PROFESSIONAL SUMMARY:

• Over 8+ years of experience in SAP Security and Authorizations with strong understanding of Information Security Practices.
• Well experienced with multiple SAP Security Lifecycles (Analysis, Conception, Implementation, Upgrade, Quality Assurance, Support, Redesign & Cutover)
• Extensive experience in all aspects of SAP Security Administration - Including up gradation and various SAP R/3 versions 6.0/5.0, R/3 4.7E/4.7/4.6C/4.6B,SAP BW 3.5, BI 7.0 Net weaver 2004s, Enterprise Portal 7.0/6.4/6.0, Solution manager 7.0 and SAP Net Weaver Identity Management.
• Worked on 3 Full life cycle implementation of SAP Security projects from design phase to Post implementation phase in SAP Security domain.
• Expertise in designing Security roles and evaluating Security profile parameters.
• Expertise in ECC, CRM, SCM and BI security modules.
• Experience with SAP Application Security development and administration R/3 environment for the following modules: FI, CO, MM, PP, SD. Exposure of CRM business process, enterprise portal.
• Created the roles, authorizations, and administered User Master Data as per the Client SAP Controls & SOP (Standard Operating Procedures) documentation as required by the Audit.
• Expert in using LSMW & SECATT Scripts for mass user provisioning, deprovisioning and administration etc.
• Expert in creating documentation for all the procedures/process and training manuals. So that they can be used as reference for any new team member or to train an end user as needed.
• Extensive experience with Automatic Profile Generator (PFCG), User Administration, Central User Administration (CUA), Authorization object maintenance, Problem analysis and trouble shooting, transporting roles, HR Security, Auditing, Segregation of Duties (SOD) and Sarbanes-Oxley Compliance etc.
• Good understanding of GRC concepts and Architecture.
• Set enterprise wide Business Modeling standards to capture Business requirements.
• Introduced Business Process Modeling Notation standards and practices.
• Involved with teams of application and data architects to develop core patterns and practices.
• Held key roles in planning and execution of several clients on- boarding and conversion projects.
• Assignments include Technical and Business evaluations, conversion audits, project planning management, and business process integration.
• Working knowledge in analyzing and processing SOD and SOX issues within SAP implementation using GRC 5.3 and GRC 10.0 access control tools such as Fire fighter, Compliance Calibrator and Access Enforcer for Sarbanes-Oxley section (SOX) compliance.
• Expert in role design according to Sarbanes-Oxley (SOX) compliance - strategy management related to SAP business processes, transactions, control infrastructure.
• Work with the functional and development teams for role development and strategy.
• Strong understanding of Authorization Concept and working with Developers in setting up required Authority Check for Custom Tables, Reports and Custom transactions.
• Proficiency in the use ofSAPSecurityAdministration Tools, Reporting Tools, and other means to compliment and maintainsecuritydesigns (transports, keysecurity profile parameters, etc.)
• Strong interpersonal and communication skills (oral and written skills), unparalleled work ethic, strong attention to detail and good team player.

TECHNICAL SKILLS:

ERP: SAP ECC 6.0/5.0, SAP R/3 4.7E/4.7, GRC AC 5.3 &10.0, Netweaver 2004s, Enterprise Portal 7.0/6.4/6.0,BI 7.0.

Specialization: GRC 10.0, Security (ECC, BW, BI), CUA, Profile Generator, User Maintenance Authorization, knowledge of functional modules.

Operating Systems: Windows 8/8.1, Windows 7/Vista/XP/2000/98

Data Base: DB2, MS SQL, MS Access.

Languages: C, C++, Visual Basic and HTML.

Tools: MS Office (Word, Excel, Power point), SECATT.

