SUMMARY

• Senior SAP FIORI, S4 HANA & SAP GRC Security Consultant wif 10+ years of experience in SAP Security and FIORI.
• Specialized in SAP FIORI, S4 HANA, SAP ECC, SAP BI Security, Portal Security, GRC 5.3, GRC10.0, 10.1,12.0.
• Successfully implemented SAP Fiori Security for end user mobile application interfacing wif ECC and BI.
• 4 Full life cycle implementations of SAP Security projects from design phase to Post implementation phase.
• Experience on different versions of S/4 HANA (1509, 1610, 1809 &1909).
• Worked on multiple deployments (Central Hub and Embedded).
• Activating ODATA services using IWFND MAINT SERVICE.
• Important authorization objects S SERVICE for OData services and S RFCACL/S RFC for trusted connection.
• Worked on TADIR services both for IWSG and IWSV.
• Worked on different types of Apps like Transaction, Analytical and Factsheets.
• Extensive noledge on Fiori library - Configuration tab, implementation tab, selecting versions, types of catalogs, groups, business roles, extensions.
• Creation of custom catalogs and groups using Admin/Designer page.
• ABAP front-end roles design and creation wif proper Catalogs, Groups, services and required authorization objects.
• S/4 Hana backend roles design and creation wif correct business access.
• Assigning roles to users.
• Creation of Analysis Authorization in BI system based on client requirements.
• Running/Testing the Fiori apps before confirming users.
• Debugging Launchpad issues using F12 and Troubleshooting Fiori issues using USOBHASH table, SU53, IWFND ERROR LOG transaction codes.
• Has good noledge and experience in UI Masking configuration.
• Good Knowledge in Role creations / Modifications related to all modules.
• Good understanding of SODs, Remediation and mitigation concept
• Hands on exposure in handling SAP Implementation, Rollouts, upgrades and Support projects.
• Having experience in handling high numbers of production support-issues.
• Having depth noledge of troubleshooting SAP security issues.
• Experienced in handling User administration, Role administration in mass level by scripting.
• Experience in Moving transports via CHARM and Normal Transport Request.
• Hands on experience on SU24, SU25, ST01, STAD, CUA, Fire fighter, User group creation
• Creating OSS ID’S, Providing Developer Key access and remove it as per user requirement.
• Hands on experience on Table level restrictions
• Experienced in Analyzing the SOD Conflicts at User level and Role level by using GRC10.0
• Providing Emergency access to functional, technical & audit team
• Creating FIORI apps, catalog and group based on functional needs
• Strong experience in designing authorization roles for SAP ECC, SAP BW, SAP HR, SAP SRM, SAP CRM and Enterprise Portal systems.
• Experience in SAP S/4 HANA Security using HANA studio - configured Standard, Technical and Restricted Users.
• Successfully created System, Object, Analytic and Package Privileges and assigned to end users.
• Performed Security on Business Process Monitoring (BPM) using Solution Manager wif ECC as managed system.
• Extensive experience in using ChaRM Lite in Solution Manager (SolMan) for Change Requests and performing retrofits between dual landscapes along wif security changes and configuration validations.
• Implemented Security on JAVA Landscape for PI systems and expertise in using UME (User Management Configuration) groups and roles.
• Experience in Security of Transportation Management (TM) and Event Management (EM) of SCM module.
• As a security administrator, strongly expertise in using Profile Generator (PFCG) for creation and maintenance of Roles/Activity groups as required and expertise in Security Administration activities such as creating User accounts, Password resets, locking and unlocking users.
• Created mass users and roles using eCATT scripts, LSMW scripts and BAPI’s.
• Experience in configuration and maintenance of CUA (Central User Administration) landscape.
• Hands on experience in using Service Market place for opening OSS connections, KBA’s search, SNOTE search for corrections and Security enhancements provided by SAP, conduct research in Onapsis for current vulnerabilities check and compliance.
• Extensive experience in analyzing and processing SOD issues using VIRSA 4.0 Compliance Calibrator, GRC 5.3/ 10.0/ 10.1 Access Control tools such as RAR/ARA, SPM/EAM, CUP/ARM, ERM/BRM components.
• Excellent understanding of Sarbanes-Oxley Act (SOX), policies and procedures.
• Successfully configured SAP GRC Access Control 10.0/10.1 components.
• Involved in Configuration and customization of Multi-Stage Multi-Path (MSMP) workflows, BRF Plus Rules.
• Hands on experience in Rule Set Customizations, Configuring Mitigation Controllers, Approvers, Monitors in ARA.
• Successfully defined best practice methods for usage of security controls for SAP GRC Access Controls.
• Experience in documenting monthly audit reports, audit logs, policies, procedures and other tracking documents to monitor health of the system and project.
• Experience in onsite - offshore engagement model, team lead off shore team for project activities and provided training and mentoring the team.
• Enthusiastic and eager to take responsibility and initiative in any given task.
• Self-motivated in handling the work assigned and adhere to SLA deliverables and deadlines.
• Experience working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.

