SUMMARY

• 8+ Years of extensive experience in SAP Security including Implementation, Production support, Post Go - live support, Role remediation, SAP GRC configuration, SCM 5.0 role design.
• Worked as a team lead for a support project as well as Executor for Security audit team.
• Worked on SM7 ticketing tool (Incidents, Change and Tasks).
• Handled security for various modules: BI, CRM, FI,ECC,SPM, CO, MM, SD, and MDM
• Worked on SECATT, SCAT scripts for mass user and authorizations maintenance.
• Central User Administration (CUA) experience to create users, assign roles, and maintenance.
• Excellent knowledge of SOX, Audit issues and Segregation of Duties (SoD) issues.
• Involved in GRC configuration for RAR and SPM. Designed custom Rule sets as per the requirement.
• Identified risks, created Business Processes, Functions and Risks in GRC system, performed risk analysis and mitigation.
• Expertise in SAP GRC access controls 5.3 support (Risk Analysis and Remediation (RAR) and remediation of SoD violations through detailed analysis, recommendations and Super user Privilege Management (SPM).
• Configured and Implemented GRC Access Control Suite 5.3 and working knowledge in Approval.
• GRC implementation; automation; upgrade experience with GRC RAR, CUP, ERM, SPM and SAP CUA (Central User Administration) integration with SAP GRC 5.3 and GRC 10.0 production support.
• Experienced in rating the controls/systems as part of Security Audit Self-Assessment.
• Re-performed the Management testing for INVESTRAN, MAXIMIS and PRS applications.
• Very good knowledge in Microsoft Excel, Macros, Word, Access and PowerPoint.
• Experience in implementing security in BW including info object level security
• Developed tools related to SAP Security where User Administration and Role Administration has been performed 70% faster than the manual process.
• Created backend roles in BI for Portals and implemented / mapped them in the portal for CRM upgrade project.
• Designed both Info Object level security and cube level security for various functional groups to access reports and data in BW
• Managed roles and privileges for SAP NetWeaver IDM across the landscape.
• Integrated Identity Manager, UME and corporate LDAP and Basic HR configuration.
• Validated ECC/BI critical Objects and transaction pre Go-Live
• Extensive expertise in the areas of audit, SAP IDM, SOX, BW/BI Security, Portal Security, ECC/R/3 Security, CRM Security, and upgrade projects.
• Developed Job role matrix for access request/provisioning through IDM
• Supporting users with required roles to be requested from IDM.
• Post provisioning of IDM requests.
• Configuration and support of GRC 10 for EAM, ARA and ARM

TECHNICAL SKILLS

ERP Packages: SAP R/3- 4.7EE, ECC 5.0 and ECC 6.0, SCM 5.0, MDM, BI 7.0

ERP Applications: SAP 4.6C, WAS 6.x/7.0, ABAP, Enterprise / ECC, SD/MM, FI/CO, HR, CRM and BW3.5, Solution Manager.

Security Tools: SAP GRC / Virsa (4.0, 5.3, 10.0) (Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter, Access Control and Process Control), SAP User Management Engine / CUA), SAP Solution Manager 4.0 & AIS

PROFESSIONAL EXPERIENCE

Confidential, Louisville, KY

Sr. SAP Security Consultant

Responsibilities:

• Automated creation and population of new Roles and users for a Rollout
• Worked closely with IDM team and performed role reconciliation to synchronize SAP with IDM system
• Creation and testing of customized transaction codes (Z codes) by working closely with all functional teams.
• Trouble shoot authorization errors usingtrace analysis.
• Role remediation based on the SOD analysis and Risk analysis.
• Modified Rule set by analyzing the Risks and false positives.
• Performed Usage analysis in VIRSA for critical transaction codes.
• Involved in massive role re-design from the identified risks with Business process.

Confidential, Alpharetta, GA

Executor & Security Lead

Responsibilities:

• Lead for four member’s team of ICS/Audit activities.
• Single point of contact for ICS/Audit activities for Health Care
• Responsible for Health Care ICS/Audit execution includes Weekly/monthly/quarterly and Annual controls.
• Review B&C type users & Emergency User
• Check deactivated users
• Password & Security Parameters verification
• Review users details and process according to requirements
• Review Initial and Reset Passwords
• Periodic Review of User Access Rights, Terminations and Transfers
• Review physically deleted users and process according to requirements
• Review users having standard SAP roles / profiles and process according to requirements users with authorization to (un)lock / reset passwords for critical user groups and process according to requirements
• Perform owner's review of limited allowed critical IT access and process according to requirements
• Review IT related SoD combinations and process according to requirements
• Review business related SoD combinations assigned to IT users and process according to requirements
• Review table logging
• Quality review of roles
• Created System Administrator, Security, and developer roles in BI 7.0
• BI reporting issues including setup and landscape connectivity
• Review users with non-allowed critical IT access and process according to requirements
• User administration & Role administration
• SM7 request/incident/task processing
• Through knowledge of SOX compliance and best practices in SOD remediation. Streamlined the User Access Request process by clearly defining the appropriate access for each functional team
• Extensively worked with Sarbanes-Oxley Compliance Strategy management related to SAP business processes
• Schedule BG jobs for SoD risk analysis
• Run SoD reports for users based on GRC ARM requests
• Apply mitigation controls for users with SoD conflicts
• Design & manage MSMP ARM work flows
• Processing ofGRC 10Access Requests
• Assigning FFID’s to users in GRC 10 and extracting log reports in Emergency Access Management module

Confidential, Pittsburg, PA

Sr. SAP GRC Consultant

Responsibilities:

• Understanding the existing organizational ERP security policies and procedures.
• Configured and Implemented GRC Access Control Suite
• Implemented GRC’s Role Expert and performed a security redesign based on the CC facilitated Internal Controls Framework.
• Function mapping for the custom risks.
• Enabled regulated Super user access control via GRC’s Firefighter.
• Analysis of Custom risks and standard functions.
• Analysis of the appropriateness of the Transactions (functions) within the custom risks.
• Utilized trace (ST01) results to identify the expected authorization values and incorporated them into the security roles after the upgrade.
• Created users and roles in MDM repositories and restricted based on Functions and tables.
• Performed security checklist after the client copy.
• GRC SPM and RAR unit testing
• Performed a mapping of the portal roles with the backend system.
• Designed the SAP security architecture for the Finance transformation project and discussed with various functional teams to design the security for overall SAP.
• Handled security for Business Objects (BO).

Confidential - Charlotte, NC

Sr. SAP Security Consultant

Responsibilities:

• Understanding the existing organizational ERP security policies and procedures.
• Analyzed the roles and tracked the possible issues with the role & profile naming convention, Tcode assignment via SU24, master roles with org level assignment, duplicate roles and roles without profiles.
• Created derived roles for FI and SD modules in ECC.
• Created roles in BI system.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles
• Designed both Info Object level security and cube level security for various functional groups to access reports and data in BW
• Created roles in SRM system.
• Performed role remediation includes deletion of obsolete roles and restriction of display only access to the display roles.
• Analyzed and resolved the tracked issues (ex: Tcode assignment via SU24).
• Restricted roles at Company code level.
• Maintained users in CRM landscape and applied the best practices in CRM security administration.
• Maintained users in CRM landscape and applied the best practices in CRM security administration.
• Created Standard Operating Procedures reflecting the approval flow and policies for User Access management, Role Management and Transport management.

Confidential - Milwaukee, WI

Team Member

Responsibilities:

• Role design for Demand planning and supply network planning (SCM).
• Built roles for Demand planning and supply network planning
• Created unit test cases and updated the unit test results.
• BI 7.0 Upgrade for custom objects securing profit center nodes restricted via hierarchy
• Migrated SU02 profiles to BI 7.0 RSECADMIN authorizations with SAP RSEC MIGRATION tool.
• Automated creation and population of new security Roles with BI7.0 RSECADMIN authorizations, assign users by Creating eCATT scripts
• Create Functional and, Basis, Security Developer, Technical Team roles in BI system
• Maintained security for BW power users and gave them authorizations for their new queries.
• Extensively used Automatic Profile Generator (PFCG) for Role/Profile creation and modification, User Administration, Authorization Objects, BW Administration workbench.
• Managed roles, privileges, and Single Sign on (SSO) for SAP NetWeaver IDM across the landscape.
• Setup and Maintained users in CUA with connection to customer's Sun IDM LDAP through SAP function module RS LDAPSYNC.

Confidential, Peoria, IL

SAP GRC & Security Consultant

Responsibilities:

• Run the risk analysis reports at role (single & composite) and user level as per the business processes
• Formatting the report structure and summarize the analysis
• Performed detailed analysis of the reports and provide recommendations on remediating the SoD violations and mitigation as required
• Performed rule set review for accuracy
• Addressed TTTS tickets assigned to the Security Support team to ensure that the team achieves a minimum SLA of 90%.
• Roles were grouped into bundles to decrease the risk count.
• Analyzed the usage analysis and provided below solutions to reduce the violation count
• Unused Transaction codes to be removed
• Transaction used rarely used to be removed
• Roles not used by users to be removed