SUMMARY

• Confidential has 12 years of experience in SAP Security and Governance risk and control (GRC) administration, configuration, management.
• Strong noledge of multi system landscape architecture and integration aspects between heterogeneous system technologies R/3 ECC (HR/ HCM, FI, SD, PS, MM, PP, WM), BW, BI, EP, CRM, GRC, MDG SAP Net weaver Gateway, HANA, S/4HANA BI/BOBJ, Bank Analyzer
• Proven track record in designing and delivering complex SAP Security architecture solutions for global organizations.
• Maintaining SAP security policies and documentation, experienced wif project management both for classic waterfall and agile delivery in a hybrid environment, administrative tasks related to HANA and S/4 HANA Security
• Conducting workshops wif Key Stakeholders, IT Leadership, and Business to organize workshops to get the exact security requirements dat need to be built from an end user access perspective.
• Organizing workshops wif Compliance & Process Team, Change Management, and the Technical and functional team members to define custom security solutions across the landscape while establishing SOX and Segregation of Duties by revamping the existing set of internal controls.
• Worked on Building custom Security solutions on systems like Business Planning Consolidation (BPC10.0), Business Objects 4.2 (setting up access levels and group and folder level security for Bank Analyzer 9.0, Gateway Systems (SAP Fiori UI5) and finally setting up user and access administration across HANA DB.
• Instrumental in setting up Transport mechanism (LCM) across the HANA database, setting up SSO between HANA DB and BOBJ systems, setting up audit logs and setting up promotion management to transport the BOBJ reports.
• Creating custom roles, object privileges, package privileges, application privileges and analytic privileges for the business users to get restricted access on Data.
• Setting up user access and profiles across Fiori systems to get the application views in the Launchpad.
• Analyzing and troubleshooting authorization issues at HANA DB level by using the Trace and the HANA context viewer.
• Experience in SAP GRC design and implementation, administration of the SAP GRC 5.3, 10.X in AC: ARA, EAM, ARM, BRM and security concepts such as SOD, SOX
• Hands - on experience in configuring MSMP Workflows, BRF+ functions, Rule sets etc. in SAP GRC 10.1, 12
• Delivering SAP Security using ASAP Implementation Methodologies, Agile methodologies, prepared and executed various phases of Implementation me.e., Project Preparation, Business Blueprint, Implementation, Final Preparation and Go-live & Support.

TECHNICAL SKILLS

Technologies: SAP R/3 BW, CRM, SRM, EP, BI, BOBJ, HANA, /S4 HANA FIM, BPC, BFC, ICS, SRM, Bank Analyzer, BPC, Solution manger, GRC

Ticketing tools: HPQC, Remedy, HP ALM (defect manger) Service now

PROFESSIONAL EXPERIENCE

Confidential, Houston, TX

Sr. SAP Security Consultant

Environment: S/4 HANA 1909, MDG, Fiori, HANA, BI, GRC

Responsibilities:

• Green field implementation of SAP HANA 1909, MDG
• Design and building SAP security roles for master data governance (MDG ) and PLM
• Design and building of roles in SAP S/4 HANA front end Fiori and backend
• Experience wif roles design for portal
• Worked on lift and shift and shift of roles.
• Worked in end-to-end Role design - including rule set definition to be set up GRC customer facing, working wif the customer, conducting meetings and workshops
• Designing roles for Fiori apps by adding Catalogs and Groups to S/4 HANA roles.
• Activating services for the Fiori apps in /IWFND/MAINT SERVICE.
• Documenting and implementing cut-over tasks for the S/4 HANA go-live.
• Troubleshooting and identifying the missing OData Services and authorization issues in /IWFND/ERROR LOG and notifying the Basis and Fiori configuration team to activate them
• Designed Restricting and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges
• Setting Up of Project Workspace for creating Design Time Role, Web based IDE (Graphical) Creating Design Time Roles (HANA STUDIO - Script Based)
• Implemented Best practice to organize catalog/schema and content so dat It can be managed wif minimal security impact
• Trouble shooting SAP HANA security related issues.

