SUMMARY

• 12+ Years of SAP Security, Project and delivery Management experience
• Delivery Lead /Technical Architect/ Support Lead/Develop/tester with more than 12 years of hands on architecture and development experience in designing, developing, testing and deploying large scale end to end IT solutions in SAP Security, Cloud, Integration, Audit, internal controls and compliance.
• Implemented full life cycle of multiple projects across various SAP Security landscapes from design phase to post implementation phase in SAP Security.
• Experience in various phases of IT projects such as Requirements gathering, Development, testing, deployment and application support.Involved in all phases of SDLC.
• Worked on large number of projects and systems over the years and built a solid knowledge across the board in all areas of SAP landscapes (ECC - R/3/ HR/ SRM/ CRM/ APO/ BW/ BI / SolMan/ Friori/ Enterprise Portals /Transport Management.)
• Expertise in developing Security framework, Authorizations and objects.
• Designed Security architecture, configuration, user and role mapping.
• Performed Upgrades to SAP landscapes and implemented security restrictions.
• Implemented critical and sensitive authorizations, improvements to meet audit requirements.
• Designed Testing template, test scripts and framework and implemented SAP security testing strategy in all phases of testing - Technical unit testing ( TUT) Functional ( FUT) User acceptance testing ( UAT)
• Collaborate with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards.
• Supervised, Mentored, trained and lead teams ( both support and development) including both onshore and off shore

PROFESSIONAL EXPERIENCE

Confidential, Atlanta

SAP Security Analyst/ Architect /Project, Delivery and Support Lead

Responsibilities:

• Principal Architect, Lead for major enterprise solutions including multiple applications (ECC/ HR/ SRM / CRM/ BW BI / Solman / Friori /GRC/ APO …) with in SAP Security, infrastructure architectures as assigned and deploy standard and customizing solutions to various stakeholders within CCR/BIG.
• Constantly introduce and identify opportunities for improvements, develop, implement, maintain and Deploy best SAP security practices, to enhance operational effectiveness, reduce costs to meet changing Business needs.
• Act as single point of contact, Deliver, lead multiple projects, manage relationship with all Development and support teams, vendors and Release management, deploying SAP Security solution in all releases (Major, Minor, off and Mock releases) and system upgrades.
• Serve as point of escalation that requires high degree of expertise and establish line of communication keeping all parties (including manager) informed of incidents, resolving complex problems and available 24/7 by supporting existing environments within expected SLAs and deadlines.
• Providing guidance, direction, monitoring and managing contractors, support and offshore teams
• Business engagement to conduct requirement and audit sessions for SAP, GRC and SOX.
• Project management including business case creation, vendor management, architecture reviews, change/communication management and deployment management.
• Assist in implementation of GRC 10.x from Approva Bizrights
• Knowledge in Identity Management (IDM) and S/4 Hana Security
• Lead Security tasks during go live and cut over, Post cut over activities and Hyper care.
• Assist Release Management during all releases ( cut over activities)
• Perform support transition and issue management.
• In-depth knowledge across all landscapes in Confidential systems SAP ECC-R/3 /HCM/ SRM/ CRM/ Friori /APO /BW/ BI /Enterprise Portals / Transport management ( Rev-Trac) security environment and functionality Expert in Profile Generation (PFCG), creating Single, Derived and Composite Roles for the different modules.
• Design and assign role to users, review Roles/Authorizations for better security controls (SOX/SOD).
• Expertise in User maintenance using SU01/ SU10/ Role maintenance PFCG/ User authorization errors ST01/ SU53/ SUIM/ Audit SM19/ SM20/ Transport Management ( Rev Trac)
• Designed Enterprise Portal (EP) Security strategy for Java Role & User administration and simplified portal role assignment task by role mapping mechanism.
• Expertise in analyzing and restricting critical authorization objects.
• Expertise in AGR* and USR* tables
• Organized and maintained audit trails for changes made to user accounts, Roles and security profiles.
• Setup security in BI at the Info object level (field-level security) and key figure level
• Upgrade BW to BI and Built analysis authorizations in BI
• Troubleshoot analysis authorizations related problems using RSECADMIN.
• Analyzed and classified SAP Users for SAP licensing issue using USMM and SU01.
• Assist in implementing GRC (replacing existing Approva Biz rights).
• Implemented Solution manager and Friori.
• Involved in PMO updating Project status and Coordinated Change management process ( OCM)
• Knowledge on IDM administration 7.x and IDM for provisioning.
• Gathered requirements and setup custom Rules set.
• Configured Access Risk Analysis.
• Maintained risks and critical access rules and generating Access Rules.
• Created FF ids, Owners, Controllers as per the defined strategy.
• Created custom risk id’s & functions as per the business needs.
• Assignment of controllers and owners to FF ids

Confidential, Naperville IL

SAP Security Lead Consultant

Responsibilities:

