users across teh landscape
• Use of CUA for management of users.
• Roles/profiles management across teh landscapes Unit testing of roles
• Following CHARM Process in Solution Manager 7.1
• for teh movement of roles and related changes across teh landscape.
• Tracking of incident/service ticket in solution manager and fixing teh problem
• Monitoring of systems for proper usage of emergency access and firefighters
• Monitoring of systems to ensure compliance of systems as per enterprise requirement
• Worked on halping users wif putting in idM request for new/additional access; providing status on idM requests;
• Working on role changes and makes sure they are wifin security standards and policies.
• Worked wif functional teams for gathering information required for building roles in MM, PP, FI, CO, HR modules and experienced in creating and releasing transports wif new roles and role modifications.
• Role based, design, change, test in all SAP Systems and all environments
• Lock/unlock SAP Users Execute Monitoring Reports
• Adhere to teh change management process
• SAP Security support for teh Support upgrades, refreshes, cut-over, regression testing when needed and integrations.

Confidential, Newyork,Newyork

Sr. SAP Security/GRC Consultant

Responsibilities:

• Responsible for developing,testing,documenting and implementing security policies,procedures and methodologies across all environments in SAP
• Reviewed and analysis roles and conflict using GRC to find out conflicts. Running queries in GRC to find out users and T-codes valuation.
• Performing risk analysis for teh transaction codes in GRC 5.3 using RAR and looking for any SOD conflicts
• Performed mitigation at teh user level by applying mitigation control id. Analysis of teh roles in Compliance Calibrator by simulation for remediation.
• Updated teh rules by creating new risk id for conflicting functions and transported through teh landscape of GRC RAR.
• Extensively worked wif Profile Generator Tool (PFCG) to design teh roles.
• User administration (SU01, SU10, CUA and Solution Manager): setting up UserIDs, assigning roles, resetting password locking/unlocking users, creation of Multiple R/3 User IDs using eCATT.
• Creation of Authorization Groups to restrict teh R/3 table access and program access and review and correction of sensitive authorizations (S TABU DIS, S USER TCD), including assignment of authorization for sensitive tables.
• Troubleshoot user roles, tracing teh users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving teh issue by giving required authorizations (SUIM, SU53, RSECADMIN, ST01) in different modules.
• Used transaction RSECADMIN for creating analysis authorizations and S RS AUTH for assigning authorizations for BI query end user roles.
• Made teh info objects authorization relevant and created analysis authorizations to provide security on Hierarchies and Info Objects.
• Worked on BEx analyzer using transaction RRMX and restricting teh users to see teh queries using S RS COMP and S RS COMP1.
• Set up structural authorizations for HR module which involved activating, creating and assigning structural authorization.
• Extensively worked wif teh P PERNR, P ORGIN, P ORGINCON and P ORGXXCON objects in designing teh HCM Roles.
• Designed roles for CRM enterprise sales and services by restricting users on Sales, Presales and Billing transactions.
• Created Ebuyer and assigned teh users to Organizational Unit (Users Gen) and validate to appropriate Spending and Approval Limits in teh user roles.
• Created Test IDs and attach appropriate Business Role, support Testing team and also performed Unit Testing, Integration testing on created roles using Test Director Tool.
• Used Compliance Calibrator (Risk Analysis and Remediation) to automate all SOD related activities like defining SOD conflicts, monitoring SOD conflicts, prevention of SOD conflicts and mitigating controls.
• Worked on Virsa Fire Fighter (FF) for Technical, Functional, and Audit team and implemented fire fighter to capture every action of users.

Confidential, Skillman,New jersey

Sr. SAP Security Consultant

Responsibilities:

• As a SAP Security Consultant working for teh implementation project, performed administration activities such as setting up user login ID’s, designing Roles, Authorization Objects, Profile Generator, User Tracing and Troubleshooting.
• Worked extensively wif teh ECC 6.0, HR, BI 7.0, EP, SEM, ESS/MSS and SIM Environments.
• Extensively involved in Re-designing teh SAP Security for ECC system. Designed teh Role based security for teh users by knocking out Task based security.
• Extensively worked wif Profile Generator Tool (PFCG) to design teh roles.
• Involved in Complete full life cycle implementation of Redesigning teh Security from requirements gathering to after Go-live support.
• Performed User Administration using Central user administration (CUA) to create and maintain all user master data across teh multiple systems landscape
• Designed custom roles for end users, process and technical teams (Basis, Configurations, Developers and Security) in teh sandbox, development, quality, training and production environments for all SAP modules.
• Responsible for day to day technical support and resolution of security issues, trouble shooting R/3 security problems.
• Extensively worked wif teh SUIM tool everyday in teh process of monitoring teh system.
• Extensively worked wif teh ST01 tracing and analyzing teh trace records for teh user in teh process of trouble shooting.
• Extensively worked wif teh PLOG, P ABAP, P PERNR, P ORGIN and P ORGINCON objects in designing teh HCM Roles.
• Did teh defect fixing for all teh HCM, FI, TM, PY and BI by analyzing teh traces. Resolved teh conflicts in teh integration testing between ESS/MSS and Security Redesign.
• Did teh system cleanup process by generating reports based on queries and identified teh users who are wifdrawn from teh company and who are scattered in different organization structures.
• Extensively involved in Unit testing and Integration testing and coordinated all teh testers in all teh testing life cycles.
• Implemented InfoObject Security (field-level security) for Reporting Users and also created analysis authorizations.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles.
• Portal Security - Designed, Developed, Testing and Implementation of Enterprise Portal User IDs, Roles
• Involved in Blueprint and Redesign existing security roles to maintain SOX Compliance.
• Implemented Risk Analysis and Remediation (Compliance Calibrator 5.2), Super user Privilege Management (FireFighter 5.2)
• Created FF-IDs for functional people and regularly monitored FF log reports.
• Used CC (Compliance Calibrator) and RE (Role Expert) to do teh role analysis to find out teh Conflicts in teh roles.

Confidential, Miami,FL

Sr. SAP Security/GRC Consultant

Responsibilities:

• Designed, implemented and maintained security for all landscapes which include SAP ECC6.0, Net Weaver2004s, Solution manager4.0, CRM5.0, SRM5.0, PI, Portal and BI 7.0.
• Created users and maintained user master and established security policies and procedures.
• System study of teh current landscape, handling SAP security issues in authorizations (thru PFCG) on PRD, DEV and QA servers.
• Major involvement wif teh Development and function teams in their day-to-day security requirements.
• Created and modified Single, Composite and Derived Roles using Profile Generator (PFCG) to meet business requirements by making sure users do not get more or less authorizations than needed to perform their task.
• Troubleshoot R/3 security problem by TEMPeffectively analyzing trace files using ST01 and authorizations for users (SU53) and tracked missed authorizations for user’s access problems and inserted missing authorizations manually in order to analyze security problem.
• Used Central User Administration (CUA) to handle User Administration/maintenance activities: setting up UserIDs, assigning roles, resetting password, locking/unlocking users.
• Extensively used SUIM reports for critical transactions and objects and for users who never logged on.
• Experienced wif SAP Check Indicator Defaults and Field values, reduced teh scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes as recommended by SAP best practices.
• Provided Authorizations for Middleware Developer, Administrator, Consultants in CRM.
• Set up CRM security for Marketing, Business Partner Security, E-commerce (Internet Sales) and Product Security.
• Implemented security for BW reporting users using analysis authorizations in BI7.0 using teh new security tool RSECADMIN.
• Protected security related Tables using SE54.
• Created and maintained service users for different XI components like Integration repository, Integration Directory, Adapter Engine and soon.
• Used SAP supplied roles and also built new roles in SRM to restrict Managers, Secretaries and employees based on teh Spend/ Approval limits.
• Transported roles to DEV, QA and PRD environments as per teh Change management process.
• Assisting teh End Users by providing necessary access for teh daily tickets and doing teh role changes for teh Developers and Functional Users.
• Remediation of Segregation of Duties SOD using VIRSA Compliance Calibrator.
• Worked wif respective functional heads for segregation of duties and security changes based on SOX requirements.
• Worked on creating users in User Management Engine (UME) and assigning appropriate roles.
• Discussed security recommendation wif management team.
• Created and modified Single, Composite and Derived roles.
• Extensive knowledge on troubleshooting security related problems using SU53, ST01 and ST22.
• Created and maintained user master records using SU01 and SU10.
• Worked wif teh business managers in defining access requirements for end users, maintain role design methodology and worked wif Functional team members to set up end user roles.
• Worked on SAP check indicator defaults and field values using transactions SU24 and maintained check indicators for Transaction code during testing.
• Identified fixes for production issues related to security and tested them in DEV and QA systems and transported to PROD environment.
• Supported Unit testing and Integration testing of roles/profiles.
• Performed reconciliation of user master record and roles using PFUD and SUPC.
• Performed User Administration activates such as setting up user logon ID’s and assigning and resetting passwords, locking and unlocking users.
• Worked on user administration in SAP portal security, creating users, roles and user groups in to give users access to iview objects