SUMMARY

• Senior SAP FIORI, S4 HANA & SAP GRC Security Consultant with 10+ years of experience in SAP Security and FIORI.
• Specialized in SAP FIORI, S4 HANA, SAP ECC, SAP BI Security, Portal Security, GRC 5.3, GRC10.0, 10.1,12.0.
• Successfully implemented SAP Fiori Security for end user mobile application interfacing with ECC and BI.
• 4 Full life cycle implementations of SAP Security projects from design phase to Post implementation phase.
• Experience on different versions of S/4 HANA (1509, 1610, 1809 &1909).
• Worked on multiple deployments (Central Hub and Embedded).
• Activating ODATA services using IWFND MAINT SERVICE.
• Important authorization objects S SERVICE for OData services and S RFCACL/S RFC for trusted connection.
• Worked on TADIR services both for IWSG and IWSV.
• Worked on different types of Apps like Transaction, Analytical and Factsheets.
• Extensive noledge on Fiori library - Configuration tab, implementation tab, selecting versions, types of catalogs, groups, business roles, extensions.
• Creation of custom catalogs and groups using Admin/Designer page.
• ABAP front-end roles design and creation with proper Catalogs, Groups, services and required authorization objects.
• S/4 Hana backend roles design and creation with correct business access.
• Assigning roles to users.
• Creation of Analysis Authorization in BI system based on client requirements.
• Running/Testing teh Fiori apps before confirming users.
• Debugging Launchpad issues using F12 and Troubleshooting Fiori issues using USOBHASH table, SU53, IWFND ERROR LOG transaction codes.
• Have good noledge and experience in UI Masking configuration.
• Good Knowledge in Role creations / Modifications related to all modules.
• Good understanding of SODs, Remediation and mitigation concept
• Hands on exposure in handling SAP Implementation, Rollouts, upgrades and Support projects.
• Having experience in handling high numbers of production support-issues.
• Having depth noledge of troubleshooting SAP security issues.
• Experienced in handling User administration, Role administration in mass level by scripting.
• Experience in Moving transports via CHARM and Normal Transport Request.
• Hands on experience on SU24, SU25, ST01, STAD, CUA, Fire fighter, User group creation
• Creating OSS ID’S, Providing Developer Key access and remove it as per user requirement.
• Hands on experience on Table level restrictions
• Experienced in Analyzing teh SOD Conflicts at User level and Role level by using GRC10.0
• Providing Emergency access to functional, technical & audit team
• Creating FIORI apps, catalog and group based on functional needs
• Strong experience in designing authorization roles for SAP ECC, SAP BW, SAP HR, SAP SRM, SAP CRM and Enterprise Portal systems.
• Experience in SAP S/4 HANA Security using HANA studio - configured Standard, Technical and Restricted Users.
• Successfully created System, Object, Analytic and Package Privileges and assigned to end users.
• Performed Security on Business Process Monitoring (BPM) using Solution Manager with ECC as managed system.
• Extensive experience in using ChaRM Lite in Solution Manager (SolMan) for Change Requests and performing retrofits between dual landscapes along with security changes and configuration validations.
• Implemented Security on JAVA Landscape for PI systems and expertise in using UME (User Management Configuration) groups and roles.
• Experience in Security of Transportation Management (TM) and Event Management (EM) of SCM module.
• As a security administrator, strongly expertise in using Profile Generator (PFCG) for creation and maintenance of Roles/Activity groups as required and expertise in Security Administration activities such as creating User accounts, Password resets, locking and unlocking users.
• Created mass users and roles using eCATT scripts, LSMW scripts and BAPI’s.
• Experience in configuration and maintenance of CUA (Central User Administration) landscape.
• Hands on experience in using Service Market place for opening OSS connections, KBA’s search, SNOTE search for corrections and Security enhancements provided by SAP, conduct research in Onapsis for current vulnerabilities check and compliance.
• Extensive experience in analyzing and processing SOD issues using VIRSA 4.0 Compliance Calibrator, GRC 5.3/ 10.0/ 10.1 Access Control tools such as RAR/ARA, SPM/EAM, CUP/ARM, ERM/BRM components.
• Excellent understanding of Sarbanes-Oxley Act (SOX), policies and procedures.
• Successfully configured SAP GRC Access Control 10.0/10.1 components.
• Involved in Configuration and customization of Multi-Stage Multi-Path (MSMP) workflows, BRF Plus Rules.
• Hands on experience in Rule Set Customizations, Configuring Mitigation Controllers, Approvers, Monitors in ARA.
• Successfully defined best practice methods for usage of security controls for SAP GRC Access Controls.
• Experience in documenting monthly audit reports, audit logs, policies, procedures and other tracking documents to monitor health of teh system and project.
• Experience in onsite - offshore engagement model, team lead off shore team for project activities and provided training and mentoring teh team.
• Enthusiastic and eager to take responsibility and initiative in any given task.
• Self-motivated in handling teh work assigned and adhere to SLA deliverables and deadlines.
• Experience working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.

