SUMMARY

• With 8+ years of working experience as Senior SAP Security and GRC consultant, looking for a new opportunity to present my skills, add value and help in growth of the organization.
• 4 years of experience in configuration and maintenance of SAP GRC AC suite 5.3/10.0/10.1 (ARM, BRM, ARA, ERM) along with working knowledge in VIRSA 4.0 Risk Assessment tool.
• Experience in 3 Full life cycle implementations of SAP Security projects from design phase to Post implementation phase.
• Expert in administration of SAP Application Security in ECC 5.0/ 6.0 for the modules of FI, CO, MM, SD, PP, PS.
• Experience in SAP Security Administration for BW 3.5 /BI7.0, 7.3, security for administrative users (creating authorization objects and restricting users at info object level) and reporting users (analysis authorizations), creating User Exits and troubleshooting user issues with access to Workbooks.
• Implemented Security on JAVA Landscape for PI systems and have experience in using UME (User Management Configuration) groups and roles.
• As a security administrator, strongly expertise in using Profile Generator (PFCG) for creation and maintenance of Roles/Activity groups as required and expertise in Security Administration activities such as creating User accounts, Password resets, locking and unlocking users.
• Extensively performed and monitored transaction codes SU01, SU10, SUIM, SU53, SU56, ST01, SU03, SU21, SU24, PFCG, PFUD, SCC4, SUPC, STMS, SE01/SE09/SE10,SM18, SM19, SM20, SM30, SE11, SE16, SE37, SE38/SA38, SE54, SE80, SE93 and SE97 in SAP Security.
• Used AGR*, USR* tables for different reporting and analyzing purposes.
• Created mass users using eCATT scripts, and LSMW scripts
• Experience in maintenance of CUA (Central User Administration) landscape.
• Hands on experience in using Service Market place for opening OSS connections, KBA’s search, SNOTE search for corrections and Security and GRC enhancements provided by SAP.
• Extensive experience in analyzing and processing SOD issues using VIRSA 4.0 Compliance Calibrator, GRC 5.3/ 10.0/ 10.1 Access Control tools such as RAR/ARA, SPM/EAM, CUP/ARM, ERM/BRM components.
• Excellent understanding of Sarbanes - Oxley Act (SOX) standards.
• Involved in the installation and Configuration of SAP GRC Access Control 10.0/10.1.
• Involved in configuring and customizing the Multi-Stage Multi-Path (MSMP) workflows.
• Hands on experience in risk mitigation procedures, risk ruleset customizations.
• Performed role and user analysis, risk analysis and hence mitigating risks and roles as required to achieve the overall security compliance strategy.
• Scheduling and working on reports of background jobs as well as foreground jobs during the risk analysis in SAP GRC AC suite.
• Providing detail reporting on Segregation of Duties (SOD) and critical access violations at both user level and role level.
• Comprehensive knowledge in SAP best practices coupled with excellent communication skills.
• Experience in documenting monthly audit reports, audit logs, policies, procedures and other tracking documents to monitor health of the system and project.
• Adept in using quality center and apply security best practices for requirements management, test planning, defect reporting, defect tracking and ensuring quality standards.
• Experience in onsite - offshore engagement model, team lead off shore team for project activities and provided training and mentoring the team.
• Enthusiastic and eager to take responsibility and initiative in any given task.
• Self-motivated in handling the work assigned and adhere to SLA deliverables and deadlines.
• Experience working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.

TECHNICAL SKILLS

ERP: SAP ECC 5.0/6.0, SAP BW 3.5/BI 7.0/7.4, VIRSA 4.0, GRC AC 5.3/10.0/10.1 , SAP SSO 3.0, SAP ETD 1.0, Solution Manager 7.1, SAP Fiori.

Service Tools: Service Now, BMC Remedy, IBM Tivoli with Lotus Notes.

Programming Languages: ABAP/4, J2EE, C, C++, T- SQL.

Database: MS SQL Server 2008 R & 2012, Oracle 10g, 11g.

Operating Systems: Windows (Server Edition, Enterprise Edition), UNIX, LINUX (CentOS, RHEL).

