We provide IT Staff Augmentation Services!

Sap Security And Grc Consultant Resume



  • Having 6 years of experience in SAP Security Administration and GRC consultant, worked on various SAP Modules such as SD, MM, PP, FI/CO, eWM, TM, CRM, PI, HR and BI. Expertise on various aspects of software development, Implementation, Design, Validation, Project Coordination, Client Interaction, Troubleshooting, and Debugging.
  • Experience in creating Roles and Profiles for ERP, CRM, eWM, TM, HR, BI, SCM, PI, PO, and HR systems.
  • Extensive experience with Automatic Profile Generator (PFCG), User Administration, Central User Administration (CUA), Authorization object maintenance, Problem analysis and troubleshooting, SAP GUI & CATT and ECATT Scripts, transporting roles, HR Security, Auditing, Segregation of Duties (SOD) and Sarbanes - Oxley Compliance etc.
  • Experience in SAP GRC Access Control, Risk Analysis and Remediation
  • Implemented SAP GRC User Provisioning, Access Request Management and Business Role Management.
  • Involved in Troubleshooting of Security related issues and root cause determination.
  • Designed authorizations to protect custom reports, tables and transactions.
  • Experienced in work with Internal and External Auditors and in auditing and monitoring.
  • Experience with using Audit Information Systems (AIS) logs (SM19, SM20 and SM18).
  • Experience in setup of BI security for user roles (query users, administrative users and power users) and including info object level security.
  • Experienced in Strategizing and implementation of SAP Security model, processes and procedures, defining various Role Matrices and designing templates.
  • Experienced extensively in creating and modifying Single, Composite, Master and Derived roles.
  • Administration in assigning the Automatic Profile Generator and Authorization object maintenance.
  • Strategizing and Implementation experience in Central User Administration (CUA) in both single and multi-system landscapes.
  • Experience in implementing Line Authorizations and troubleshooting of authorizations
  • Strong experience in implementing and working with HR Security including Structural Authorizations and Position Based Security (PBS).
  • Problem fixing in assign of Authorization Groups, User Groups and User Administration.
  • Experience with helpdesk, resolving ticket issues and troubleshooting support problems using Service-Now and Lotus Notes Applications.
  • Experience in both Implementation and Production Support Projects.
  • Experience in support and maintenance projects, work includes handling tickets using Service Now tool and taking the necessary steps for resolution.


Confidential, OH

SAP Security and GRC Consultant


  • Involved in gathering end user requirements and implement SAP ECC 6.0 security authorizations.
  • Build SAP roles and define jobs by coordinating with functional project team members.
  • Work with business owners to define the authorizations needed for users.
  • Set-up SAP authorization profiles and roles that represent the different end users job definitions.
  • Use SU02 to examine authorizations in existing roles to identify improper authorizations and correct them.
  • Worked on critical authorization Objects like S TABU DIS, S DEVELOP, S RZL ADM, S ADMI FCD and S TRANSPRT.
  • Worked on SU24 to maintain Check Indicators for the Transaction Codes.
  • Resolved daily SAP Security issues.
  • Performed user administration activities such as creating, deleting, renaming, locking and unlocking users, and resetting passwords, maintaining logon data and assigning roles to the users.
  • Maintain various role matrices for roles, authorization objects to keep track of the modifications made the roles.
  • Maintenance of User Master Record & Support End Users with Security issues.
  • Restrict open authorizations to sensitive Transaction codes.
  • Perform UNIT testing on created roles.
  • Effectively analyzed trace files and tracked missed authorizations for user’s access problems and inserted missing authorizations manually.
  • Used SU24 to maintain Check Indicator Defaults and Field values, reduced the scope of Authorization checks.
  • Extensively used SU53 and ST01 for analyzing the authorization errors
  • Review of MSMP set up and making required corrections
  • Role development and Roles creation.
  • Creation of new users and Fast Track users and adding roles
  • Resolving help tickets related to GRC security
  • Defining and assigning Role Approvers, Monitors, Risk ID owners.
  • Run Risk Analysis for role Assignment to identify SOD conflicts
  • Identify existing SOD violation and Risk Remediation
  • Creation of firefighter IDs, Controllers and Fire fighters
  • Assigning Firefighters and controllers to Firefighter Ids.
  • End User Training

Environment: SAP EHP 7 for ERP 6.0, GRC 11, PO 7.5, HP UNIX, Oracle 10g, Java, NWDS, RFC, BAPI, ABAP/4, SAP SD, MM, PP, HR, FI/CO, eWM modules.

