Sap S/4 Hana Security Consultant Resume
3.00/5 (Submit Your Rating)
SUMMARY
- Goal - oriented and self-motivated IT professional with 4+ years of experience with application security (SAP ECC, S/4 HANA and GRC AC) and IT Audit compliance knowledge.
- Tremendous analytical, communication and project management skills which can be used to save any business from non compliance penalties and provide an effective structure that can be used to maintain the integrity of the business.
- Tremendous critical thinking skills and can explain security/risk related concepts to non technical and technical users.
- Great team player and can solve all kind of problems efficaciously.
- Ability to work under pressure and perform multiple tasks simultaneously.
- Ability to rapidly learn and adapt to new technology.
TECHNICAL SKILLS
- SAP R3 ECC 6.0/5.0/4.7
- BRF+
- Solution Manager
- BW
- STMS and EWM
- SAP S4 HANA/FIORI
- GRC AC 10.0 10.1 12.0
- MYSQL and Oracle Database
- Java Programming Language
- Microsoft Office Suite
- Regulations: SOX
- HIPPA
- PII
- FISMA
PROFESSIONAL EXPERIENCE
Confidential
SAP S/4 HANA Security Consultant
Responsibilities:
- Working with business leads and process owners, technical and functional SMEs, Internal Audit and Security Admins in order to gather and manage SAP security requirements.
- Managing projects using Agile and scrum methodologies.
- Creating Fiori Catalog’s using Fiori Launch pad.
- Configuring single sign on for SAP Hana.
- Creating repository roles and analytical privileges and assigning them to users using SAP Hana database.
- Creating functional and technical design documents after collecting the security requirements and ensuring role building follows the business (risks and controls requirement) set forth by the internal control teams.
- Creating and managing supply chain units and extended warehouse management units in sap.
- Assigning supply chain units to extended warehouse management units using transaction code /scwm/lgnbp.
- Obtaining approvals from managers before designing custom SAP roles, performing unit and integration testing.
- Transporting custom roles using transport requests to approved landscapes for user acceptance testing.
- Creating and updating roles (Single/Composite/Derived Roles) using Profile Generator (PFCG).
- Performing user provisioning activities which includes setting up new accounts, password resets, assigning users to appropriate groups and assigning security roles subject to appropriate approval using SU01.
- Mass assignment of roles to users in user groups using su10.
- Troubleshooting/Resolution of authorization issues (using SU53, SU56, SUIM, ST01 & STAUTHTRACE)
- Extensively used user information system & tables (SUIM & SE16) to generate various reports for audit monitoring.
- Creating user groups for users and authorization groups for tables.
- Using authorization objects like S TABU DIS and S TABU NAM to control tables access and prevent unauthorized users from accessing information within them.
- Performed GRC AC post installation activities and implemented ARA, EAM, BRM and ARM based on client requirements.
- Using sync jobs to transfer the transaction codes, authorization objects, roles, users, profiles, role usage information, transaction code usage details from the back-end systems to SAP GRC.
- Designing custom rule sets, functions and access risks so that it can be used in the NetWeaver business client to perform role and user level risk analysis.
- Using ARA (access risk analysis) to check if there is any Segregation Of Duty(SOD) risk or critical action risk in the back end systems and working with role owners to either remediate or mitigate the risk using controls.
- Using transaction code spro to maintain configuration settings for ARM,EAM,BRM and ARA.
- Using background scheduler in GRC to create schedules for user access review and sod review reports.
- Using spro to execute batch risk analysis and create reports based on user analysis in GRC.
- Helping firefighter controllers create consolidated log reports based on firefighter id usage.
- Creating and monitoring that status of background jobs.
- Using organization rules in GRC to remove false positives when performing access risk analysis.
- Using the ARM (access risk management) component in GRC to create user id s, assign roles to users, assign users to groups, assign owners to roles and prevent SOD violations at run time.
- Using the EAM (emergency access management) component in GRC to assign firefighters to firefighter's id’s or roles so that they will be able to perform critical tasks in a controlled environment using centralized or decentralized EAM.
- Configuring MSMP so that directly mapped users, users assigned to pfcg roles, users assigned to groups in su01 or owners created in GRC AC can approve various workflows.
- Performing regular system audits using sm19 and sm20 to ensure connected systems have not been tampered with or compromised and working closely with management in order to satisfy audit requests.
- Training end users and teaching them about security authorization and security design concepts.
Privacy Policy
Resume Categories
- .NET Developers/Architects Resumes
- Java Developers/Architects Resumes
- Informatica Developers/Architects Resumes
- Business Analyst (BA) Resumes
- Quality Assurance (QA) Resumes
- Network and Systems Administrators Resumes
- Help Desk and Support specialists Resumes
- Oracle Developers Resumes
- SAP Resumes
- Web Developer Resumes
- Datawarehousing, ETL, Informatica Resumes
- Business Intelligence, Business Object Resumes
- MainFrame Resumes
- Network Admin Resumes
- Oracle Resumes
- ORACLE DBA Resumes
- Other Resumes
- Peoplesoft Resumes
- Project Manager Resumes
- Quality Assurance Resumes
- Recruiter Resumes
- SAS Resumes
- Sharepoint Resumes
- SQL Developers Resumes
- Technical Writers Resumes
- WebSphere Resumes
- Hot Resumes