PROFESSIONAL EXPERIENCE

Confidential, Ronkonkoma, NY

Senior SAP Security and GRC Consultant

Responsibilities:

• Implemented security strategy during a business divestment and developed roles, coordinated with business and testing teams to resolve or mitigate any technical issues during the build, testing and UAT phases.
• Worked with development teams for custom security and performed traces, authorization checks, role build, role changes, test id’s setup during the project course.
• Defined system scope and objectives and provided requirements, solutions and recommendations at different phases of project which includes design, coding, testing, troubleshooting, modifications, implementation, deployment and SLA’s.
• Used the transport management process to promote security changes following documentation procedures.
• Involved in design, configuration, testing and deployment phase of SAP Single Sign on 3.0 (SSO) implementation and performed analysis of the security solution.
• Documented security test scenarios for SSO implementation and performed end to end testing at both application and network level.
• Identified defects and observations during testing of SSO functionality and monitored the progress of defects from time to time in HP QC (ALM) tool and collaborated with basis team on the issues.
• Performed user administration activities, troubleshoot authorization issues.
• Demonstrated SSO functionality to key users, onsite team and offshore team.
• Worked with process experts for SOD conflicts and assigned appropriate roles to the users. Also, supported audit team for generating audit reports.
• Meeting the Key Stake holders and Business team for ongoing SAP Role based provisioning and also for requirement gathering, analysis, designing Functional and Technical Documents workflow requirements, approval requirements and flow of request and data across multiple systems, serving as an Subject Matter Expert for SAP security.
• SSO configuration for the landscapes.
• Configured all the four components ARA, ARM, BRM and EAM during GRC implementation.
• Configured MSMP workflows in Access Control Suite and activating the delivered business configuration (BC) set for Access Control Multi-Stage Multi-Path (MSMP) workflow configuration.
• Involved in post installation and Configuration of GRC activities.
• Performed Risk analysis for role level and user level.
• Created modified, locked users through ARM component and performed risk analysis.
• Created RFC connection between GRC and Backend systems.
• Lead off shore team for project deliverables, executions and track progress to ensure the completion of the project milestones.
• Prepared off shore activities and transitioned to the team for their day to day work.
• Identified risks at different stages off shore project executions and initiated risk mitigation plans.
• Provided base line estimations of the service deliverables and build flexibility to adapt to changing client needs.
• Status updates to project managers, stake holders and forecast the estimations and performance of the project from time to time.

Environment: SAP ECC 6.0, SAP GRC AC 10.1, SAP S/4 HANA.

Confidential, Houston, TX.

Senior SAP Security and GRC Analyst

Responsibilities:

• Involved in meetings for gathering the requirements from business and developing simplified and standardized security roles for the users in each company within the controlling areas.
• Helped the application and business teams for master data loads into testing systems.
• Worked with application teams to get UAT completed in controlled access environment before moving to production.
• Also, worked closely with Basis team in handling system refreshes and performed security refresh procedures.
• Re-engineered existing roles by running Security audit logs for business and application support users in identifying SoD t-codes and worked with Compliance team for helping them to configure and mitigate users in GRC and hence making roles and user access more compliant.
• Performed key controls review during internal audit of the company.
• Worked with compliance team during the external audit.
• Created custom parameter transaction codes in restricting the roles for table access maintenance (SM30).
• Worked with development team in setting up required AUTHORITY-CHECK for Custom Tables, Reports and Custom transactions.
• Extensively used t-codes SU01, SUIM, SU10, PFCG, SE16N, SWI5, RSABAPSC, SE38/SA38, SE80, SE93, SE97, ST01, SE01/09/10, STMS, SM36, SM37, PFUD, SUPC, PA20, PA30, PPOSE, PO13, RSA1, SCMA & SM WORKCENTER (in SolMan).
• Used AGR*, USR* tables for different reporting and analyzing purposes.
• Experience and knowledge in how to maintain authorizations by transactions through SU24 and experience in using USOBT C, USOBX C tables.
• Experienced in using MS Excel (VLOOKUP, HLOOKUP, Pivot tables, Macros), Power point and hands-on in document writing.
• Handled bringing 15000 users into SAP during the merger and created accounts for all the users using Active Directory across different landscapes.
• Helping the business to identify the right position role for every user in existing role model.
• Complete user administration in SAP landscapes (creating, modifying, and deleting, locking, unlocking and resetting passwords).
• Worked closely with Basis team and application support team during HR Support-packs (HRSP). It includes moving transports, locking/unlocking users using SU10, completing UAT on new security enhancements from the support packs.
• Analyzed missing authorizations by performing authorization traces to resolve security issues for users by using ST01.
• Performed regular activities and troubleshooting by using SU53.
• Understanding and implementing the Change Control process for any enhancements or operational changes when required.
• Checking for Segregation of Duties (SOD) issues while assigning Roles to Users and while changing the design of a single Role, Composite Role and User group creation.
• End-to-end implementation of GRC Access Control Suite 10.0 and configured all the components in it as when required.
• Performed Role and User Analysis, Risk Analysis and Mitigating risks and roles as required.
• Checking the SoD (Segregations of Duties) using Risk Analysis and Remediation before assigning to the users.
• Working on Fire Fighter (FF) for Super User privileges like maintaining Owners, Controllers and Fire Fighter Access to user.
• Checking the log report as and when required for audit purposes.
• Coordinated with the offshore team and monitored the progress of the tasks in the maintenance landscape.
• Communicated technical and non-technical issues along with training in change management process to key users and business users when necessary.
• Worked on different security tickets on day to day basis and performing associated activities to user accounts based on approval workflow.
• Daily tasks also include creating user accounts, maintaining Info types in PA20, system cleanup activities such as account terminations, transfers, access requests, role changes, tracing and prototyping access issues using SU53, ST01, troubleshooting production issues.
• Analyzed RFC calls for Remote Function Modules (RMF’s) from different systems and secured them for user access.

Environment: ECC 6.0, BW 7.0, BW 7.4 on HANA, GRC 10.0, Sol Man 7.1, XI/PI (ABAP and Java stack), HR, SCM, Fiori.

Confidential, Virginia Beach, VA

Sr. SAP Security and GRC Consultant

Responsibilities:

• Handled Security in designing roles for all modules of SAP R/3 such as FI, CO, MM, SD and PP.
• Worked on Role Maintenance, Transaction codes, Profiles, Authorization objects, Authorization groups, Single Roles, Composite Roles, Derived Roles and User Maintenance.
• Analyzed each role and mapped them to transaction codes per business process.
• Created and generated roles, profiles, authorization objects, object classes and assigned to user master record.
• Used Transport Management System (STMS) for Transporting the generated roles and profiles.
• Extensively used the following transactions on daily basis - SU01, PFCG, SU53, SU56, SU24, SUIM, SUGR, SE16 and ST01 for providing technical support to users.
• Working knowledge in HR security implementing structural authorizations in ESS, MSS, PA and payroll.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Configured Profile Generator and performed transports and mass transports of roles and used CATT scripts for mass users and assigning roles.
• Performed reconciliation of User Master record & roles using PFUD and SUPC.
• Providing Temporary Access to all the Users with proper approval from the respective Business Process Owners in all Productions and Non-Productions Environments.
• Worked with process experts for SOD conflicts and assigned appropriate roles to the users. Also, supported audit team for generating audit reports.
• Meeting the Key Stake holders and Business team for ongoing SAP Role based provisioning and for requirement gathering, analysis, designing Functional and Technical Documents workflow requirements, approval requirements and flow of request and data across multiple systems, serving as a Subject Matter Expert for SAP security.
• Configured all the four components ARA, ARM, BRM and EAM during GRC implementation.
• Configured MSMP workflows in Access Control Suite and activating the delivered business configuration (BC) set for Access Control Multi-Stage Multi-Path (MSMP) workflow configuration.
• Created custom MSMP workflows integrating with custom BRF plus rules as per business requirements and hence maintained agents.
• Involved in post installation and Configuration of GRC activities.
• Performed Risk analysis for role level and user level.
• Created, modified, locked users through ARM component and performed risk analysis.
• Created RFC connection between GRC and Backend systems.
• Part of Transport Management team. Scheduling the Transport releases and coordinating with different teams.
• Configured and maintained Printer set up using the transactions SPAD.
• Analyzed the output and spool requests.
• Implemented Notes in different landscapes.

