SUMMARY

• About 8 years of experience in SAP R/3(SD,MM & FI/CO,HR, SRM,SCM,HCM, EP, CRM Modules), BW3.5/BI 7.0 Security Administrator
• Experience in User administration, Role administration audits as per company SOX/ICS requirements and maintain tables related to security, maintain profile parameters related to security and ABAP reports
• Extensively worked with Sarbanes - Oxley Compliance - Strategy management related to SAP business processes, transactions, control infrastructure, financial reporting process. Sarbanes-Oxley Section 404, Remediation of Segregation of Duties (SOD) within SAP implementation, Profile Generator (PFCG), Role, Profile creation, modifications, User Administration, Authorization objects, User reconciliation, CATT Scripts
• Proficient in troubleshooting and handling user issues by using SU53, tracing (ST01) and User Information System (SUIM)
• Familiar with ASAP Methodology- Project Preparation, Business Blueprint, Realization, Final Preparation, Go-Live and then into ongoingProduction Support
• Experienced in MS Office Suite, Remedy, Lotus Notes, Magic tool(BMC) to Support the SAP Project delivery
• Hands on experience with SAP R/3, EP, HR, BW/BI Security and solution manager
• Hands on experience on scheduling jobs using UC4 tool
• Experience in VIRSA Compliance Calibrator & GRC Security
• Experience in defining background jobs, scheduling and maintenance, modifying, deleting and analyzing the jobs and regularly monitoring the job logs and the job status
• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users
• Experience in raising role change requests in Solution manager system
• Excellent communication skills, Proactive learning, team work and Team Management, People Management, Client relation Management, interpersonal and collaborative skills are the strengths
• Ability to communicate security and risk-related concepts to end users
• Good knowledge of business processes within sales, finance and manufacturing
• Strong background in implementation, upgrade and support projects
• Very good at management and flexible in adapting to new technologies
• Experience in Training and documentation
• 24X7 Production Support

TECHNICAL SKILLS

Enterprise Software: SAP R/3 4.6C, 4.7 Enterprise, ECC 6.0, ECC 5.0

Languages: C, C++, Core Java, PHP, SAP ABAP and SAP Net weaver 04 Basis + Oracle

Databases: Oracle 9i, POSTGRE SQL, MsSQL

Database Languages: PLSQL, SQL

Web Technology: HTML, JAVA SCRIPT

Development Packages: MSOffice, Ms Project

Operating Systems: MS-DOS, Windows 98/2000/XP/Vista, LINUX

PROFESSIONAL EXPERIENCE

Confidential, Lake Forest, IL

SAP GRC Security Analyst

Environment: SAP ECC 6.0, SAP R/3 4.7C

Responsibilities:

• Coordinate with various functional teams to understand the Business structure post go-live and map it to the SAP Roles present in system
• Assessment of the roles which would not be required after go-live
• Understand the Business structure after Transformation to Oracle platform
• Mapping of SAP Business, management and reporting tasks to the according SAP Role
• Design new Security Roles for the descope project
• Identity the organization level values which are moving away from SAP and remove them from Security roles
• Modify the Business roles in SAP as per the existing functionality after go-live
• Create SPD(Short Project Document), Role analysis documents, Role test documents related to the Security changes and provide it to IT leads, Business leads and compliance team for approval
• Communicate the role changes to IT leads and Business role owners to seek necessary approvals
• Provide super user emergency access (Firefighter access) in production system to IT consultants
• Adhere to Security Design Practices/ Principles
• Post Go Live support to resolve all security-related issues and day to day technical support and resolution of security issues
• In corporate a best-practice security naming standards
• Monitor sensitive transactions and authorization objects
• Discuss and/or implement SOX compliance (Risk Analysis) tool for SOD checks
• Locking/Unlocking of users in all the systems in Landscape for Trilogy go-live
• Create new users in CAT systems
• Create roles in CAT systems for functional testing
• Set up background users for interfaces
• Raise Access Enforcer Requests for assignment of new roles to Business users
• Upload new roles to Access Enforcer
• Disable the Business roles from Access Enforcer which are not required in SAP post go-live
• Create new tickets in BMC Remedy tool
• Solve the access related issues raised by users through BMC Remedy ticketing tool
• Create transport requests for the role changes
• Import the role changes to test client through SCC1 transaction for functional testing
• Transport the role changes to Quality and production systems from Development system
• Investigate the authorization issues raised by users and modify the roles when required
• Monitor Security related jobs during go-live
• Responsible for documenting the risks that violates segregation of duties that are present in the existing processes and mapping them into rule set inGRC.
• Build and Customize rule sets to match the business needs and processes.
• Responsible for functional consultant forGRC5.3/10 (ARA/ ARM/EAM/BRM).
• Responsible forSAPGRCdeployment and support all theGRCaccess control components.
• Good understanding of SOX compliance laws, SOD conflict issues.
• Effective, imaginative problem solver with excellent problem solving skills, team player and good communication skills.