WORK EXPERIENCE:

Confidential, Atlanta, GA

SAP Security/GRC Consultant

Environment: Net weaver 2004s, ECC6.0, BI7.0, GRC 10.0 and Enterprise Portal 7.0

Responsibilities:

• Responsible for all aspects of SAP ECC Security Administration tasks including coordinating and interacting with business, technical and functional consultants for gathering SAP Security requirements, Design/develop role,User Administration, transport roles/authorization, Testing, setup security system parameters, generating analysis reports, trouble shoot authorization errors and create/maintain SAP Security process documents for SAP systems.
• Ensure role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/control teams.
• Analyze all customer programs and transaction codes for authority checks.
• Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24).
• Responsible for developing roles, Composite Roles and derived roles using the Profile Generator (PFCG).
• Ensure segregation of duties (SOD) exists in the SAP systems.
• Troubleshoot existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets, put users in appropriate groups and resolve any issues in production system.
• Using System trace to record authorization checks in different sessions.
• Periodically analyze user master records and develop strategies to reduce any risks to the business from an authorization perspective.
• Involved with creation and maintenance of activity groups and custom authorization objects.
• Worked on Upgradation from R/3 4.6c to ECC 6.0 and BW 3.5 to BI 7.0 including post updates steps, assessment of authorizations and redesign.
• GRC Security - Design, develop and Activation of Rule Sets.
• Perform Role and User Level SOD analysis for sensitive access.
• Create/Maintenance and documentation of Mitigation Control.
• Setting up Risk Analysis and mitigation.
• To identify the risks involved in the users access with the help of Compliance Calibrator and then minimizing those risks with the help of mitigation control document.
• Daily monitoring of GRC systems which includes monitoring of Batch jobs, System logs and Application logs etc.
• Troubleshoot any issues relating to Firefighters or IDs.
• Perform Firefighter ID Provisioning Tasks.
• Monitor SAP GRC systems and troubleshoot the issues and report to the management on a timely basis.
• BW Security - Implemented Info object level BW Security and created BW security authorizations using RSMM transaction.
• Developed administrative and monitoring process for BW authorizations.
• Experience with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
• Used RSECADMIN in BI for creating, maintaining and assigning of Analysis authorizations.
• Assist users with access problems and questions using SUIM and SU53.
• Review and act on daily monitoring/change reports.
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.
• Involved in Transportation of roles.
• Developed and provide knowledge transfer to client personnel on security authorization concept and security design/implementation.
• Assisted Sarbanes Oxley Compliance - SAP System Audit and documentation of significant Processes and controls.
• Continuously develop problem solving skills and utilize critical thinking process to provide permanent solutions for repetitive problems.
• Provided knowledge transfer (KT) and training to off-shore and on-site resources for the entire security design/development and maintenance process.

Confidential, Bridgewater, NJ

SAP Security/GRC Consultant

Environment: ECC 6.0, BI 7.0, GRC 10.0

Responsibilities:

• Designing, writing and implementing security related standard procedures for the user administration, roles and profile generation.
• Created single role, composite role and derived role as per organizational structure in both R/3 and BW/BI systems using PFCG.
• Set up security roles and user accounts for over 1000 End Users for primary Go Live.
• User maintenance on day-to-day basis and role maintenance on requirement basis.
• Creating and maintaining the user IDs in CUA.
• Identify Segregation of Duty conflicts and propose recommendations that lead to implementation of mitigating controls and elimination of risks.
• Performed change control reviews to be SOX compliant on a weekly basis (Auditing Information System and Project Management Internal Control)
• Trouble shooting - Identifying the missing authorizations using SU53 transaction/ST01 trace and maintaining them in suitable role and SU56 in order to find security problem.
• Trouble shooting performance issues & adjustment of SAP profiles.
• Raised role change requests in Solution manager system.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security.
• Transport the generated roles and profiles using SAP transport management system and handled normal and mass generation of roles.
• Perform unit testing, positive and negative testing on user accounts to ensure the appropriate access levels on created roles.
• Analyze user related information including roles and profiles, by utilizing transaction SUIM.
• GRC Security - Trained on SAP GRC Access Control (5.3/10.0) - Risk Analysis and Remediation (Compliance Calibrator), Compliant User Provisioning (Access Enforcer), Super user Privilege Management (Fire Fighter), Enterprise Role Management (Role Expert)
• Perform control and Risk Owner modification Tasks.
• Creation and Modifications of Risks, Rules, Functions and Mitigating Controls.
• Interact with management to discuss and explain issues affecting users.
• BW Security -Extensively used RSECADMIN in BI security to build analysis authorizations.
• Assigned the Analysis Authorizations access to users using the authorization object S RS AUTH.
• Worked with the Authorization checks by assigning Authorization groups to Programs (RSCSAUTH).
• Perform License cleanup activities in over 30 systems and has a deep knowledge on License administration in SAP.
• Run security reports for critical transactions and objects for users who never logged on, worked with functional team leads to define the new transactions.

