OBJECTIVE:

To work in a competitive and challenging work environment to contribute to the best of my ability, and fully utilize my inter - personal skills and potential to pursue a challenging and rewarding career.

PROFESSIONAL SUMMARY:

• SAP Security architect with 7 year's industry experience designing, configuring and architecting security solutions for the entire SAP suite (R/3, ECC, Solman, HANA and GRC application). Highly detail and process oriented along with good documentation and project planning skills. Experienced in delivering and meeting SAP security design to comply with Sarbanes-Oxley control requirements.
• Extensive experience inRequirement gathering,Design,Development, andMaintenance ofSAP applications security. Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across the entireSAP landscape.
• Extensively worked on customized tools for Mass user updates, Mass composite role creation/ modifications/Role imports in GRC, Mass role updates with respective Organizational values and Mass role deletions. GRC support experience with GRC ARA, ARM, EAM, BRM and SAP CUA (Central User Administration) integration with SAP GRC.
• Ability to work effectively in cross-functional team environments and experience of providing training to business users. Proven ability to work on multiple tasks concurrently completing them with in time and budget. Proven ability to work effectively in a team environment.
• Enabling new features of GRC 10.1 by doing necessary configuration
• Build a connection in between all Back-end systems and GRC system by setting up connectors, Connector groups and maintaining target connectors information’s in each group.
• Created and Maintained Various Risks and Functions based upon the requirement comes from the business.
• Develop SoD rules based on audit findings and recommend best practices to client.
• Determine cause and find solution to a variety of GRC issues in Access Risk Analysis and Emergency Access Management.
• Created various Mitigation controls as per the audit requirements.
• Performed Emergency Access Management configuration in GRC AC system like setting up FF user id’s, FF owners and FF controllers.
• Enabling Centralized/ Decentralized EAM.
• Scheduled Firefighter log synchronization jobs for pulling the Firefighter log.
• Assigning FIREFIGHTER ID to FIREFIGHTER ID owners, assigning FIREFIGHTER ID to Controllers by using FF tool.
• Analyzing SOD conflicts, t-codes assignment to roles and roles assignment to users.
• Role imports manually into GRC and Mapping critical levels to roles
• Excellent knowledge of SOX, Audit issues and Segregation of Duties (SoD) issues.
• Under Risk Analysis and Remediation, performed User & Role analysis to identify existing SoD violations.Risk.
• Using ARA produced Analytical Reports on User, User Groups, Roles and Profiles.
• Performed remediation and mitigation against various risks associated with roles and users.
• ARA has Simulation features to allow you to assess the impact of potential remediation activities on the reported conflicts prior to making the actual change.
• Configured User Data source and defined authentication system for requestors using ARM.
• Strong capability in using ARM to use the workflow functionality to ensure a comprehensive and compliant change management process for risk control and maintenance.
• Performed risk analysis at User level and Role level and to mitigate risks for the users using Risk Analysis and Remediation.
• Successfully created various custom notification templates to meet the business requirements.
• Successfully Integrated LDAP with GRC Access Control system
• Successfully configured User Access Reviews (UAR) for assessing the user’s access in all production environments.
• Performed role maintenance using auto provisioning by Business Role Management (BRM)
• Experience in using ARM to configure workflow for User Access Review and User SoD Review.
• Supported business and IT segregation of duties analysis and maintained coordination with business and IT stakeholders around user role definition and security design.
• Performed SAP Security related task such as Role development using Profile Generator, Activating-setting up Profile generator and upgrading, Corrections and transports.
• Implemented and performed multiple IT compliance and security controls in the space of user access administration, segregation of duties, and change & release management.
• Created new ECC Derived roles based upon the company codes as part of the Japan and Nordic regions releases.
• Hands-on strong experience with working on profiles, authorizations and objects for access management and authorization control.
• Worked on SU10 to perform mass operations.
• Expertise in resolving Authorization issues by analyzing Authorization Checks.
• Troubleshooting user access through authorization error analysis (SU53, SU56) and Trace (ST01).
• Work with Functional, BASIS, and Network teams to troubleshoot complex access problems
• Monitor and maintain user ID through User Information System (SUIM) -Monthly audit reports.
• Worked closely with Audit team for SAP Security Audit and generated Audit Information Systems (AIS) logs (SM19, SM20 and SM18)
• Implemented Security Audit Logging for detailed event logging (SM19 and SM21)
• Experienced and strong with Security Audits, SOX Section 404 compliance and Audit Information System. Used SAP audit transactions and configured audit and reporting through SM18, SM19 & SM20.
• Proficient in working with the tables USR*, AGR* and USH*.
• Performed user administration activities such as creating, deleting, renaming, locking and unlocking users, and resetting passwords, maintaining logon data and assigning roles to the users.
• Created User Groups by using transaction code SUGR.
• Experience in Transport Authorization and provided production support for roles.
• Managing Standard and Custom Authorization Object.
• Transport Roles using the change request method and the Download/Upload method for transporting the roles to systems not in the transport landscape.
• Extensive interaction with Business Organization Managers to understand User and Role Mitigations and Critical Transactions.
• Designed various forms and templates for new user requests, roles, modifications, change management process etc.
• Transported Roles Using SE10/SE01
• Worked on SU24 to maintain Check Indicators for the Transaction Codes.
• Created and maintained Authorization Groups for Tables and Reports and assigned them accordingly.
• Check Roles for Missing Objects, Maintained the display changed transaction codes using SU25.
• Supported the Testing Team according to request.
• Setting up SAP system for auto log-out, password length and expiration and specifying impermissible passwords.
• Provided Production support in SAP Security related daily activities related to user authorization issues and user account administration
• Maintained Authorization objects using the transaction SU24.
• Transported the generated roles and profiles using SAP transport management system.
• Worked with security related tables such as AGR TCODES, AGR USERS and AGR DEFINE etc.
• SAP role remediation as per the audit compliance and business requirements.
• Create Users.
• Create a Role and Privileges.
• Assign Roles and Privileges.
• Delete a User.
• Deactivate/Activate Users.
• User password reset.
• HANA Repository roles to be changed only in Development environment and moved to Quality and Production landscapes with the help of Transport Requests via Lifecycle Management (HALM).
• Follow right package/sub-package structure for production and non-production roles.
• HANA users & security roles provisioning to be done via GRC business roles leveraging SAP GRC access request.
• Enable Audit logs for ids.
• Prepared HANA Security design document (SUD) with Client’s role naming convention standards.
• Designed and Build HANA Business, Non-Business roles and Analytical privileges in HANA Studio.
• Set up UAT test users to test out HANA security roles.
• Fiori Tile Designer.
• Create technical catalog & technical Groups.
• Create Target Mapping for each Tiles.
• Updated catalog, Groups & ODATA services into roles frontend (Fiori).
• Troubleshooting Fiori Launchpad issues.
• Used Profile generator PFCG for creating roles,
• Performed user administration activities such as creating user ids, copying user ids, assigning roles, assigning groups etc.
• Created groups and assigned roles to groups.
• Experience setting up users and security onEnterprise Portaland creating users/user groups throughUMEfor SAP NetWeaver.
• Creating of S-User IDs.
• Maintaining OSS Connections for SAP.
• Maintaining Secure Area with SAPSUPPORT User credentials.