Confidential, San Diego, CA

SAP Security Analyst

Environment: SAP ECC 6.0, BW 7.0

Responsibilities:

• Designing, writing and implementing security related standard procedures for the user administration, roles and profile generation
• Core team member in developing thesecurityframework for Go live & Post Go live support for internal projects
• Create single role, composite role and derived role as per organizational structure in both R/3 and BW/BI systems using PFCG
• Extensively worked on Authorization objects, fields and authorization profiles
• Created over 100 customized end user roles and menus, plus hundreds of “mini-roles” to allow for low level modular access control
• Set up security roles and user accounts for over 1000 End Users for primary Go Live
• User maintenance on day-to-day basis and role maintenance on requirement basis
• Involved in the installation and Configuration SAP GRC Access Control 5.3 (RAR,CUP, SPM)
• Creating and maintaining the user IDs in CUA
• Identify Segregation of Duty conflicts and propose recommendations that lead to implementation of mitigating controls and elimination of risks
• Performed change control reviews to be SOX compliant on a weekly basis (Auditing Information System and Project Management Internal Control).
• Build and Customize rule sets to match the business needs and processes.
• Responsible for functional consultant forGRC5.3/10 (ARA/ ARM/EAM/BRM)
• Responsible forSAPGRCdeployment and support all theGRCaccess control components. CUP/ARM workflow configuration and designing.
• MSMP and BRF+ configuration.
• Firefighter configuration and log setup.
• Decentralized and Centralized Firefighter setup.
• Support Pak Upgrade forGRC
• Worked with VIRSA systems VRAT tool in identifying conflicts single roles and composite roles and Redefined authorization scope using SU24 etc
• Good functional knowledge of SAP SD,MM and FI
• Using ASAP methodology conducted all tasks for Business Blueprint and Realization phases of project
• Extensively used Central User Administration (CUA) using SCUM and SUCL to set up over 1000 SAP users & created CATT scripts for mass user creation
• Implementedsecuritybased on assignments to objects in Human Resources (HR) Personnel Development (organizational) Structure
• Create Structural Authorization Profiles and assign the profiles to positions and User IDs as per the organizational structure
• Implemented and maintained plan for using structural authorizations (Infotype 1017) to configure the system to allow managers automatic access to only their employees via PD profiles with dynamic root ids
• Limit a users access to information according to the structure of the organization plan
• Maintenance of existing HR roles using PFCG
• Worked on BI Authorizations including Standard Authorization and Analysis Authorization
• Worked on S RS *, S RSEC and S RS AUTH authorization objects
• Trouble shooting - Identifying the missing authorizations using SU53 transaction/ST01 trace and maintaining them in suitable role and SU56 in order to find security problem
• Trouble shooting performance issues & adjustment of SAP profiles
• Raised role change requests in Solution manager system
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security
• Solved the portal related authorization issues
• Transport the generated roles and profiles using SAP transport management system and handled normal and mass generation of roles and transport of roles
• Perform unit testing, positive and negative testing on user accounts to ensure the appropriate access levels on created roles
• Analyze user related information including roles and profiles, by utilizing transaction SUIM
• Create role change requests in Solution manager system and transport the roles to Quality and production systems
• Schedule background jobs using UC4 tool and monitoring them
• Perform License cleanup activities in over 30 systems and has a deep knowledge on License administration in SAP
• Good coordination with global team members and end users
• Ran security reports for critical transactions and objects and for users who never logged on
• Worked with functional team leads to define the new transactions
• Develop CATT and ECATT scripts for day to day security support activities
• Worked with Security in FI, CO, MM, SD modules