Confidential, Houston, TX

Sr. SAP Security Consultant

Environment: S/4 HANA, Fiori, BI 7.5, BOBJ, BPC, GRC 12.0, HANA.

Responsibilities:

• Worked wif business teams, Project teams for on S/4 HANA System analysis, design, development/configuration of new/modify existing Security Roles for the SAP Functional areas in SAP S/4 HANA SD, P2P, EWM, HVC, OTC, RFNO, Fiori (Mid-steam)
• SAP security role design tasks creating transaction and authorization object level control, single parent and derived roles, task roles and enabler roles.
• Worked on fiori roles, worked on catalog roles, groups, business data access authorizations.
• Worked on Governance risk and compliance (GRC 12.0) green field implementation for Access control: ARA, BRM, EAM, ARM
• Worked on EAM- Setting of firefighter ids, owners, firefighter id controllers.
• Worked in newer SAP Application such as HANA, S4, Fiori, GRC Risk Management, Audit Management.
• Assisting user and project team member in SIT and various UAT phases
• Worked on GRC Segregation of Duties (SOD) concept. Generating User and role level SOD report
• Worked on Remediating existing SODs risks, on Segregation of duties (SOD) audit reports handling.
• Maintained and document all existing GRC client documentation & built new material as required.
• Interacting, attending workshops wif the Business, Control Owners, technical teams and Auditors in analyzing the current risks and applying the new SAP ruleset recommendations.
• Securing Fiori APPS based on the roles, Catalogs, target mapping in S/4 HANA.
• Maintenance of HCM related roles, HR trigger requests
• Implemented Fiori apps for SAP GRC 12.
• Worked in a in a multi-vendor environment.
• Worked on System cutover activities, month end activities.

Confidential, The woodlands TX

Sr. SAP Security Consultant

Environment: ECC, CRM, GTS, BI, HANA, Fiori, GTS, PO, CRM, MDM, GRC, EP. Power BI, Vendavo, Success factors, Cyber Ark

Responsibilities:

• Worked on System analysis, design, development/configuration of new/modify existing Security Roles for the SAP Functional Areas in SD, FI, PTP, WM/IM, CRM, MDM, GTS, Fiori
• Worked on User access control, Maintenance of segregation of duties, worked on the Retrofit process for parallel systems, Support and Project environment.
• Identifying SOD risk, Worked on Enterprise business role changes.
• Assisted users in UAT / Integration testing process, setting up service accounts, maintain RFC system accounts.
• Worked on Central user administration (CUA) related issues.
• Worked on previous security compliance-related items such as managing the implementation of SAP missing security notes, SAP Patch Day.
• Worked on SAP Support tickets, on call, P1 issues.
• GRC component, Risk Analysis, SOD checks, Emergency Access Management (EAM), maintaining Id based firefighters, User Access Review (UAR), Business Role Management (BRM)
• Worked on custom Initiator/Agent rules, Paths etc. and configured MSMP workflows and BRF+ Application.
• Setting up vendavo related user accounts and access.
• Worked wif the internal and external audit teams, extracting audit reports, audit logs, access request approvals audit reviews.
• Worked on Month end and system cutover activities.

Confidential, Austin TX

Sr. SAP Security Consultant

Environment: ECC, SCM, IS retail, CRM, GTS, BI, HANA,, GTS, PO, CRM, MDM, GRC, Ariba

Responsibilities:

• Worked on System analysis, design, development configuration of new, modify existing Security Roles for the SAP Functional Areas in ECC R/3, HANA, SCM,WM CRM, MDG, OTC, Ariba
• Worked on User access control, Maintenance of segregation of duties, Worked on System upgrades, SU25, Worked on the Retrofit process for parallel systems, Support and Project environment.
• Worked on single roles, enabler roles, BI Analysis authorizations Identifying SOD risk, Worked on Enterprise business role changes, assisting users in UAT / Integration testing process, setting up service accounts, maintain RFC system accounts, maintaining of custom authorization objects.
• Handled Change Management control and validated the work done by team members at onsite and Offshore Worked on previous security compliance-related items such as managing the implementation of SAP missing security notes, SAP Patch day, andOnapsisOSP, Securing RFC connections
• Worked on SAP Support tickets, on call, P1 issues. Investigating and identifying problems and user requirements, providing root cause analysis for critical issues.
• Worked wif the internal and external audit teams, extracting audit reports, audit logs, access request approvals audit reviews.