TECHNICAL SKILLS

ERP: SAP FIORI, SAP S/4 HANA, SAP ECC, SAP BW/BI, GRC AC 5.3/10.0/10.1/12

Service Tools: Service Now, BMC Remedy

Operating Systems: Windows (Server Edition, Enterprise Edition)

PROFESSIONAL EXPERIENCE

Confidential, Minnesota

Team Lead

Responsibilities:

• Worked on various BU rollout project where new role was designed to meet teh business requirements on ECC GTS FSCM TM FIORI BI systems.
• Build different types of FIORI apps, catalog and group to provide access to users on FIORI system (Embedded and Central HUB)
• Worked on Lifecycle upgrade project and MDG upgrade project
• Participated in bi-weekly meeting for Project updates as well as Client requirements
• Troubleshooted user’s issue using STAUTHTRACE, SU53 and ST01 reports in ECC security and RSECADMIN in BI Security.
• Work on GRC FF access request. Created FFID and user id to provide access to critical t-codes
• Updated su24 for various Z t-codes created in SAP system.
• Created Authorization group via SE54 and assigned those to tables
• Created GUI script for Role change description, Composite role creation and single role creation
• Created GUI script for UI masking for GUI fields
• Created CHARM for transporting customizing and workbench request
• Preparing KT and technical documentation for reference.
• Solving queries of users over telephone/ Skype.
• Created OSS id and opened OSS connection for SAP user
• Created Developer keys for ABAP users
• Created system on Live compare tool and onboarded teh system on Live compare and IIQ tools
• Imported new roles on GRC system before providing access to any users on live environment.
• Conducted meetings with process owners to gather project requirements and prepared a common template framework for security roles design.

Environment: SAP FIORI, SAP S/4 HANA, SAP ECC 6.0, SAP BW, SAP GRC (AC 10.1), SAP Solution Manager 7.2, Enterprise Portal.

Confidential

Sr. SAP Security Consultant

Responsibilities:

• Ensures that application security standards are well integrated into systems by incorporating SOD testing into teh security process
• Monitors and maintains SAP application security policies, standards, guidelines, and procedures that are in alignment with teh corporate strategic plan and supports teh project team during teh implementation
• Responsible for implementation and integration of SAP GRC - SOD and other post go live sustainment tools
• Work with teh business managers in refining risk and mitigating controls
• Support / educate business areas on risks and proposed mitigating controls
• Understand compliance related issues as it relates to SAP roles
• Analyze information across multiple groups, identifying conflicts and trends

Environment: SAP ECC, SAP S/4 HANA, SAP GRC

Confidential

Associate Consultant

Responsibilities:

• Involved in meetings for gathering teh requirements from business and developing simplified and standardized security roles for teh users in each company within teh controlling areas.
• Helped teh application and business teams for master data loads into testing systems.
• Worked with application teams to get UAT completed in controlled access environment before moving to production.
• Also, worked closely with Basis team in handling system refreshes and performed security refresh procedures.
• Worked on adding new personnel areas into roles in HR module, also sales groups, sales district and sales office in SD module.
• Worked on ChaRM Lite in SolMan for transports and includes dual landscape maintenance for teh change requests and performing retrofits and solving any transport issues.
• Validated configuration and implemented security in SolMan around Change Control Management which includes change management work centers (SM WORKCENTER), CTS, Quality gate management and Change request management.
• Also, worked on implementing security for Business Process Monitoring (BPM) using Solution Manger and ECC as managed system. This helped business (especially FI, MM, SD teams) to monitor and forecast teh business trends using BPM analytics.
• Created custom roles in HANA DB for Developers, Modelers, Database Administrators and Business End Users.
• Worked on System, Object, Analytic, Package and Application Privileges within SAP HANA system.
• Participated in implementing PI Java Security and created new UME groups, new roles, creating users, assigning groups to users, troubleshoot and trace various authorization issues.
• Worked on Security implementation for Fiori Mobile interface on POC in MM module using NetWeaver Gateway system as communication channel for leveraging REST services and OData Services on SAP Business Suite ECC 6.0.
• Re-engineered existing roles by running Security audit logs for business and application support users in identifying SOD t-codes and worked with Compliance team for helping them to configure and mitigate users in VIRSA and hence making roles and user access more compliant.
• Performed key controls review during internal audit of teh company.
• Worked with compliance team during teh external audit.
• Created custom parameter transaction codes in restricting teh roles for table access maintenance (SM30).
• Worked with development team in setting up required AUTHORITY-CHECK for Custom Tables, Reports and Custom transactions.
• Extensively used t-codes SU01, SUIM, SU10, PFCG, SE16N, SWI5, RSABAPSC, SE38/SA38, SE80, SE93, SE97, ST01, SE01/09/10, STMS, SM36, SM37, PFUD, SUPC, PA20, PA30, PPOSE, PO13, RSA1, SCMA & SM WORKCENTER (in SolMan).
• Used AGR*, USR* tables for different reporting and analyzing purposes.
• Used PA*, HRP* tables for analyzing teh relationship with different Info Types in teh HR/HCM scope.
• Troubleshoot user ESS, MSS issues and perform user administration activities in teh enterprise portal.
• Experience and noledge in how to maintain authorizations by transactions through SU24 and experience in using USOBT C, USOBX C tables.
• Helped team for French translations of all teh roles in multiple landscapes.
• Experienced in using MS Excel (VLOOKUP, HLOOKUP, Pivot tables, Macros), Power point and hands-on in document writing.
• Handled bringing 15000 users into SAP during teh merger and created accounts for all teh users using Active Directory across different landscapes.
• Helping teh business to identify teh right position role for every user in existing role model.
• Complete user administration in SAP landscapes (creating, modifying, and deleting, locking, unlocking and resetting passwords).
• Worked closely with Basis team and application support team during HR Support-packs (HRSP). It includes moving transports, locking/unlocking users using SU10, completing UAT on new security enhancements from teh support packs.
• Analyzed missing authorizations by performing authorization traces to resolve security issues for users by using ST01.
• Performed regular activities and troubleshooting by using SU53.
• Understanding and implementing teh Change Control process for any enhancements or operational changes when required.
• Coordinated with teh offshore team and monitored teh progress of teh tasks in teh maintenance landscape.
• Communicated technical and non-technical issues along with training in change management process to key users and business users when necessary.
• Worked on different security tickets on day-to-day basis and performing associated activities to user accounts based on approval workflow.
• Daily tasks also include creating user accounts, maintaining Info types in PA20, system cleanup activities such as account terminations, transfers, access requests, role changes, tracing and prototyping access issues using SU53, ST01, troubleshooting production issues.
• Analyzed RFC calls for Remote Function Modules (RMF’s) from different systems and secured them for user access.