• Worked and managed various projects independently and Lead SAP Security Administration.
• Worked and managed various projects independently and Lead SAP Security Administration
• Extensively interacted with the business groups for gathering business requirements to build roles adhering to SAP best practices and SOD rules
• Interacted with various business groups to put in place proper process and Access controls
• Prepared role matrices, process and control documentation
• Performed Technical testing, FUT, Regression and User Acceptance testing (UAT)
• Implement projects across all SAP landscapes.
• Put in place processes and controls for Security
• Involved in Cutover activities and Production go-lives
• Worked on independent projects
• Interacted extensively with the business leads to understand the business requirements and build security as per their requirements.
• Worked with the business team to prepare and maintain role matrices and user mapping matrices
• Worked with Automatic profile generator (PFCG) in creating single roles, composite roles and derived roles
• Followed key security standards such as maintaining check indicators in SU24 for authorization objects and Transaction codes, putting proper controls in place for securing programs and tables.
• Recommended and enforced the usage of authority check statement for custom programs.
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, S DEVELOP for debug access and etc.
• Recommended and implemented values for profile parameters for controlling password rules, logon rules, established monitoring process for inactive users unsuccessful logons.
• Created, maintained, and released Transport request
• Troubleshoot Authorization Errors using Transaction Code SU53 and ST01
• Communicated with Business Process Owner’s to obtain approvals for security changes
• Created CATT Script and ECATT Script for mass activities such as creating users, assigning roles to users, assigning user groups to users for SAP Licensing Issue using Transaction Code SCAT and SECATT
• Worked with table authorizations and created new table authorization groups in SE54 to protect tables
• Restricted access to SE16/SM30 by creating table specific custom transaction codes to the table using SE93.
• Assigned authorization groups to custom ABAP program using the program RSCSAUTH and RSABAUTH to update the table TPGP with authorization groups
• Prepared system for Go-Live and supported users after Go-Live
• Analyzed and classified SAP Users for SAP Licensing issue using USMM and SU01
• Worked for production support and day-to-day basis work
• Implemented Line Authorizations on transaction codes like OB52 to restrict access to specific records
• Performed User master maintenance through Central User Administration (CUA).
• Maintained check indicators for authorization objects in Transaction SU24
• Maintained and created Roles for HR security
• Interacted with HR Consultants in creation of Org Structure as part of implementing HR Security
• Created and assigned roles to Positions
• Worked with multiple HR objects while building position based roles.
• Implemented security for HR module at Personnel Area, Info type levels, Employee Group etc level
• Integrated Logon names and Personal Numbers and Positions for all HR Organizational management and HR Personal Administration
• Setup BW security for user roles (query users, administrative users and data extraction users)
• Created Custom Reporting Authorization Objects using transaction RSSM.
• Setup security at the InfoObject level (field-level security).
• Created roles restricting access to Infocubes, ODS objects, specific queries and workbooks.
• Troubleshoot authorizations related problems using RSSMTRACE, ST01
• Extensively worked on Compliance Calibrator to identify, analyze and resolve all SOD and Audit Issues, simulate the role and assign the role to the user using PFCG
• Assisted Internal Auditors in framing new Rules for combination of new Tcodes in ECC 5.0.
• Worked with Internal Auditors in creation of User and Role Mitigations and uploaded them.
• Configured and Used Role Expert for creating and role modifying roles
• Configured and used FireFighter
• Extensively worked on Firefighter (4.0) (/n/VIRSA/VFAT) Giving emergency access to the required critical tcodes through Firefighter (4.0).
• Defining Firefighter ID Owner, assigning FF ID Owners to the Firefighter ID.
• Assigning Firefighter ID Controller to the Firefighter ID.
• Assigning the Firefighter to the Firefighter ID’s
• Extensively involved in reviewing the Firefighter emergency access and Firefighter Logs.
• Worked with the Business Experts in placing Mitigations for Conflicting and Critical Tcodes.
• Extensively interacted and Coordinated with business teams, Internal controls teams to ensure users gets required access
• Designed and prepared role matrices for security and business use.
• Created roles for CRM Middleware developer & administrator access, CRM cross application component access etc.
• Built roles to restrict creation, changing and deletion of Business Transactions like Leads, opportunities, Activities and Quotations using the authorization objects CRM ACT, CRM LEAD, CRM OPP, etc.
• Implemented Business Partner Security using the authorization Objects B BUPA RLT, B BUPR BZT, B BUPR FDG etc
• Restricted roles on business transaction types using object CRM ORD LP
• Performed trouble shooting using ST01 and Transaction SAAB
• Created Business Roles, assigned roles to the Positions.
• Interacted with Portals configurators and developers in implementing Portals security for HR ESS and MSS
• Migrated SAP backend roles into Portals
• Worked on creating and transporting roles for ESS and MSS
• Created project member roles for system administration, content administration etc.
• Created transport packages to move roles from development portals to other systems in the landscape
• Set permissions on folders
• Performed user administration activities such creating user ids, copying user ids, assigning roles, assigning groups etc.
• Created mass user ids using the export and import method
• Created groups and assigned roles and user id to groups.