Confidential, Butte, MT

SAP Enterprise Security Consultant

Environment: S/4 HANA enterprise Cloud (HEC) 1609, 1709, BOBJ 4.2, BPC, solution manager, PO, MDG HCM, Success factors

Responsibilities:

• Conducted workshops and involved in user story collection.
• Worked on S/4 HANA Fiori over all security architecture and Design for, Real estate (REFX), Plant Maintenance, casino, P2P, FI and treasury. MDG
• Worked on S/4 HANA Fiori Apps creation, groups, securing various S/4 HANA Apps, front end server (FES), business roles, back end server roles (BES).
• Worked on Securing S/4 HANA fiori custom Apps, custom tables and objects.
• Worked on identifying sensitive and critical transactions and securing data.
• Involved in identifying and SOD conflicts.
• Implemented firefighter access control process.
• Worked on SAP BI, Business objects 4.2 Security design for various reports like regulatory, sales reports, employee reports.
• Involved in implementing S/4 HANA Security audit policy, Creation of HCM roles, securing HCM objects and infotypes and worked wif developers in implementing HCM faction modules.
• Used Agile Scrum project implementation methodology and sprint cycle, using existing database identify a list of Catalog roles to be converted to Repository roles.
• Performed assessment of existing BI/BW analysis authorization and Info Provider restrictions and recommend solution for HANA view dat will align wif the existing BW access restriction.
• Implemented HANA Database security for Business users using HANA analytic privileges in the new BI/BW on HANA Database, and will replicate the reporting/data security structure currently followed in BI for analysis authorizations. configuration and settings adjustment dat are not covered under the SAP assessment document.
• Assisted in defining password policies, setting up audit logging, adjusting SAP parameters based on industry leading practices and implementing SAP Early Watch recommendations.

Confidential, San Jose, CA

Sr. SAP Security Consultant

Environment: ECC R/3, BI/BOBJ4.2, HANA SPS11, Bank Analyzer, HCMNetWeaver Gateway, UI5, Fiori Apps, GRC 10.1, Solman, Live compare tool

Responsibilities:

• Worked wif Confidential business teams conducting meetings, Workshops and gathering requirements for SAP Security design for Confidential Finance and Information Transformation Program (PFIT)
• Converting functional spec to technical spec. implementing SAP security modules using the classical water fall models and agile methodology.
• SAP Security in all stages of Project Development from Blueprint Feasibility Analysis to Technical Design to Realization/Development to Go Live Support and business User Training.
• Designing and implementing security for SAP HANA2, BI7.4, Business objects 4.2, Bank Analyzer 9.0 and GRC 10.1
• Designed Restricting and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users, Integration of BOBJ Security wif fiori HANA and HANA DB Security Roles, Implemented US, Canada, HCM Payroll reporting projects in SAP HANA and business objects.
• Designing and developing Universes supporting multiple levels of hierarchies for drill down and drill access reports. Worked on HCM roles, securing HR infotypes, worked on HR dynamic analytical privileges.
• Provided training and support to Business Objects and Webi reports users throughout the organization. Creation of user groups, maintaining access levels, folders, in BO CMC, user
• Maintained for BOBJ developers, support admins power users, end users, transporting jobs / objects using Promotion Management tool.
• SAP HANA User Management and Import/Export of Delivery Units/HANA Artifacts
• Defined Security Architecture, Authentication Authorization, Single Sign on, Encryption, Audit Logging etc. in the customer system landscape.
• Setting Up of Project Workspace for creating Design Time Role, Web based IDE (Graphical) Creating Design Time Roles (HANA STUDIO - Script Based)
• Importing templates for Design Time Roles Delivery Unit
• Implemented Best practice to organize catalog/schema and content so dat It can be managed wif minimal security impact.
• Implemented Security to access Fiori from SFDC, R Server, Tableau, Hadoop, McKesson, Connect, SAP BOetc.
• Implemented BW Security setup wif respect to HANA Studio BW Modeling Perspective
• HANA Security trace tools/logs if any in case of missing privileges
• Configuring validation of Solman, SAP Patch day and creation of roles in SAP Bank Analyzer
• Collaborating wif Audit team and business professionals for SOX compliance
• Creating of roles, Analysis authorizations using (RSECADMIN) tool in SAP BI
• Implementing SAP security best practices and standards
• Worked wif ETL team, providing access to ETL system ids, troubleshooting access related issues during data transfer and migration to HANA HDB
• Enabled HANA audit policy whenever required and analyzing the audit reports regarding changes made on schemas/view/tables etc.
• Worked wif the testing cycle phases SIT/performance /UAT testing phases, preparing test cases.
• Worked wif the Live compare tool in checking roles, authorization objects, obsolete transactions
• Checking the obsolete authorization objects and clean up process using the live compare tool

