SUMMARY

• Over 10+ Years of experience as an SAP Security, GRC & HANA Consultant in Support, Development & Implementation projects.
• Executed SAP Support, Development, Rollout, Upgrade and Implementation projects wif Mining (Newcrest), Pharmacy industries ( Confidential Europe AG) and Suncor Energy.
• Utilizing and administration of SAP GRC10.1, SAP GRC 12.0.
• SAP Certified Associate in GRC Access Controls.
• Proficient in role build, user administration and troubleshooting user access issues & SOX audit controls.
• Proficient in analyzing and translating business requirements to technical requirements and Architecture.
• Responsible for building new roles ensuring SOX compliance and making sure their are no SOD conflicts.
• Worked on teh remediation & mitigation process for teh Critical risks.
• Worked wif internal audit teams to address different audit control requests.
• Good client - facing skills, interpersonal skills, self-motivated, consistent learner.
• Collaborate wif other team members and business representatives to ensure that security roles, authorizations, activity levels and settings meet teh Client requirements.
• Have a good planning experience, working wif teh compliance team, SOX group for implementing business mitigating controls.
• As people management coordinator for teh landscape over teh offshore of all teh SAP Modules, which helped to build a good relation wif teh client all teh time.
• Highly motivated IT specialist well - versed in Release Management, Change Management and Problem Management, Excellent customer service skills and very customer-focused.
• Manage activities between Release Management and teh following functions: Change Management, Problem/Incident Management, and QA/Testing

TECHNICAL SKILLS

GRC: SAP GRC 10.1, SAP GRC 12.0

ERP: SAP ECC, HR, BW, S/4 HANA, Fiori, Solman

CUA: Central User Administration

Applications: ServiceNow, Solution Manager, VMware Service Manager, Cherwell

Process: Incident Management, Change Management & Problem Management

PROFESSIONAL EXPERIENCE

Confidential, New Jersey

SAP Security & GRC Consultant

Roles and responsibilities:

