SUMMARY

• 8 years of Professional experience as SAP Security consultant; including multiple full life cycle implementation projects from design phase to post implementation phase in mySAP ERP ECC (FI/CO, MM, SD, PP, PM, PS), SAP R/3, SAP GRC 10.0, BI/BW, BO, XI/PI, CRM, SRM and EP
• Worked on upgrade projects from R/3 4.6c to ECC 5.0 including upgrade & post - upgrade steps, assessment of authorizations and redesign.
• Good knowledge of CRM business process, enterprise portals, and exposed to teh new dimensional products.
• Creation and Modification of User Accounts using transaction codes (SU01, SU10).
• Strong in SAP application Security development by taking business requirements and building Security using teh Role maintenance and SAP authorization Concept using Profile Generator tool (PFCG).
• Experience with role based security design (role creation, transports and organization levels).
• Troubleshoot user roles, tracing activities, security authorization objects and custom reporting authorization by using tcodes (SUIM, SU53, RSECADMIN, ST01 and ST22) for different modules.
• Experience with mass user creation and maintenance using Computer Aided Test Tool (CATT) and LSMW scripts.
• Strong understanding of DBMS, Data Warehousing and SAP BusinessObjects architecture.
• Trained on SAP GRC Access Control (5.3/10.0) - Risk Analysis and Remediation (Compliance Calibrator), Compliant User Provisioning (Access Enforcer), Superuser Privilege Management (Fire Fighter), Enterprise Role Management (Role Expert).
• Experienced in teh four-tier SAP system landscape (DEV, ACC, QAS, PROD).
• Experience in CUA administration and maintenance.
• Had good knowledge in HANA.
• Spool Administration including configuring printers and troubleshooting spool request.
• Skilled in providing documentation and best practices relating to SAP security.
• Expertise in analyzing and translating business requirements into technical specifications in collaboration with application developers.
• Expertise with teh BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting teh reporting problems.
• Creating Custom Transaction Codes and Custom Authorization objects.
• Using ticketing systems Remedy ARS and HP Peregrine.
• Extensively performed User Master Reconciliation (PFUD and SUPC).
• Strong problem solving and time management skill.
• Strong interpersonal and communication skills (oral and written skills), unparalleled work ethic, strong attention to detail and good team player.

TECHNICAL SKILLS

SAP Packages: ERP ECC 6.0, SAP R/3 4.0-4.7, SAP Security with ECC, Governance Risk & Compliance (GRC 10/5.3/5.2), Business Intelligence (BI 7.0/BW 3x) and Business Objects (BO 4.0), Customer Relationship Management (CRM 7.0/6.0), Supplier Relationship Management (SRM 2.0), Supply Chain Management (SCM)

Languages: C, C++, Java, HTML, Visual Basic

Databases: MS Access, DB2, SAP HANA, ORACLE, MS SQL Server

Operating Systems: Windows8/8.1, Windows 7/Vista/XP/2000, Unix

Tools: CATTs, VRAT (SOD), MS Office

PROFESSIONAL EXPERIENCE

Confidential, CO

SAP Security Consultant

Environment: SAP ECC 6.0, BW 7.4, BusinessObjects 3.1,GRC 10.1 Access Control and Firefighter.

Responsibilities:

• Worked in Support and implementation part of teh project.
• User administration: setting up User IDs, assigning roles, resetting password, locking/unlocking users.
• Analyzed/ updated roles to resolve Authorization issues in ECC 6.0 after careful analysis as per system trace (ST01), authority check (SU53) and checks in ABAP code (SE38).
• Extensive knowledge on troubleshooting security related problems using SU53, ST01, SM19, SM20 and ST22.
• Created and maintained user master records using SU01 and SU10.
• SU24 changes as per teh business requirements
• Maintained SAP Marketplace login information for OSS Messages and OSS Notes (SNOTE).
• Worked in creating Background jobs using ABAP halp (SUPC/PFUD).
• Designed, Developed and maintained Single roles, Composite roles, Master and Derived roles and Secured roles by Organizational levels for different modules in SAP.
• Transported teh generated roles and profiles using SAP transport management system.
• Worked on BusinessObjects 3.1 / SAP BI integration project starting with planning, installations, integration, migration and development of BI layer.
• Responsible for overall BusinessObjects infrastructure maintenance, applying Patches, Service Packs, and Monthly HotFix (MHF) to upgrade teh BO environment.
• Locked and ensured dat teh SAP standard Super users (SAP* and DDIC) were set-up as system or background users with passwords changed.
• Coordinated in completing teh SAP security audit requirements checklist.
• Worked with teh ST01 tracing and analyzing teh trace records for teh user in teh process of troubleshooting.
• Make sure dat teh authorization groups for all teh required tables have been maintained in TDDAT table using SE54 transaction.
• Identified all teh organization level info objects and confirmed they are Authorization relevant.
• Experience managing and maintaining USOBT C and USOBX C tables by using SU24 /SU25.
• Implemented GRC AC10.1.
• Configured RAR - Risk Analysis & Remediation, RM - Access Role Management, SPM - Super User Privilege Management.
• Coded custom methods to support workflow functionality.
• Design, develop and Activation of Rule Sets.
• Performed timely scheduling of Background jobs performs synchronization and Risk Analysis.
• Performed Real Time Risk assessment.
• SOD is performed at Role and User Level analysis for sensitive access.
• Involved in Creating/Maintenance and documentation of Mitigation Control.
• Directed team meetings with business and security to gather information required to remediate existing risks from previous SAP release.