SAP TECHNICAL SKILLS:

SAP GRC AC (EAM, BRM, ARA, UAR)

SAP Role Redesign

SAP Audit Support

SAP HANA DB

SAP Service Market place administration

PROFESSIONAL EXPERIENCE:

Confidential

SAP GRC Security consultant

Responsibilities:

• User administration (creating, maintaining, deleting user accounts and assigning roles).
• Comprehensive use of Profile Generator to create and modify roles as part of Role Administration.
• Move the Role and transaction changes to other systems using Solman.
• Analyze and troubleshoot security issues using SU53, ST01 and SUIM
• As a part of audit support, developed SUIM queries, and controls to check for critical authorisations.
• Generate audit information system logs using SM19, SM20, and SM21. knowledge of SOX, Audit issues and Segregation of Duties (SoD) issues
• Worked on ticketing tool ServiceNow for incident management and HPALM for defect management.
• Worked on post Implementation support of GRC Access Control Suite 10.0.
• Created connectors, maintain configuration settings and integration scenario settings in GRC system to integrate with backend plugin ECC system
• As a part of EAM, created Fire fighter ID’s, Owners, and controllers, extract various fire fighter logs.
• Created Reason codes for different backend systems as a part of firefighting process.
• Under ARA, performed User & Role analysis to identify existing SoD violations.
• Using ARA produced Analytical Reports on User, User Groups, Roles and Profiles.
• Performed remediation and mitigation against various risks associated with roles and users.
• Reviewed and remediated any security risks with roles and assignment of roles, segregation of duties, any potential Audit concerns.
• Building demos of GRC 10.1 for demoing it to the customers. Performed user administration activities such as creating user ids, copying user ids, assigning roles, assigning groups etc at portal level.
• Created groups and assigned roles to groups at portal level

Confidential

SAP GRC Security Consultant

Responsibilities:

• User administration and role administration as a part of project and regular run and maintenance.
• Troubleshoot security/authorization related problems using user information system (SUIM) and SU53
• Mass user maintenance and user group creation.
• Worked with Audit team for SAP Security Audit and generated Audit Information Systems (AIS) logs
• Worked with security related tables such as AGR* and usr* etc.
• Updating transactions via SU24 (managing authorization objects).
• Provide super user privileges to the firefighter users.
• Firefighter/ Owner/ Controller management in Emergency access management.
• Generate Reports and Analytics in GRC for User, Role, Risk statistics and firefighter logs.
• Risk analysis at user and role level.