• Implemented GRC Access Control 12.0 versions.
• Worked on Ruleset customization activities by connecting teh E2E business teams.
• Worked on various MSMP workflows to automate user administration activities.
• Worked on S4 Hana and Fiori and other systems security and build teh different Business roles.
• Conducted different workshops wif SoX teams and finalized and updated teh process Control master data.
• Configuring teh Process Control system as per teh client requirement.
• Structural Authorizations - Teh data a user can access can be restricted by using either - Enterprise Structure: Groups/Departments, Codes, Individual user files - Organizational Structure: Common areas, overall use of teh system
• Structural authorizations allow restrictions to be configured on teh organizational structure.
• Infotypes - Units containing master data in SAP HR, Used in recording employee data, payroll data, and administrative data, Creates fields and groups them together and enables time-dependent storage, Infotype restrictions are extremely important since master data is teh core of HR data and needs to be restricted.
• Personnel Number Restrictions - Users can be restricted using teh authorization object P PERNR to only accessing infotypes regarding their own personal data.
• Creating of Master Data - Regulations, Business Process Hierarchy, Organizations, Risk Templates
• Building of Data Sources and Business Rules which included sub scenarios like Configurable and ABAP Reports.
• Used MDUG for mass uploading of Master Data into teh system.
• Worked on First Level and Second Level Authorization concepts
• Configuring GRC components shared settings and Access control specific settings.
• Activating BC sets, synchronizing repository objects
• Risk analysis activities: Building Rule set, testing, remediate risks, mitigate risks, creating rules using BRF+ environment and performing risk analysis
• Worked on NIST SP controls to protect teh system based on risk management.
• User provisioning: Configuring access request forms, maintain EUP, Requesting access
• Building and maintaining MSMP workflows
• Business Role Management BRM: Configuring Role management, create single, composite roles and business roles
• Emergency access Management EAM: FFID, assign owner and controller to FFID, maintain reason codes, execute firefighting sessions and monitor emergency access.
• Unlock/reset users’ password self-service accounts, maintain firefighter ids, controllers and Reviewers, import roles.
• Creating employees and business users in S/4HANA Cloud system, by importing teh employees from an HCM system like SAP SuccessFactors or from a csv file.
• Exporting teh business users from S/4HANA Cloud system and importing them into SAP Cloud Identity Autantication Service (IAS) that is pre-configured wif teh S/4 instance.
• Create a Communication System in S/4HANA Cloud, Setup IAS as a source system in IPS, Setup SAP S/4HANA Cloud as a target system in IPS, Run teh source provisioning job
• Cutover Ids setup and address user access issues during cutover.
• Hyper care IDs setup, work wif organizational change management team to address any user-role mapping issues during roll outs create emergency change requests to address critical access issues
• Responsible for working wif business teams to test new and existing functionality and migrating roles from development to quality and production
• Interact wif clients to identify new sap security role requirement, map them to technical roles and TCodes and implement these into teh system for different process areas such as PTP, OTC, and RTR.
• Use Solution manager ChaRM for creating change requests, maintain associated documentation, and prepare transport lists for migration as per release management process
• Troubleshooting user access issues using troubleshooting tools SU53, SU56, ST01.
• Worked on SU24 to maintain check indicators for teh Transaction Codes
• Perform review of Custom Tcodes/custom tables to ensure they are in accordance wif defined security policies and Maintain of teh SU24
• Address SAP open service connection issues from basis team and maintain logs for OSS ids using audit logs transactions SM19, SM20.
• Prepare critical sensitive access report on daily /quarterly basis per audit requirements using SQVI queries; standard SAP tables AGR USERS, USR02, UST04, and AGR AGRS etc
• Tele logic tool is used for teh creation of teh change request for teh defects of teh SAP by creating teh low impact and Enhancement
• In CUA teh Creation, Deletion, Administration and monitoring of users, creating and assigning of user groups and mass user administration is handled through CUA, which will distribute teh address and authorization data to child systems.
• Creating single roles, Derived roles, Composite roles, maintain and generate authorization profile.
• Worked on teh creation of teh Master role and derived roles concept through CUA
• Mapping issues during roll outs create emergency change requests to address critical access issues
• Responsible for working wif business teams to test new and existing functionality and migrating roles from development to quality and production
• Manage risks and resolve issues that effect release scope, schedule and quality
• Participate in any change advisory board meetings to discuss release scope and/or roadblocks
• Helped maintain accuracy in ServiceNOW CMDB for SAP SoX.
• Ability to work wif teams, to influence, to co-operate, to collaborate are essential key skills to get teams working at outstanding levels
• Excellent communication skills across all levels
• Self-Management is a key attribute expected for this role. Being able to work wifout teh need for follow up or too much management is important.
• Self-motivated and self-starter once work assigned results are guaranteed almost always.
• Expert level noledge and experience working across teh software development lifecycle, and end to end promotional model.

Confidential

SAP Security & GRC Consultant

Responsibilities:

• Implemented GRC AC10.1, Configured GRC AC Access Risk Analysis (ARA) and Emergency Access Management (EAM) components.
• Upgraded GRC Access Control from 10.1 to GRC 12.0 and updated teh GRC ruleset accordingly.
• Implemented teh end to endsecurity process (configured, testing, troubleshooting & support) for S4Hana 1610.
• Implemented teh strategy of creating /updating teh existing business roles to new roles to transaction matrix which involved detail analysis of updating teh SU24, SE93, PFCG andSecuritytables.
• Discuss wif clients and define Role Naming Conventions.
• Utilize SU25 Step 1 to Transfer USOBT & USOTX Table to USOBT C & USOBX C Table.
• Creating and maintaining authorization and Roles including Single role, Composite role and derived role.
• Utilize SU24 to enable / disable security checks
• Worked on SHDB t code to create Derived roles for teh master roles
• Creating SAP HANA DB Users, Roles Read, edit by granting required Privileges.
• Configure Fiori Apps as per Client Requirements.
• Configuring Roles for Tile Catalogs.
• Troubleshoot security/authorization related problems using /IWFND/ERROR LOG, SU53, ST01 and STAUTHTRACE.
• Performed T code: /n/iwfnd/cache cleanup and Report: /UI2/INVALIDATE GLOBAL CACHES for teh global cache clear.
• Creating access level and folders in BOBJ.
• Maintaining folder hierarchy for report and dashboard access in BOBJ
• Created CHARM roles for Developer, Tester, Requestor, Release Manager, Change Manager & Admin.
• Testing - Unit Testing/ Integration Testing me/II/UAT
• Issue fixing during - Unit Testing/ Integration Testing me/II
• Go-Live/Post Go-live support