TECHNICAL SKILLS

ERP: SAP FIORI, SAP S/4 HANA, SAP ECC, SAP BW/BI, GRC AC 5.3/10.0/10.1/12

Service Tools: Service Now, BMC Remedy

Operating Systems: Windows (Server Edition, Enterprise Edition)

PROFESSIONAL EXPERIENCE

Confidential, Minnesota

Team Lead

Responsibilities:

• Worked on various BU rollout project where new role was designed to meet the business requirements on ECC GTS FSCM TM FIORI BI systems.
• Build different types of FIORI apps, catalog and group to provide access to users on FIORI system (Embedded and Central HUB)
• Worked on Lifecycle upgrade project and MDG upgrade project
• Participated in bi-weekly meeting for Project updates as well as Client requirements
• Troubleshooted user’s issue using STAUTHTRACE, SU53 and ST01 reports in ECC security and RSECADMIN in BI Security.
• Work on GRC FF access request. Created FFID and user id to provide access to critical t-codes
• Updated su24 for various Z t-codes created in SAP system.
• Created Authorization group via SE54 and assigned those to tables
• Created GUI script for Role change description, Composite role creation and single role creation
• Created GUI script for UI masking for GUI fields
• Created CHARM for transporting customizing and workbench request
• Preparing KT and technical documentation for reference.
• Solving queries of users over telephone/ Skype.
• Created OSS id and opened OSS connection for SAP user
• Created Developer keys for ABAP users
• Created system on Live compare tool and onboarded the system on Live compare and IIQ tools
• Imported new roles on GRC system before providing access to any users on live environment.
• Conducted meetings wif process owners to gather project requirements and prepared a common template framework for security roles design.

Environment: SAP FIORI, SAP S/4 HANA, SAP ECC 6.0, SAP BW, SAP GRC (AC 10.1), SAP Solution Manager 7.2, Enterprise Portal.

Confidential

Sr. SAP Security Consultant

Responsibilities:

• Ensures that application security standards are well integrated into systems by incorporating SOD testing into the security process
• Monitors and maintains SAP application security policies, standards, guidelines, and procedures that are in alignment wif the corporate strategic plan and supports the project team during the implementation
• Responsible for implementation and integration of SAP GRC - SOD and other post go live sustainment tools
• Work wif the business managers in refining risk and mitigating controls
• Support / educate business areas on risks and proposed mitigating controls
• Understand compliance related issues as it relates to SAP roles
• Analyze information across multiple groups, identifying conflicts and trends

Environment: SAP ECC, SAP S/4 HANA, SAP GRC

Confidential

Associate Consultant

Responsibilities:

• Involved in meetings for gathering the requirements from business and developing simplified and standardized security roles for the users in each company wifin the controlling areas.
• Helped the application and business teams for master data loads into testing systems.
• Worked wif application teams to get UAT completed in controlled access environment before moving to production.
• Also, worked closely wif Basis team in handling system refreshes and performed security refresh procedures.
• Worked on adding new personnel areas into roles in HR module, also sales groups, sales district and sales office in SD module.
• Worked on ChaRM Lite in SolMan for transports and includes dual landscape maintenance for the change requests and performing retrofits and solving any transport issues.
• Validated configuration and implemented security in SolMan around Change Control Management which includes change management work centers (SM WORKCENTER), CTS, Quality gate management and Change request management.
• Also, worked on implementing security for Business Process Monitoring (BPM) using Solution Manger and ECC as managed system. This helped business (especially FI, MM, SD teams) to monitor and forecast the business trends using BPM analytics.
• Created custom roles in HANA DB for Developers, Modelers, Database Administrators and Business End Users.
• Worked on System, Object, Analytic, Package and Application Privileges wifin SAP HANA system.
• Participated in implementing PI Java Security and created new UME groups, new roles, creating users, assigning groups to users, troubleshoot and trace various authorization issues.
• Worked on Security implementation for Fiori Mobile interface on POC in MM module using NetWeaver Gateway system as communication channel for leveraging REST services and OData Services on SAP Business Suite ECC 6.0.
• Re-engineered existing roles by running Security audit logs for business and application support users in identifying SOD t-codes and worked wif Compliance team for helping them to configure and mitigate users in VIRSA and hence making roles and user access more compliant.
• Performed key controls review during internal audit of the company.
• Worked wif compliance team during the external audit.
• Created custom parameter transaction codes in restricting the roles for table access maintenance (SM30).
• Worked wif development team in setting up required AUTHORITY-CHECK for Custom Tables, Reports and Custom transactions.
• Extensively used t-codes SU01, SUIM, SU10, PFCG, SE16N, SWI5, RSABAPSC, SE38/SA38, SE80, SE93, SE97, ST01, SE01/09/10, STMS, SM36, SM37, PFUD, SUPC, PA20, PA30, PPOSE, PO13, RSA1, SCMA & SM WORKCENTER (in SolMan).
• Used AGR*, USR* tables for different reporting and analyzing purposes.
• Used PA*, HRP* tables for analyzing the relationship wif different Info Types in the HR/HCM scope.
• Troubleshoot user ESS, MSS issues and perform user administration activities in the enterprise portal.
• Experience and noledge in how to maintain authorizations by transactions through SU24 and experience in using USOBT C, USOBX C tables.
• Helped team for French translations of all the roles in multiple landscapes.
• Experienced in using MS Excel (VLOOKUP, HLOOKUP, Pivot tables, Macros), Power point and hands-on in document writing.
• Handled bringing 15000 users into SAP during the merger and created accounts for all the users using Active Directory across different landscapes.
• Helping the business to identify the right position role for every user in existing role model.
• Complete user administration in SAP landscapes (creating, modifying, and deleting, locking, unlocking and resetting passwords).
• Worked closely wif Basis team and application support team during HR Support-packs (HRSP). It includes moving transports, locking/unlocking users using SU10, completing UAT on new security enhancements from the support packs.
• Analyzed missing authorizations by performing authorization traces to resolve security issues for users by using ST01.
• Performed regular activities and troubleshooting by using SU53.
• Understanding and implementing the Change Control process for any enhancements or operational changes when required.
• Coordinated wif the offshore team and monitored the progress of the tasks in the maintenance landscape.
• Communicated technical and non-technical issues along wif training in change management process to key users and business users when necessary.
• Worked on different security tickets on day-to-day basis and performing associated activities to user accounts based on approval workflow.
• Daily tasks also include creating user accounts, maintaining Info types in PA20, system cleanup activities such as account terminations, transfers, access requests, role changes, tracing and prototyping access issues using SU53, ST01, troubleshooting production issues.
• Analyzed RFC calls for Remote Function Modules (RMF’s) from different systems and secured them for user access.