Environment: ECC, BW, HANA

Confidential

Security Consultant

Responsibilities:

• SAP Security administration and maintenance
• Design, Configuration & Testing of SAP Security Roles
• Creating/ Maintaining teh ORG Fields in Objects
• Adequately securing programs, transactions and tables
• Role Download/ Upload, Mass Generation/ Mass Transport.
• Mass Assignment and Re-assignment of Roles/ Users
• Mapping of Missed Authorization Object in T-codes.
• Mapping of T-code with Reports and Programs.
• Monitoring Central User Administration (CUA).
• Maintaining (Create, Delete, Change, Copy) SINGLE, COMPOSITE and DERIVE Role in Customer Namespace.
• Performed Spool Administration, Client Administration, SAP background job scheduling and monitoring, Transport Organizer and other basis day to day activities.
• Locking critical transactions using SM01.
• Assigning HR ESS/MSS access to teh user as per requirement.
• Analyzing SU53 screen shots to debug authorization problems.
• Analyzing ST01 trace log to fix teh authorization bugs.

Environment: ECC, BI/BW, HR, GRC

Confidential

Security Consultant

Responsibilities:

• Changing teh Design of a Single Role and Composite Role with Proper approvals from respective Business Process Owners following teh Process Norms.
• Troubleshooting missing authorization using SU53 and run trace ST01.
• Monitoring and handling Background Jobs like PFUD for updating User Master Records in all Production and Non-Production environment on daily basis in all systems
• Experience in Design, Developing, Testing and Implementing SAP Security Roles, Profiles and Authorization for various landscapes using Profile Generator
• Review and transport teh activities performed by other team members
• Extensively used SU22 and SU24 to update teh USOBT C and USOBX C tables (transaction and teh authorization objects).
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, S DEVELOP for debug access etc.
• Worked with functional team leads to define new custom transactions, objects, classes, integrating them in transaction codes and tan apply security restrictions for custom reports/queries and transactions.
• Handling Object level changes for Transaction Codes through SU24 to maintain Authorization in standard or maintained mode.
• Extensively used teh following transactions on daily basis - SU01, PFCG, SU53, SU24, SM59, RSSM (for BW) and ST01 for providing technical support to users.
• Executing Computer Aided Testing Tool (CATT) reports to update Org levels.
• Creating analysis authorizations and maintaining them at both user and role assignments using RSECADMIN in SAP BI 7.0 Security.
• Performing Authorization Trace in SAP BI 7.0 and generating error log reports for analysis.
• Experience in user administration 24x7 on call production support, quick turnaround for end user requests, and Helpdesk support for user administration
• Checking for Segregation of Duties (SOD) issues while assigning Roles to Users and while changing teh design of a single Role, Composite Role and User group creation.
• Role transport to multiple landscapes, TR release through SE09/SE10/SE01.
• Report generation using SUIM and to analyze teh missing authorization-based issue.
• Working with tables like AGR* for data collection and verification.
• End-to-end implementation of GRC Access Control Suite 10.0 and configured all teh components in it as when required.
• Performed Role and User Analysis, Risk Analysis and Mitigating risks and roles as required.
• Checking teh SoD (Segregations of Duties) using Risk Analysis and Remediation before assigning to teh users.
• Working on Fire Fighter (FF) for Super User privileges like maintaining Owners, Controllers and Fire Fighter Access to user.
• Checking teh log report as and when required for audit purposes.

Environment: SAP R/3, ECC 6.0, GRC 10.0, BI 7.0

Confidential

Security Consultant

Responsibilities:

• Undergone internal training on GRC Access Control suite.
• Well experienced in planning, designing, documenting and implementing security related standard procedures for teh user administration, roles and profile generation. Created single roles, composite roles and derived roles as per organizational structure in R/3systems using PFCG.
• Monitored User maintenance on day-to-day basis and role maintenance on requirement basis.
• Setting up security roles and user accounts for over 800 End Users for primary Go Live.
• Monitored User maintenance on day-to-day basis and role maintenance on requirement basis.
• Identifying teh missing authorizations using SU53/ST01 trace and maintaining them in suitable role and SU56 to find security problem.
• Troubleshooting performance issues & adjustment of SAP profiles.
• Locking critical transactions using SM01.
• Worked with teh Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties (SOD) over all fields of business areas.
• Successfully transported teh generated roles and profiles using SAP transport management system (STMS) and handled single& mass generation of roles and transport of roles.

Environment: ECC 5.0, BI 7.0, GRC 5.3