We provide IT Staff Augmentation Services!

Sr. Sap Security Consultant Resume

Louisville, KY


  • 8+ Years of extensive experience in SAP Security including Implementation, Production support, Post Go - live support, Role remediation, SAP GRC configuration, SCM 5.0 role design.
  • Worked as a team lead for a support project as well as Executor for Security audit team.
  • Worked on SM7 ticketing tool (Incidents, Change and Tasks).
  • Handled security for various modules: BI, CRM, FI,ECC,SPM, CO, MM, SD, and MDM
  • Worked on SECATT, SCAT scripts for mass user and authorizations maintenance.
  • Central User Administration (CUA) experience to create users, assign roles, and maintenance.
  • Excellent knowledge of SOX, Audit issues and Segregation of Duties (SoD) issues.
  • Involved in GRC configuration for RAR and SPM. Designed custom Rule sets as per the requirement.
  • Identified risks, created Business Processes, Functions and Risks in GRC system, performed risk analysis and mitigation.
  • Expertise in SAP GRC access controls 5.3 support (Risk Analysis and Remediation (RAR) and remediation of SoD violations through detailed analysis, recommendations and Super user Privilege Management (SPM).
  • Configured and Implemented GRC Access Control Suite 5.3 and working knowledge in Approval.
  • GRC implementation; automation; upgrade experience with GRC RAR, CUP, ERM, SPM and SAP CUA (Central User Administration) integration with SAP GRC 5.3 and GRC 10.0 production support.
  • Experienced in rating the controls/systems as part of Security Audit Self-Assessment.
  • Re-performed the Management testing for INVESTRAN, MAXIMIS and PRS applications.
  • Very good knowledge in Microsoft Excel, Macros, Word, Access and PowerPoint.
  • Experience in implementing security in BW including info object level security
  • Developed tools related to SAP Security where User Administration and Role Administration has been performed 70% faster than the manual process.
  • Created backend roles in BI for Portals and implemented / mapped them in the portal for CRM upgrade project.
  • Designed both Info Object level security and cube level security for various functional groups to access reports and data in BW
  • Managed roles and privileges for SAP NetWeaver IDM across the landscape.
  • Integrated Identity Manager, UME and corporate LDAP and Basic HR configuration.
  • Validated ECC/BI critical Objects and transaction pre Go-Live
  • Extensive expertise in the areas of audit, SAP IDM, SOX, BW/BI Security, Portal Security, ECC/R/3 Security, CRM Security, and upgrade projects.
  • Developed Job role matrix for access request/provisioning through IDM
  • Supporting users with required roles to be requested from IDM.
  • Post provisioning of IDM requests.
  • Configuration and support of GRC 10 for EAM, ARA and ARM


ERP Packages: SAP R/3- 4.7EE, ECC 5.0 and ECC 6.0, SCM 5.0, MDM, BI 7.0

ERP Applications: SAP 4.6C, WAS 6.x/7.0, ABAP, Enterprise / ECC, SD/MM, FI/CO, HR, CRM and BW3.5, Solution Manager.

Security Tools: SAP GRC / Virsa (4.0, 5.3, 10.0) (Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter, Access Control and Process Control), SAP User Management Engine / CUA), SAP Solution Manager 4.0 & AIS


Confidential, Louisville, KY

Sr. SAP Security Consultant


  • Automated creation and population of new Roles and users for a Rollout
  • Worked closely with IDM team and performed role reconciliation to synchronize SAP with IDM system
  • Creation and testing of customized transaction codes (Z codes) by working closely with all functional teams.
  • Trouble shoot authorization errors usingtrace analysis.
  • Role remediation based on the SOD analysis and Risk analysis.
  • Modified Rule set by analyzing the Risks and false positives.
  • Performed Usage analysis in VIRSA for critical transaction codes.
  • Involved in massive role re-design from the identified risks with Business process.