Confidential

Technical Lead

Environment: ECC R/3, HR, BI, BOBJ, HANA, SRM, MDG, HCM Solution Manager

Responsibilities:

• Worked as technical lead for a large implementation and post go live support involving ERP ECC, SAP BW/ BI, BO SRM, CRM, MDM, MDG, HCM Roles & Authorizations, HCM objects, HR infotypes, HR / HCM structural profile assignment.
• PD profile assignment to the users.
• Securing HCM Authorization objects, custom transactions, tables. Worked on HR HCM structural profiles.
• Worked on role Enhancements, maintenance of authorizations and work bench requests (Su24 Changes)
• Performed transports and mass transports of roles and CATT scripts for mass user creation.
• Find out missing authorizations using SU53 report and trouble shooting.
• Setting up SAP audit logging and performed periodic review of logged activity.
• Designed and Created roles for Master data Governance MDG systems
• Perform annual SAP licensing administration and liaising wif SAP Basis Support
• Initiated Re-design and related strategy for audit issues and preparing RCIS documents.
• Leveraged SOX tools like GRC 5.3, GRC 1.0 access control and SAP Customer Activity Repository
• Validation of GRC access control and Risk reports on bi-weekly and monthly
• Assisted in Annual and Quarterly ICS security validations, performing segregation of duties (SOD), Critical Action (CA), Critical permission (CP), analysis and remediation.
• Strong SAP Implementation and Administration experience wif Governance Risk and Compliance (GRC) Access Controls for SAP applications (ARM, ARA, SPM and BRM)
• Worked on SAP GRC ARA rule setup, SOD risk remediation/mitigation.
• Setup Firefighter Owners & Controllers, Firefighter Ids for Emergency Access Management (EAM)
• Involved in SOD Assessment and Remediation Process and Role maintenance in Sun IDM dashboard
• Preparation of estimates for role build activities and testing.
• Mapping of users to user groups, roles to users in SAP Enterprise portal systems
• User authentications maintain User groups, access levels, custom access levels, access to folders and user’s creation in CMC.
• Migration of report objects, folders, groups, connections, using promotion management across landscape.
• Designed Restrict and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users.

Confidential

Consultant

Environment: ECC R/3, BI/BOBJ, CRM, SRM, GTS, GRC, BPC GRC 5.3, GRC 10.0, FIM, HCM

Responsibilities:

• Designed role matrix across system landscape.
• Created SOD matrix
• Performed SOD Conflict Analysis
• Organizational level authorization fields and derived role design and maintenance
• Designed and created roles to restrict user's access by Info Areas, Info Cubes, Queries and Workbooks.
• Worked on hierarchy authorizations and assigned to nodes using RSECADMIN.
• Created development / reporting roles using analysis authorizations concept.
• Creating and assigning analysis authorization to users in BW, BI/BOBJ
• User groups, and user’s creation in CMC
• Migration of report objects using promotion management across landscape.
• Assigning groups to users and setting up alias in BO 3.1 and BO 4.0
• Developed front end folder level security in SAP Business objects by creating user groups/access levels in BOBJ CMC. Created custom groups/ Created modified access levels in BOBJ
• Authentication of users in BOBJ, ICS, BI4 and FIM environment
• Creating of data access groups, filters in application
• Analyzing and solving access related issues to reporting users like power users, end users and developers in BOBJ, BI4.
• Resolved authorization issues related defects in BI, BOJ, BPC, FIM BI4 and FIM applications