Confidential, Exton, PA

SAP Security Administrator

Environment: SAP ECC 6.0 and BI 7.0

Responsibilities:

• Interacted extensively with the business leads to understand the business requirements and build security as per their requirements.
• Worked with the business team to prepare and maintain role matrices and user mapping matrices.
• Communicated with Business Process Owner’s to obtain approvals for security changes.
• Worked with Automatic Profile Generator (PFCG) in creating Single roles, Composite Roles and Derived Roles.
• Followed key security standards such as maintaining check indicators in SU24 for authorization objects and Transaction codes, putting proper controls in place for securing programs and tables.
• Recommended and enforced the usage of Authority Check statement for custom programs.
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, and S DEVELOP for debug access and etc.
• Implemented values for profile parameters for controlling password rules, logon rules, established monitoring process for inactive users and unsuccessful logons.
• Troubleshoot Authorization Errors using Transaction Code SU53 and ST01.
• Created ECATT Script for mass activities such as creating users, assigning roles to users, assigning user groups to users.
• Worked with table authorizations and created new Table Authorization Groups in SE54 to protect tables.
• Restricted access to SE16/SM30 by creating table specific custom transaction codes to the table using SE93.
• Made the info objects and characteristics authorization relevant as needed using RSD1.
• BW Security - Worked on SAP BI 7.0 Portal and Enterprise Portal user management.
• Experience with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
• Extensively used RSECADMIN tool to build Analysis Authorizations.
• Assigned the Analysis Authorizations access to users using the authorization object S RS AUTH.
• Resolved issues related to authorization objects using t-code RSSM.

Confidential, Chicago, IL

SAP Security Administrator

Environment: SAP ECC 6.0 and BI 7.0

Responsibilities:

• Participated in requirement gathering, assessment, design and configuration for SAP security.
• Interacted with the functional teams in the process of creation of Role Matrices for all the modules.
• Created roles for various modules such as SD, MM, FI-CO and PP using Profile Generator (PFCG).
• Troubleshoot security/authorization related problems using user information system and Display Authorization Data.
• Experience in CUA administration and maintenance.
• Performed transports and mass transports of roles.
• Perform reconciliation of user master record and roles using PFUD and SUPC.
• Worked on SAP check indicator defaults and field values, reduced the scope of authorization checks using SU24 and maintained check indicators for Transaction codes.
• Involved with technical team in setting up SAP system for auto log-out, password length and expiration and specifying impermissible passwords.
• Responsible for creating, maintaining and deleting SAP ID’s and security permissions.
• BW Security - Designed Security for BW objects including Queries, Workbooks, Info Areas, Info cubes and Info objects & Worked extensively with hierarchies and workbooks.
• Involved with creation and maintenance of activity groups and custom authorization objects.
• Implemented Info object level BW security and created BW security Authorizations using RSSM transaction.
• Designing and documenting security administration policies and procedure for the production environment.