Environment: ECC 6.0, GRC 10.0, BI 7.0, HR.

Confidential, Lexington, MA.

SAP Security and GRC Consultant

Responsibilities:

• Changing the Design of a Single Role and Composite Role with Proper approvals from respective Business Process Owners following the Process Norms.
• Troubleshooting missing authorization using SU53 and run trace ST01.
• Monitoring and handling Background Jobs like PFUD for updating User Master Records in all Production and Non-Production environment on daily basis in all systems
• Experience in Design, Developing, Testing and Implementing SAP Security Roles, Profiles and Authorization for various landscapes using Profile Generator
• Review and Transport the activities performed by other team members
• Extensively used SU22 and SU24 to update the USOBT C and USOBX C tables (transaction and the authorization objects).
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, S DEVELOP for debug access etc.
• Worked with functional team leads to define new custom transactions, objects, classes, integrating them in transaction codes and then apply security restrictions for custom reports/queries and transactions.
• Handling Object level changes for Transaction Codes through SU24 to maintain Authorization in standard or maintained mode.
• Extensively used the following transactions on daily basis - SU01, PFCG, SU53, SU24, SM59, RSSM (for BW) and ST01 for providing technical support to users.
• Executing Computer Aided Testing Tool (CATT) reports to update Org levels.
• Creating analysis authorizations and maintaining them at both user and role assignments using RSECADMIN in SAP BI 7.0 Security.
• Performing Authorization Trace in SAP BI 7.0 and generating error log reports for analysis.
• Experience in user administration 24x7 on call production support, quick turnaround for end user requests, and Helpdesk support for user administration
• Checking for Segregation of Duties (SOD) issues while assigning Roles to Users and while changing the design of a single Role, Composite Role and User group creation.
• Role transport to multiple landscapes, TR release through SE09/SE10/SE01.
• Report generation using SUIM and to analyze the missing authorization based issue.
• Working with tables like AGR* for data collection and verification.
• End-to-end implementation of GRC Access Control Suite 10.0 and configured all the components in it as when required.
• Performed Role and User Analysis, Risk Analysis and Mitigating risks and roles as required.
• Checking the SoD (Segregations of Duties) using Risk Analysis and Remediation before assigning to the users.
• Working on Fire Fighter (FF) for Super User privileges like maintaining Owners, Controllers and Fire Fighter Access to user.
• Checking the log report as and when required for audit purposes.

Environment: ECC 6.0, GRC 10.0, BI 7.0

Confidential

SAP Security Consultant.

Responsibilities:

• Undergone internal training on GRC Access Control suite 5.3.
• SAP Security administration and maintenance
• Setting up security roles and user accounts for over 800 End Users for primary Go Live.
• Monitored User maintenance on day-to-day basis and role maintenance on requirement basis.
• Design, Configuration & Testing of SAP Security Roles
• Creating/ Maintaining the ORG Fields in Objects
• Adequately securing programs, transactions and tables
• Role Download/ Upload, Mass Generation/ Mass Transport.
• Mass Assignment and Re-assignment of Roles/ Users
• Mapping of Missed Authorization Object in T-codes.
• Mapping of T-code with Reports and Programs.
• Maintaining (Create, Delete, Change, Copy) SINGLE, COMPOSITE and DERIVE Role in Customer Namespace.
• Performed Spool Administration, Client Administration, SAP background job scheduling and monitoring, Transport Organizer and other Basis day to day activities.
• Locking critical transactions using SM01.
• Identifying the missing authorizations using SU53/ST01 trace and maintaining them in suitable role and SU56to find security problem.
• Troubleshooting performance issues & adjustment of SAP profiles.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties (SOD) over all fields of business areas.
• Successfully transported the generated roles and profiles using SAP transport management system (STMS) and handled single& mass generation of roles and transport of roles.
• Assigning HR ESS/MSS access to the user as per requirement.

Environment: ECC 5.0, BI 7.0, Virsa 4.0 and GRC 5.3