Environment: ECC, BW, HANA

Confidential

Security Consultant

Responsibilities:

• SAP Security administration and maintenance
• Design, Configuration & Testing of SAP Security Roles
• Creating/ Maintaining the ORG Fields in Objects
• Adequately securing programs, transactions and tables
• Role Download/ Upload, Mass Generation/ Mass Transport.
• Mass Assignment and Re-assignment of Roles/ Users
• Mapping of Missed Authorization Object in T-codes.
• Mapping of T-code wif Reports and Programs.
• Monitoring Central User Administration (CUA).
• Maintaining (Create, Delete, Change, Copy) SINGLE, COMPOSITE and DERIVE Role in Customer Namespace.
• Performed Spool Administration, Client Administration, SAP background job scheduling and monitoring, Transport Organizer and other basis day to day activities.
• Locking critical transactions using SM01.
• Assigning HR ESS/MSS access to the user as per requirement.
• Analyzing SU53 screen shots to debug authorization problems.
• Analyzing ST01 trace log to fix the authorization bugs.

Environment: ECC, BI/BW, HR, GRC

Confidential

Security Consultant

Responsibilities:

• Changing the Design of a Single Role and Composite Role wif Proper approvals from respective Business Process Owners following the Process Norms.
• Troubleshooting missing authorization using SU53 and run trace ST01.
• Monitoring and handling Background Jobs like PFUD for updating User Master Records in all Production and Non-Production environment on daily basis in all systems
• Experience in Design, Developing, Testing and Implementing SAP Security Roles, Profiles and Authorization for various landscapes using Profile Generator
• Review and transport the activities performed by other team members
• Extensively used SU22 and SU24 to update the USOBT C and USOBX C tables (transaction and the authorization objects).
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, S DEVELOP for debug access etc.
• Worked wif functional team leads to define new custom transactions, objects, classes, integrating them in transaction codes and then apply security restrictions for custom reports/queries and transactions.
• Handling Object level changes for Transaction Codes through SU24 to maintain Authorization in standard or maintained mode.
• Extensively used the following transactions on daily basis - SU01, PFCG, SU53, SU24, SM59, RSSM (for BW) and ST01 for providing technical support to users.
• Executing Computer Aided Testing Tool (CATT) reports to update Org levels.
• Creating analysis authorizations and maintaining them at both user and role assignments using RSECADMIN in SAP BI 7.0 Security.
• Performing Authorization Trace in SAP BI 7.0 and generating error log reports for analysis.
• Experience in user administration 24x7 on call production support, quick turnaround for end user requests, and Helpdesk support for user administration
• Checking for Segregation of Duties (SOD) issues while assigning Roles to Users and while changing the design of a single Role, Composite Role and User group creation.
• Role transport to multiple landscapes, TR release through SE09/SE10/SE01.
• Report generation using SUIM and to analyze the missing authorization-based issue.
• Working wif tables like AGR* for data collection and verification.
• End-to-end implementation of GRC Access Control Suite 10.0 and configured all the components in it as when required.
• Performed Role and User Analysis, Risk Analysis and Mitigating risks and roles as required.
• Checking the SoD (Segregations of Duties) using Risk Analysis and Remediation before assigning to the users.
• Working on Fire Fighter (FF) for Super User privileges like maintaining Owners, Controllers and Fire Fighter Access to user.
• Checking the log report as and when required for audit purposes.

Environment: SAP R/3, ECC 6.0, GRC 10.0, BI 7.0

Confidential

Security Consultant

Responsibilities:

• Undergone internal training on GRC Access Control suite.
• Well experienced in planning, designing, documenting and implementing security related standard procedures for the user administration, roles and profile generation. Created single roles, composite roles and derived roles as per organizational structure in R/3systems using PFCG.
• Monitored User maintenance on day-to-day basis and role maintenance on requirement basis.
• Setting up security roles and user accounts for over 800 End Users for primary Go Live.
• Monitored User maintenance on day-to-day basis and role maintenance on requirement basis.
• Identifying the missing authorizations using SU53/ST01 trace and maintaining them in suitable role and SU56 to find security problem.
• Troubleshooting performance issues & adjustment of SAP profiles.
• Locking critical transactions using SM01.
• Worked wif the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties (SOD) over all fields of business areas.
• Successfully transported the generated roles and profiles using SAP transport management system (STMS) and handled single& mass generation of roles and transport of roles.

Environment: ECC 5.0, BI 7.0, GRC 5.3