Confidential, San Francisco CA

SAP Security Consultant

Environment: SAP ECC 5.0 & 6.0 and BW 7.0

Responsibilities:

• Post Go Live support to resolve all security-related issues and day to day technical support and resolution of security issues
• Installed, designed and implemented methodology for controlling end user access to plants, fund centers, cost centers, etc. Applied to both R/3 and BW/BI 7.0 environments. Designed security solution for FI, CO, MM, SD, QM, PM, PS etc
• Set upsecurityby Info Area, Info-Cube, Info-Object, QUERY and WORKBOOKS
• GRC Support Activities on CUP and SPM
• Assigning/Revoking FFIDs to all functional/technical users as a daily task
• Generating reports for FFIDs and sending among all the FFID owners
• Finding violations in use of FFIDs and reporting the same to associated FFID owners
• To provide production support, to end users functional and technical users
• Good functional knowledge of SAP SD, MM and FI
• Worked with the t-code for creating custom authorization objects & S RS AUTH for assigning authorization objects for BW query end user roles
• Tracing the users,SAPobjects and custom reporting authorization objects to debug an authorization error, resolving the issue by giving required authorizations (RSRTRACE)
• Interacting with functional and technical consultants for problem diagnosis in BI
• Implemented Info ObjectSecurity(field-levelsecurity) for Reporting Users and also created custom reporting authorization objects
• Configured roles and authorization objects to secure reporting users
• Developed Custom Authorization Objects for queries developed by the users
• Limiting the Query access within the BEX Analyzer
• Creating and Assigning Roles/Profiles to Users using PFCG
• Implementedsecuritybased on assignments to objects in Human Resources (HR) Personnel Development (organizational) Structure
• Create Structural Authorization Profiles and assign the profiles to positions and User IDs as per the organizational structure
• Create role change requests in Solution manager system
• Fixing end user Roles/Profiles based on Change Requests crated for breaks/fixes
• User Administration and Password Management (Expiry of users and Profiles)
• Analyze Root Cause of Authorization Problems and fix the missing authorizations
• User support, resolve end user problems on day-to-day basis
• Profile Maintenance: Maintained all the instance profiles in development and Production systems
• Scheduled jobs in background to cleanup spool requests, dumps, batch-input sessions, background jobs. Trace analysis and performed Daily SAP System checks and logs
• Maintain User administration and System administration for Portal systems
• Trouble shooting - Identifying the missing authorizations using SU53 transaction/ST01 trace and maintaining them in suitable role
• Created over 200 customized end user roles and menus, plus hundreds of "mini-roles" to allow for low-level modular access control
• Configured RFC connection between the systems in the landscape
• Planning and implementing transport system landscape for ECC (DEV, QAS and PRD)
• Experienced in creating CATT scripts for User creation, User deletion, role deletion, assigning roles to users etc. SCAT
• Conducted comprehensive analysis of existing Security environment and Identified Security issues, recommended and implemented solutions to problems
• Experience with Structural and non structural Authorizations
• Set up Central User Administration (CUA) to manage multiple systems/clients
• Configuring UME to connect to LDAP for Authentication and I have developed data flows between SAP systems to corporate LDAP directory
• Provided SAP Security and Basis planning, implementation, testing, and support for upgrade of R/3 landscape from 4.6C to ECC 6.0
• Responsible for all Security-related aspects of upgrade and good experience with monitoring
• Documentation of all the procedures and involved in end user training
• Developed methodology and programs for continuous reconciliation of End User
• Working experience with security infrastructure like access controls and access management, Web access control/Management, LDAP etc and worked with Business process owners to grant accesses to users
• Experience with Bex analyzer, Info Objects, Info Sources, Info Packages, ODS, Info Cubes, work flows
• Good team player with strong trouble shooting skills
• Applied OSS notes in order to correct profile generator, security transactions and security report bugs and made source code corrections to run back ground jobs
• Maintained all the instance profiles in development and production systems
• Scheduled jobs in Background to clean up spool request, dumps using SM36
• Work with Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts Used SU24 and maintained check indicators for Transaction codes