Confidential

SAP Security Consultant

Responsibilities:

• Technical analyst for SAP security in production & non-production environments.
• Segregation of Duties and Audit Compliance Standards.
• Day to day technical support and resolution of Security issues.
• Performed user maintenance tasks, User creation, deletion, lock down, activation, password management tasks and ran various user administration reports.
• Troubleshoot security/authorization related problems using SU53, ST01 and SUIM
• Creating Users based on request.
• Assigning additional roles to teh existing users.
• Resetting Passwords for users and intimating password policy.
• Analyzing missing authorizations based on screenshots sent by teh user.
• Optimizing teh authorization checks by utilizing teh SU53 and system traces (ST01)
• Locking and changing teh validity date for teh expired users.
• Contribute to teh documentation for teh various tasks that we perform for daily monitoring.
• Worked on Remedy ticketing tool (Incident Management Console, Problem Management Console, Change Management Console), Work Request, ClearQuest.
• Experienced in working wif Auditors in keeping teh SAP systems audit compliant.
• Created Various Value based analysis authorizations and Hierarchy level analysis authorizations for HR Specific Characteristic values in BI environment.
• Created and maintained BI Reporting roles and Analysis authorization roles.
• Allowing fixed supplier fields for Employee and Requisitioner roles in SRM system.
• Restricting teh Info types at various Authorization profiles level, personal area level and sub type levels in HR area.
• Maintained various roles in HR system and Setting up Idoc movement jobs from CUA system to child systems.
• Built and troubleshooting Analysis Authorizations using teh transaction RSECADMIN.
• Assigned teh Analysis Authorizations to teh role using teh object S RS AUTH.
• Worked on GRC 5.3 and 10 (Governance, Risk, and Compliance) Tool.
• Assignment of mitigation IDs to owners and approvers
• Running teh risk analysis at user, role level.
• Creation and assigning of mitigation controls and mitigating users.
• Creating and assigning Fighter IDs to Fighters Owners and controllers on approvals.
• Assigning Firefighter IDs to owners, controllers.
• Assigning Firefighter Ids to Firefighters.
• Providing teh log reports to managers based on teh requirement.
• Creating mitigating owners.

Confidential

SAP Security Consultant

Responsibilities:

• Role administration including new role creation (Single, Composite and Derived Roles), deleting, maintaining and transporting across transport landscape
• Using SE16 tables for auditing teh user and role information
• Creating and Releasing Transport Requests and performing individual and Mass transports of roles
• Worked on roll out projects
• Worked on ticketing tools like Remedy and transport management using Solman Charm.
• Analyze teh user problems by using SU53, SUIM and ST01
• Obtain all necessary approvals and UAT testing for creating Change request and Presenting in CAB meeting to move Roles to Production systems.
• Handling Complete user administration activities.
• Expertise in restricting roles from Critical authorizations like S DEVELOP, S BTCH JOB, S BTCH NAM, S TABU DIS, S CTMS ADM, S TRANSPORT etc.,
• Involved in role cleanup activities like deleting duplicate and in-active authorization objects and restricting roles from critical Authorizations.
• Involved in removing critical SAP profiles like SAP ALL and SAP NEW from all dialog users.