Confidential, Covington, OH

SAP Security Consultant

Environment: ECC 5.0, BW 3.5, BI 7.0, BusinessObjects XIR2, Crystal Reports, CATT, Enterprise Portal 7.0, SRM, GRC 5.3.

Responsibilities:

• Building SAP security procedures in-order to minimize teh post implementation maintenance.
• Authorization objects activities/values/authorization groups.
• Worked with teh business managers in defining access requirements for end users, maintain role design methodology and worked with functional team members to set up end user roles.
• Creation of Roles (single, composite as well as derived)
• Setting up Central user administration (CUA).
• Creation of roles and profiles using PFCG.
• Set up teh Profile Generator and generated user profiles for FI, CO, MM, PP and SD users.
• Used Profile Generator to TEMPeffectively restrict user access to specific Business Areas.
• Used transactions such as SUIM, SU53 to troubleshoot problems.
• Used CATT scripts to create large number of users and assign teh designed roles to teh users using transaction SCAT.
• Used Transport Management System (TMS) for transporting of roles.
• Configured teh SMTP settings to send teh reports to users email after scheduling teh reports in Crystal Enterprise Server and Business Object Server.
• Gathered teh Users Information and Security levels in BO 6.5 to implement teh new Security in BO XIR2.
• Involved in data extraction and conversion between BPC and BW systems.
• Locked and ensured dat teh SAP standard Super users (SAP* and DDIC) were set-up as system or background users with passwords changed
• Transported Profiles to Test environment.
• Using System trace to record authorization checks in different sessions using ST01.
• Analyzing and evaluating teh technical security requirements.
• Perform regular system audits to detect deviation of established procedures, role mapping, and unauthorized changes to teh SAP security and report finding to management.
• Configured and Implemented GRC Access Control Suite 5.3
• Configuring and trouble shooting of HR triggers in CUP
• Created SAP HR Connector, HR Triggers, Field Mapping.
• Configured Workflow, actions and rules.
• Configured HR trigger provisioning and scheduled background jobs.
• Configured User Data source and defined autantication system for requestors using CUP

Confidential, Shorter, AL

SAP Security Consultant

Environment: ECC 5.0, BW 3.5, BI 7.0, BusinessObjects 6.5, BusinessObjects Enterprise XIR2.

Responsibilities:

• Interacted extensively with teh business leads to understand teh business requirements and build security as per their requirements.
• Worked with teh business team to prepare and maintain role matrices and user mapping matrices.
• Communicated with Business Process Owner’s to obtain approvals for security changes
• Worked with Automatic Profile Generator (PFCG) in creating Single roles, Composite Roles and Derived Roles.
• Followed key security standards such as maintaining check indicators in SU24 for authorization objects and Transaction codes, putting proper controls in place for securing programs and tables.
• Recommended and enforced teh usage of Authority Check statement for custom programs.
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, S DEVELOP for debug access and etc.
• Developed custom Process chains to support master data and transaction data loads from BI to BPC.
• Migrated BusinessObjects 6.5 version reports to BusinessObjects Enterprise XIR2.
• Created a document for teh migration of BusinessObjects 6.5 to BusinessObjects XIR2.
• Implemented values for profile parameters for controlling password rules, logon rules, established monitoring process for inactive users and unsuccessful logons.
• Troubleshoot Authorization Errors using Transaction Code SU53 and ST01.
• Created ECATT Script for mass activities such as creating users, assigning roles to users, assigning user groups to users.
• Worked with table authorizations and created new Table Authorization Groups in SE54 to protect tables.
• Restricted access to SE16/SM30 by creating table specific custom transaction codes to teh table using SE93.
• Made teh info objects and characteristics authorization relevant as needed using RSD1.
• Extensively used RSECADMIN tool to build Analysis Authorizations.
• Assigned teh Analysis Authorizations access to users using teh authorization object S RS AUTH.
• Resolved issues related to authorization objects using t-code RSSM.
• Troubleshoot authorizations related issues.

Confidential, North wales, PA

SAP Security Consultant

Environment: SAP ECC 6.0, SAP CRM, SAP CUA and BI 7.1, 7.3 XI.