Confidential

Consultant

Environment: ECC R/3, CRM, SRM, GTS 10.0, BPC GRC 5.3, GRC 10.0

Responsibilities:

• Analyzed and creation of role matrix for GTS 10.0.
• Designing and creation of Single, Master and Derived Roles
• Object level maintenance in SU24
• Extensively used Su53 and ST01 Transactions in Trouble Shooting Authorization Check and Interface Checks, custom transaction
• Performed transports and mass transports of roles and Used CATT scripts for mass user creation.
• Re-designed role as per the compliance check
• Worked on GRC GTS access control process.
• Assisted users in testing phases like UAT and SIT.
• Used traces and display authorization checks reports for resolving the end user problems during UAT phases.
• Coordinated wif super users and users on testing unit test cases.
• Simulated User based; Role based background jobs in RAR Tool to Identify Any SOD issues.
• Prepared process documentation identified process control owners and reduced the gap.
• Migrated SOD ruleset from other system to GRC.

Confidential

Consultant

Environment: ECC R/3, BW, SRM, HCM, EP, MDM

Responsibilities:

• Worked on SAP HR Security, SRM, EP, CRM Security
• Worked on HCM Security - Employee Self Service (ESS), Manager Self Service (MSS).
• Coordinating wif SAP Functional and Development teams to arrive at sound SAP security solutions.
• Extensively worked on Custom Tables, Classes, Authorization Objects and Programs as per business requirements
• Troubleshooting authorization issues and use of program/tables in HR application.
• Worked on controlling various SAP HCM authorization objects, infotypes and subtypes
• Worked on user's structural profile issues.
• Assign roles to position wif transaction PO13 and Run RHPROFL0, when required.
• Good understanding of Structural authorization issues
• Worked on SRM and CRM role changes.
• Worked on (Portal) Enterprise role / group related issues.
• SAP BW role changes, reporting roles, controlling various BI authorization objects, Analysis authorizations.
• Worked on cutover and month end activities.

Confidential

SAP Security consultant

Environment: SAP ECC R/3, Solution Manger, BW, CRM, MDM, EP

Responsibilities:

• Role matrix design analysis/creation, User Access control, Extensive User of SUIM and PFCG
• Roles redesign as per new Virsa Patch level and reduced conflicts.
• Carried out testing of roles assisted testing team in UAT phases.
• Sarbanes - Oxley (SOX) Implementation, Roles and authorizations re-implementation using Virsa tool. Role simulation, Mitigation controls etc.…using Risk assessment tool /VIRSA/ZVRAT.
• Trouble shooting and end user issues, extensive use of SU53 and ST01.
• Continuous interaction wif client and end users
• Worked on Transport Management System and updating all the activities in DMS.
• Scheduling and monitoring hourly, daily, monthly background Jobs
• Including Satellite systems in SOLMAN and Generating "RFC connections" & assigning the logical system to them
• Maintain SAP security policies and documentation.
• Applied Latest Virsa patches for SOX compliance.
• Started & stopped the servers during critical Server related activities.
• Monitoring Inbound & Outbound queues on daily basis

Confidential

SAP BASIS Consultant

Environment: SAP ECC R/3, Solution Manger, BW, CRM, MDM, EP

Responsibilities:

• Performed daily and weekly system Health Check Report.
• Solving End-user issues, SAP OSS notes application, Role provisioning for users
• Background job Maintenance.System performance monitoring
• Worked on recommendations based on Early watch alerts.
• Worked on printer related issues.
• Role creation and role modifications
• Worked on Enterprise portal role group changes.
• Performed the transports across the landscape using STMS & TP.
• Performed SAP extension, add-ons, and dispute management installation.
• Provide day-to-day operation support on systems problem and end users problem.
• Performed Online and offline backups.Performed database reorganization. data base table space administration