Confidential, Allentown, PA

SAP Security Consultant

Environment: SAP ECC 5.0, BI, HR and EP Security

Responsibilities:

• Work with profile generator (PFCG) in creating roles, profiles, composite roles & derived
• Created over 200 customized end user roles and menus, plus hundreds of “mini-roles” to allow for low level modular access control
• Extensively worked with Sarbanes-Oxley Compliance -- Strategy management related toSAPbusiness processes, transactions, control infrastructure, financial reporting process. Sarbanes-Oxley Section 404, Remediation of Segregation of Duties (SOD) withinSAPimplementation
• ImplementedSAPR/3 LogicalSecurityin compliance with Sarbanes-Oxley (SOX) sections 404 and 302
• Identified and analyzed the critical transactions that are involved for resolving the Sarbanes Oxley act 404. Experienced using VIRSA tool
• Used VRAT to automate all SOD related activities like defining SOD conflicts, monitoring SOD conflicts, prevention of SOD conflicts, and mitigating controls
• Getting the requirements from the external auditors for identifying the critical reports and streamlining the reports.
• Maintain and troubleshoot transport requests
• Provided Security for Enterprise Portal - UME
• Provided Security for HR Structural Authorizations
• Provided Security for BI using Analysis Authorizations
• Extensive involvement in SAP project proposals
• Worked with VIRSA systems VRAT tool in identifying conflicts single roles and composite roles and
• Redefined authorization scope using SU24 etc
• Using ASAP methodology conducted all tasks for Business Blueprint and Realization phases of project
• Created new and edited the existing Activity Groups as per the requirements coming through Help desk which involves the inclusion of transactions in the menu tree or editing the activities as per SU53 results
• Trouble shooting performance issues & adjustment of SAP profiles
• Work with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts
• Good functional knowledge on FI, MM and SD concepts
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security
• Implemented IT controls and a new security process for User Access Management and Segregation of duties to ensure
• Analyzed all customer programs and transaction codes for authority checks
• Ran security reports for critical transactions and objects and for users who never logged on
• Worked with functional team leads to define the new transactions
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes
• Trouble shoot R/3 security problem by using different scenario such as system trace, parameter change, buffer reset, SU53, and SU56 in order to find security problem
• Continuously improved security configuration to reflect best practices and to prepare for system audits
• Excellent communication & interpersonal skills

Confidential, San Francisco,CA

SAP Security Administrator

Environment: SAP R/3 4.7c, ECC 5.0, BI 3.5

Responsibilities:

• Worked on SAP HR/HCM ESS/MSS, Master Data and Infotype based authorizations including Personnel Number Check, Payroll Objects and Context Authorization Objects
• Using Enterprise Structure in Organization Management, created Structural Authorizations to control access to data stored in time-dependent structures, within SAP HR/HCM Module
• Worked on new BI 3.5 Authorizations including Standard Authorization and Analysis Authorization. Worked on S RS *, S RSEC and S RS AUTH authorization objects
• Create, maintain, lock and unlock users and change passwords
• Configured Profile Generator (PFCG) and assigned user authorizations and profiles to user ids, setup security for the developers according to business requirements
• Applied OSS notes in order to correct profile generator, security transactions and security report bugs and made source code corrections to run back ground jobs
• Maintained all the instance profiles in development and production systems
• Scheduled jobs in Background to clean up spool request, dumps using SM36
• Creating and Assigning Roles/Profiles to Users using PFCG
• Fixing end user Roles/Profiles based on Change Requests crated for breaks/fixes
• User Administration and Password Management (Expiry of users and Profiles)
• Analyze Root Cause of Authorization Problems and fix the missing authorizations
• User support, resolve end user problems on day-to-day basis
• Profile Maintenance: Maintained all the instance profiles in development and Production systems
• Scheduled jobs in background to cleanup spool requests, dumps, batch-input sessions, background jobs. Trace analysis and performed Daily SAP System checks and logs
• Work with Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts Used SU24 and maintained check indicators for Transaction codes
• Excellent communication skills, strong analytical and interpersonal skills
• Responsible for all Security-related aspects of upgrade and good experience with monitoring
• Documentation of all the procedures and involved in end user training
• Developed methodology and programs for continuous reconciliation of End User
• Configured RFC connection between the systems in the landscape
• Planning and implementing transport system landscape for ECC (DEV, QAS and PRD)
• Experienced in creating CATT scripts for User creation, User deletion, role deletion, assigning roles to users etc. SCAT
• Experience with Bex analyzer, Info Objects, Info Sources, Info Packages, ODS, Info Cubes, work flows
• 24X7 Production Support

Confidential, Irwin dale, CA.

SAP Security and Basis Administrator

Environment: SAP R/3 4.7c, BW 3.5

Responsibilities:

• Create, maintain, lock and unlock users and change passwords
• Work with profile generator (PFCG) in creating roles, profiles, composite roles & derived roles
• Responsible for development, testing, and administration of authorization roles in SAP R/3 and BW systems
• Worked on new BI 3.5 Authorizations including Standard Authorization and Analysis Authorization. Worked on S RS *, S RSEC and S RS AUTH authorization objects
• Creating custom ( Z ) authorization objects for the Z programs to make controls using SU21
• User support, resolve end user problems on day-to-day basis
• 24X7 Production Support
• Collaborate with technical and functional teams to define security designs and requirements
• Provide production support, including ongoing support and maintenance of roles
• Support users in SAP with various functional issues - primarily in the FI/CO, SD, PP, MM modules
• Trouble shoot R/3 security problem by using trace, parameter change, SU53 etc
• Support XI system in user administration and role creation/maintenance
• Analyze Root Cause of Authorization Problems and fix the missing authorizations
• Analyze and secure custom transactions and programs to standardize security across all regions
• Train customer resource assigned to the project to handle the necessary maintenance activities independently
• Help team understand and use simulation and other features beneficial for this standardization/ remediation effort Assist client in understanding and leveraging features in available version in use and compare with features in new releases
• Security related troubleshooting - Analyzing missing authorizations
• Scheduling, Monitoring and troubleshooting Background jobs
• XANDRIA to monitor critical and warning alerts for various systems
• Create requests for SAP OSS IDs
• Configure output devices using SPAD, Spool management activities using SP01, authorizations of spool services, and troubleshooting
• Transport the requests from DEV to QAS and from QAS to PRD servers using Tp (transport control program) or STMS Transaction and verifying through transport logs
• Maintain and monitor RFC connections (SM59)
• Applied OSS notes in order to correct the profile generator, security transactions, and security report bugs and also source code corrections to run background jobs using SNOTE
• Provide SAP Basis administration Support, Performance monitoring & tuning, Problem analysis & resolution, and other activities required to maintain system integrity and maximize uptime

Confidential

SAP Security Administrator

Environment: SAP R/3 4.7c, BW 3.5

Responsibilities:

• Created activity groups and User Ids for programmers, end users by extensively using SU01
• Involved in Unit testing and utilization of SU53, RRMX, RSSM, RSA1, ST03 to trace, debug and optimize authority checks
• Supported users at different levels for the security issues in all functional modules
• Extensively worked on SAP R/3 Authorization model (PFCG, SU24, SU01, SM30, SM01, SE01, SU21, SUIM)
• Monitored all the tables with &NC& Auth Group
• Created BW User IDs and Authorizations
• Maintained User Master Records which included creating users, deleting users, and renaming users
• 24X7 production support