Responsibilities:

• Analyzing and evaluating teh technical security requirements for SAP ECC Security
• Ensured role-building follows business guidelines, and adhere to teh controls requirement set forth by teh internal audit/controls teams
• Analyzed customer programs and transaction codes for authority checks
• Responsible for review, design, develop, test and implementation of Access Controls capabilities
• Responsible for developing roles (Single, Composite and Derived) using teh Profile Generator (PFCG) tool for FI, CO, MM, PP and SD users
• Ensure segregation of duties (SOD) exists in teh SAP systems
• Troubleshoot existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets, put users in appropriate groups and resolve any issues in production system
• Using System trace to record authorization checks in different sessions (ST01)
• BW security - Involved with creation and maintenance of activity groups and custom authorization objects
• Implemented Info object level BW security and created BW security Authorizations using RSSM transaction
• Experience with teh BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting teh reporting problems
• Assist users with access problems and questions using SUIM and SU53
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to teh SAP security and report finding to management
• Prepare authorization environment for Go-live
• Involved in Transportation of roles
• Worked in Support and Implementation projects
• Set up Web UI Security using Business Roles. Creation of business roles and mapping them to Security role
• Created Business Partners and assigned in Org Structure using BP, Mapping business role to position using PPOMA CRM
• Troubleshooting teh authorization issues. Strong experience in implementation as well as production support
• Provide knowledge transition to new team members as well as teh business users. Designed roles for CRM enterprise sales and services by restricting users on Sales, Presales and Billing transactions
• Worked User Administration using Central user administration (CUA)
• Created and maintained all user master data across teh quality assurance and production system landscape
• Troubleshooting using tcodes SCUL, SCUA and check teh IDocs and background jobs related to CUA

Confidential, Emeryville, CA

SAP Security Consultant

Environment: Net weaver 2004, ECC 6.0, BI7.0 and Enterprise Portal 7.0, CUA.

Responsibilities:

• Worked with teh four-tier SAP landscape system (DEV, ACC, QAS, PROD)
• Performed printer administration and Spool administration like display spool request, spool controller SPAD
• Setup ALE environment for Central User Administration (CUA)
• Maintaining Users in CUA System and Daily checking CUA logs through (SCUL)
• Created new roles for ECC 6.0 systems: FI, CO, HR, MM, PP, and SD modules, based on concepts of task roles and position roles
• Created new roles as per teh new business processes, in accordance with SOX compliance
• Responsible for complete lifecycle, from designing, unit testing, integration testing, user mapping, go-live and post production support
• Worked with Internal Control team for Role level Remediation and User level Remediation
• Extensive experience in designing and implementing mitigating controls
• Support Basis team for user master export and import, lock mass user during systems maintenance
• Expertise in SAP Security and Authorizations which includes User Management, User Administration, Monitoring, User Tracing (ST01)
• Implemented access control on security related tables (AGR, USR and Custom Tables) and sensitive authorization objects (S TABU DIS, S TABU NAM, S PROGRAM, etc.)

Confidential

SAP Security Consultant

Environment: SAP ECC 6.0, BI, CATT and SAP GRC.

Responsibilities:

• Worked on SAP ECC 6.0, BI 7.3 Security and provided access to users to make better business decisions.
• Responsible for all aspects of SAP ECC Security Administration tasks including Coordinating and interacting with business, technical and functional consultants for gathering SAP Security requirements, Design role, User Administration, transport roles and authorization, testing, system parameters, analysis reports generating, troubleshoot authorization error and create/maintain SAP Security process documents for SAP systems.
• Designed, developed and maintained Master and Derived roles and Secured roles by Organizational levels such as Company Code, Plant, Cost Center, Profit Center, Purchasing Organization etc., for BPC, BI 7.0, Solution Manager and Enterprise Portal7.0.
• Applied SAP Security policy, procedure, best practices and system controls to SAP systems.
• Used SAP Security transactions - PFCG, SU24, PFUD, SUPC, SUIM, SU53, SU56, ST01, SE09/SE10, RZ10, SE16 and like.
• Extensively worked with ECATT and CATT for mass user creations.
• Setup training IDs for Business and end users.
• Prepared Project Plan for Go Live and Post Go Live activities.
• Troubleshoot user roles, tracing teh users, security authorization objects and custom reporting authorization objects to debug or troubleshoot authorization error, resolving teh issue by giving required authorizations in SAP modules.
• Report to management on teh status of project and anticipating/identifying issues.
• Responsible for communication, coordination, and teamwork within teh team and end users.
• Assisted Sarbanes Oxley Compliance - SAP System Audit and documentation of significant Processes and controls
• Complete overall support includes design and implementation for all Security needs for all user ID admin and Role builds for SOX compliance.
• Working with GRC (Compliance Calibrator, Firefighter) in identifying conflicts single roles and composite roles.
• Troubleshoot ECC security problem by using different scenario such as system trace (ST01), parameter change, buffer reset, SU53, and SU56 in order to find security problem.
• Continuously improved security configuration to reflect best practices and prepare for system audits.
• Designed and assigned roles and profiles for Solution Manager 7.0.
• Maintained authorizations for various Solution Manager 7.0 profiles (Implementation, Distribution, Change Request Management, Monitoring, and Reporting).
• Monitoring teh system logs and ABAP dumps (SM21) and fixing teh problems accordingly.
• Imported and maintained startup/default/instance profiles (RZ10).
• Worked on creating RFC connections through sm59.