Confidential, Alpharetta, GA

Executor & Security Lead


  • Lead for four member’s team of ICS/Audit activities.
  • Single point of contact for ICS/Audit activities for Health Care
  • Responsible for Health Care ICS/Audit execution includes Weekly/monthly/quarterly and Annual controls.
  • Review B&C type users & Emergency User
  • Check deactivated users
  • Password & Security Parameters verification
  • Review users details and process according to requirements
  • Review Initial and Reset Passwords
  • Periodic Review of User Access Rights, Terminations and Transfers
  • Review physically deleted users and process according to requirements
  • Review users having standard SAP roles / profiles and process according to requirements users with authorization to (un)lock / reset passwords for critical user groups and process according to requirements
  • Perform owner's review of limited allowed critical IT access and process according to requirements
  • Review IT related SoD combinations and process according to requirements
  • Review business related SoD combinations assigned to IT users and process according to requirements
  • Review table logging
  • Quality review of roles
  • Created System Administrator, Security, and developer roles in BI 7.0
  • BI reporting issues including setup and landscape connectivity
  • Review users with non-allowed critical IT access and process according to requirements
  • User administration & Role administration
  • SM7 request/incident/task processing
  • Through knowledge of SOX compliance and best practices in SOD remediation. Streamlined the User Access Request process by clearly defining the appropriate access for each functional team
  • Extensively worked with Sarbanes-Oxley Compliance Strategy management related to SAP business processes
  • Schedule BG jobs for SoD risk analysis
  • Run SoD reports for users based on GRC ARM requests
  • Apply mitigation controls for users with SoD conflicts
  • Design & manage MSMP ARM work flows
  • Processing ofGRC 10Access Requests
  • Assigning FFID’s to users in GRC 10 and extracting log reports in Emergency Access Management module

Confidential, Pittsburg, PA

Sr. SAP GRC Consultant


  • Understanding the existing organizational ERP security policies and procedures.
  • Configured and Implemented GRC Access Control Suite
  • Implemented GRC’s Role Expert and performed a security redesign based on the CC facilitated Internal Controls Framework.
  • Function mapping for the custom risks.
  • Enabled regulated Super user access control via GRC’s Firefighter.
  • Analysis of Custom risks and standard functions.
  • Analysis of the appropriateness of the Transactions (functions) within the custom risks.
  • Utilized trace (ST01) results to identify the expected authorization values and incorporated them into the security roles after the upgrade.
  • Created users and roles in MDM repositories and restricted based on Functions and tables.
  • Performed security checklist after the client copy.
  • GRC SPM and RAR unit testing
  • Performed a mapping of the portal roles with the backend system.
  • Designed the SAP security architecture for the Finance transformation project and discussed with various functional teams to design the security for overall SAP.
  • Handled security for Business Objects (BO).

Confidential - Charlotte, NC

Sr. SAP Security Consultant


  • Understanding the existing organizational ERP security policies and procedures.
  • Analyzed the roles and tracked the possible issues with the role & profile naming convention, Tcode assignment via SU24, master roles with org level assignment, duplicate roles and roles without profiles.
  • Created derived roles for FI and SD modules in ECC.
  • Created roles in BI system.
  • Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles
  • Designed both Info Object level security and cube level security for various functional groups to access reports and data in BW
  • Created roles in SRM system.
  • Performed role remediation includes deletion of obsolete roles and restriction of display only access to the display roles.
  • Analyzed and resolved the tracked issues (ex: Tcode assignment via SU24).
  • Restricted roles at Company code level.
  • Maintained users in CRM landscape and applied the best practices in CRM security administration.
  • Maintained users in CRM landscape and applied the best practices in CRM security administration.
  • Created Standard Operating Procedures reflecting the approval flow and policies for User Access management, Role Management and Transport management.

Confidential - Milwaukee, WI

Team Member


  • Role design for Demand planning and supply network planning (SCM).
  • Built roles for Demand planning and supply network planning
  • Created unit test cases and updated the unit test results.
  • BI 7.0 Upgrade for custom objects securing profit center nodes restricted via hierarchy
  • Migrated SU02 profiles to BI 7.0 RSECADMIN authorizations with SAP RSEC MIGRATION tool.
  • Automated creation and population of new security Roles with BI7.0 RSECADMIN authorizations, assign users by Creating eCATT scripts
  • Create Functional and, Basis, Security Developer, Technical Team roles in BI system
  • Maintained security for BW power users and gave them authorizations for their new queries.
  • Extensively used Automatic Profile Generator (PFCG) for Role/Profile creation and modification, User Administration, Authorization Objects, BW Administration workbench.
  • Managed roles, privileges, and Single Sign on (SSO) for SAP NetWeaver IDM across the landscape.
  • Setup and Maintained users in CUA with connection to customer's Sun IDM LDAP through SAP function module RS LDAPSYNC.

Confidential, Peoria, IL

SAP GRC & Security Consultant


  • Run the risk analysis reports at role (single & composite) and user level as per the business processes
  • Formatting the report structure and summarize the analysis
  • Performed detailed analysis of the reports and provide recommendations on remediating the SoD violations and mitigation as required
  • Performed rule set review for accuracy
  • Addressed TTTS tickets assigned to the Security Support team to ensure that the team achieves a minimum SLA of 90%.
  • Roles were grouped into bundles to decrease the risk count.
  • Analyzed the usage analysis and provided below solutions to reduce the violation count
  • Unused Transaction codes to be removed
  • Transaction used rarely used to be removed
  • Roles not used by users to be removed

Hire Now