Confidential, NJ

SAP Security Consultant


  • Created and generated roles and Profiles.
  • Involved in creating Master and Derived roles Concepts in eWM module.
  • Designed security Roles for the Extended warehouse management rollout
  • Unit tested all the roles and fixed the issues in the roles
  • Worked on SU10 to perform mass operations.
  • Analyze and troubleshoot security issues using SU53, ST01 and SUIM
  • Worked closely with Audit team for SAP Security Audit and generated Audit Information Systems (AIS) logs (SM19,SM20 and SM18)
  • Managed and maintained USOBT C and USOBX C tables by using SU24 /SU25
  • Create and maintained custom transactions by using SE93.
  • Performed user administration activities such as creating, deleting, renaming, locking and unlocking users, and resetting passwords, maintaining logon data and assigning roles to the users.
  • Created User Groups by using transaction code SUGR.
  • Fix the bugs related to roles and authorizations in order to build security in R/3
  • Experience in Transport Authorization and provided production support for roles.
  • Managing Standard and Custom Authorization Object.
  • Transport Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape.
  • Transported the generated roles and profiles using SCC1 and SE09/SE10.
  • Migrated BI 3.5 authorization to in BI 750 using RSECADMIN and RSEC MIGRATION tools
  • Built Analysis Authorizations using the transaction RSECADMIN
  • Assigned the Analysis Authorizations to the role using the object S RS AUTH.
  • Setup security at the Info objects level (field-level security).
  • Created Custom Reporting Authorization Objects using transactionRSSM.
  • Linked the Custom Authorization Object to the Info provider
  • Created roles restricting access toInfo cubes,ODS objects, specificqueriesandworkbooks.
  • Assigned the Analysis Authorizations to the role using the object S RS AUTH.
  • Troubleshoot authorizations related problems using RSECADMIN
  • Implemented Position Based Security by assigning Roles to Positions.
  • Assigned users and roles to positions using both PFCG and PPOM OLD
  • Worked on Authorization Objects P ORGIN, P ABAP, P PERNR, P ORGXX etc
  • Implemented Structural Authorizations by Evaluation path method in the Org Structure.
  • Maintained Employee Master Data using transaction codes PA30, PA40
  • Developed enterprise structure to fit company needs including personnel area, personnel sub-area, employee group and employee sub-group..
  • Assigned structural profiles to users using the program RHPROFL0
  • Experience on NWBC and fixing Security related issues.
  • Setup and maintained Organizational Structure including Organizational Units, Jobs, Positions, Cost Center assignments etc.

Environment: SAP EHP for ERP 6.0, eWM 9.3, BI 7.5, PO 7.5, SCM, and HCM modules.

Confidential, OH

SAP Security Admin and GRC Consultant


  • Involved in creating Single and Composite Roles.
  • Created Master and Deriver Roles.
  • Supported in SAP ECC 6.0, APO, SRM and CRM, and HCM modules
  • Troubleshooting of user access issues(tracing). Effectively analyzed system trace (ST01) and User Authorization data (SU53) and tracked missing authorizations for user access problems and inserted missing authorizations manually.
  • Provided SOD and Role matrices templates to the Business owners.
  • Interacted with the Role owners and the team lead for maintaining the correct restrictions on the Transaction codes and the activities within the Transaction codes.
  • Maintained User Master Records including Address information, user groups, validity periods etc.
  • Created ECATT scripts for creating mass users, deleting mass users, assigning roles to users, locking and unlocking mass users etc. in a CUA system, also used SU10 for other mass user related tasks.
  • Analyzed and understand existing SAP security environment and design, business requirements to upgrade from SAP R/3 4.7 to ECC 6.0.
  • Extensively used Automatic Profile Generator (PFCG) to create and maintain Parent and Child/Derived roles and to Upload and Download of roles.
  • Transporting the change requests from the Development environment to Testing/QA environments.
  • Created custom transaction Codes for restricting access to custom tables, views and programs.
  • Created transaction variants for SE16 and SM30.
  • Created Authorization groups and assigned Tables and Programs to the groups.
  • Implemented Line Authorizations to restrict records and transaction codes using the critical Authorization Object S TABU LIN.
  • Worked on critical authorization Objects like S TABU DIS, S DEVELOP, S RZL ADM, S ADMI FCD and S TRANSPRT.
  • Worked on SU24 to maintain Check Indicators for the Transaction Codes.
  • Supporting Auditing.
  • Worked extensively on User Information System (SUIM) for audit purposes
  • Supporting system downtime and maintenance activities
  • Resolving help tickets related to security
  • GRC Implementation and Rollout
  • Implemented Access Risk Analysis and Remediation
  • Extensively worked on Access Control
  • Performed remediation and mitigation against various risks associated with roles and users.
  • Under Risk Analysis and Remediation, performed User & Role analysis to identify existing SoD violations
  • Maintenance of workflow for access requests, Firefighter log review.
  • Assigning firefighter Id to users.
  • Created Reports and Analysis.
  • Monitoring Risk Management and assessment reporting
  • Created and uploaded Ruleset, roles and profiles
  • Performed Auditing and Monitoring and followed SOX controls
  • Created Actions and Functions.
  • Troubleshooting Security issues.

Environment: SAP ECC 6.0, GRC 10, PI 7.0, SCM, and HCM modules.

Hire Now