Confidential, Denver, CO

SAP Security Consultant

Environment: SAP4.7, BW, CRM 4.0

Responsibilities:

• User Account / Profiles Management, Creation, Modification and deletion of the user as per the process defined.
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Implemented security changes based on SOX Act requirements.
• Coordinated and managed monitoring, compliance and reporting activities for SOX.
• Redesigned roles for SOX compliance.
• Building the Roles using the transaction codes and implementing these roles for the client organizational levels, creating derived roles and authorization profiles for the various plants located at different geographical locations in Development system.
• Transporting these Roles and derived Roles to Quality Assurance System (QAS) and initiating the testing process of these roles by assigning the intended Roles to test users, monitoring and troubleshooting the authorization failures during testing.
• After ensuring the intended functionality of these Roles, transporting these objects to Production system (PRD) and assigning to users during implementation.
• To provide production support to end users functional and technical users.
• BW Security - Maintenance of BW roles and Authorization issues.
• Administered Info Objects through the BW Administrator Workbench and created roles and authorizations profiles based on the relevant custom report authorization objects.
• Involved with creation and maintenance of activity groups and custom authorization objects.
• Register developer keys and provide authority for OSS logins.
• Extensively worked under SOD and assisted all team members in their security issues.
• Locking and unlocking users and maintaining their profiles (SM01).
• Worked on Portal groups and roles and modified existing roles to integrate with the new Portal system.

Confidential, Commack, NY

SAP Security Consultant

Environment: ECC 5.0, BW 3.5, BI 7.0, Enterprise Portal 7.0, SRM

Responsibilities:

• Responsible for all aspects of SAP Security Administration tasks - Coordinating and interacting with business, technical and functional consultants for gathering SAP.
• Security requirements, SAP security design, role development, Custom authorization, security system validation, User Administration, Testing, Transports and troubleshoot.
• Designed, Developed and maintained Single roles, Composite roles, Master and derived roles for SAP Modules HR/HCM, ESS/MSS, FICO, SD, MM, WM, PP,BI 7.0,BW 3.5 E-Buyer/SRM/EBP, APO and Enterprise Portal 7.0 for SAP Global (68 Countries) implementation.
• Used SAP Security transactions - PFCG, SU01, SU10, SU24, SU21, PFUD, SUPC, SUIM, SU53, SU56, ST01, SE54, STMS, SCC1, SE09/SE10, RZ10, SM18, SM19, SM20,SE16, SM30... etc.
• Used Enterprise Portal 7.0, User Management Engine (UME) Administration for setting up portal users & user groups, Assigned roles/user group to the users, Lock/Unlock.
• User Mapping in Portal Systems.
• Troubleshoot user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error.

Confidential, Sparks, MD

SAP Security Analyst

Environment: SAP R/3 4.0

Responsibilities:

• Worked on creating and updating Roles as per the Basis team requirements and authority (FI, MM, PP and SD).
• Setup Profile Generator to create authorization profiles (PFCG).
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Mass transported roles from Development to Production System (PFCG).
• Monitored logged in users in the system and checked unauthorized logins (SM04).
• Analyzed user’s outputs and corrected security deficiencies (SU53 & SU56).
• Locked all the critical transactions (SM01).
• Unlock users and reset passwords for the data team members.
• Coordinated in completing the SAP security audit requirements checklist.
• Worked on documenting roles in roles database and update database history of roles.

Confidential

SAP Security Analyst

Environment: R/3 4.6C, BW3.5

Responsibilities:

• Created roles by using Profile Generator and assigned them to users and organizational units (PFCG).
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Created profiles to effectively restrict user access to specific business areas.
• Resolving Securities Issues using SU02, SU03 and User Management.
• Used transactions such as SUIM, SU53 to troubleshoot problems.
• Mass transported roles from Development to Production System (PFCG).
• Analyzed user’s outputs and corrected security deficiencies (SU53 & SU56).
• Locked all the critical transactions (SM01).
• Unlock users and reset passwords for the data team members.
• Coordinated in completing the SAP security audit requirements checklist.
• Worked on documenting roles in roles database and update database history of roles.