SAP SUMMARY:

• Extensive SAP Security / GRC experience on various SAP modules such as FI/ CO, MM, BW/BI on Hana, BPC, BOBJ, PP, P D, SD, HR,IDM. Handled Full Life-Cycle Implementations / support and upgrade projects.8 years experience in SAP.
• Experience in full life cycle Implementation using ASAP Methodology in various versions of R/3 including 4.5B, 4.6C, R/3 4.7, ECC 5.0 and ECC 6.0, Netweaver.
• Extensive experience with Automatic Profile Generator PFCG , User Administration, Central User Administration CUA , Authorization object maintenance, Problem analysis and troubleshooting, SAP GUI CATT and ECATT Scripts, transporting roles, HR Security, Auditing, Segregation of Duties SOD and Sarbanes-Oxley Compliance SOX etc.
• Experience in performing SAP Security upgrades from 4.7 to ECC 6.0 and BW 3.5 to BI 7.0
• Experienced in leading SAP security teams in audit efforts by helping in defining the audit rules and automating the reports by defining the programs specifications.
• Experience in setup of BI security for user roles query users, administrative users and power users
• Experienced in leading and guiding the security teams in unit testing of the roles using the business process procedure BPPs
• Experienced in Strategizing and implementation of SAP Security model, processes and procedures, defining various Role Matrices and designing templates.
• Experience with helpdesk, resolving ticket issues and troubleshooting support problems using Amdocs Remedy.
• Experience on Audit projects and working as a liaison between the security team and auditors.
• Administration in assigning the Automatic Profile Generator and Authorization object maintenance.
• Experienced extensively in creating and modifying Single Roles, Composite roles and Derived roles
• Strategizing and Implementation experience in Central User Administration CUA in both single and multi system landscapes.
• Experience in implementing Line Authorizations and troubleshooting of authorizations.
• Strong experience in implementing and working with HR Security including Structural Authorizations and Position Based Security PBS .
• Experience with usingAudit Information Systems AIS logs SM19, SM20 and SM18 .
• Experience in implementing security in BW including infoobject level security and BI 7.0
• Solving ticket issuesin Security related tables and reports/programs.
• Problem fixing in assign of Authorization Groups, User Groups and User Administration.
• Documentation in various security processes, procedures, auditing knowledge transfer and an active team player.

TECHNICAL SKILLS

SAP GRC: GRC 5.3 Access Control CUP, RAR,SPM and ERM

Professional Experience:

Confidential

SAP Security GRC Consultant

• Involved in gathering end user requirements and implement SAP ECC security authorizations.
• Building SAP roles and define jobs by coordinating with functional project team members.
• Work with business owners to define the authorizations needed for users.
• Set-up SAP authorization profiles and roles that represent the different end users job definitions.
• Use SU02 to examine authorizations in existing roles to identify improper authorizations and correct them.
• Created CATT scripts for creating mass users, deleting mass users, assigning roles to users, locking and unlocking mass users in a CUA system.
• Worked on critical authorization Objects like S TABU DIS, S DEVELOP, S RZL ADM, S ADMI FCD and S TRANSPRT.
• Worked on SU24 to maintain Check Indicators for the Transaction Codes.
• Extensively used tables like AGR USERS, AGR TCODES, AGR 1251, AGR DEFINE etc.
• Perform UNIT testing on created roles.
• Restrict open authorizations to sensitive Transaction codes.
• Maintenance of User Master Record Support End Users with Security issues.
• Maintain various role matrices for roles, authorization objects to keep track of the modifications made the roles.
• Resolved daily SAP Security issues / tickets.
• Effectively analyzed trace files and tracked missed authorizations for user's access problems and inserted missing authorizations manually.
• Used SU24 to maintain Check Indicator Defaults and Field values, reduced the scope of Authorization checks.
• Extensively used SU53 and ST01 for analyzing the authorization errors
• Worked with internal and external auditors for all SAP security controls and provide key system information. Ensured compliance with all regulatory laws.
• Supported GRC 5.3 - SAP GRC Business objects Access control, Risk analysis and remediation, Super user Privilege Management, Compliant User Provisioning, Enterprise Role Management

BI 7.0 and PI 7.1

• Built Analysis Authorizations using the transaction RSECADMIN.
• Setup security at the Info objects level field-level security .
• Created Custom Reporting Authorization Objects using transaction RSSM.
• Linked the Custom Authorization Object to the Info provider
• Created roles restricting access to Info cubes, ODS objects, specific queries and workbooks.
• Assigned the Analysis Authorizations to the role using the object S RS AUTH.
• Troubleshoot authorizations related problems using RSECADMIN
• Troubleshoot analysis authorizations related problems using RSECADMIN.
• Build security and successful testing of various objects related to Dashboard.
• Built roles for NWPM authorization which involved controlling access based on namespace in S XMB MONI

Confidential

SAP Security Analyst Implementation

ECC 6.0:

• Worked on SU10 to perform mass operations.
• Analyze and troubleshoot security issues using SU53 , ST01 and SUIM
• Worked closely with Audit team for SAP Security Audit and generated Audit Information Systems AIS logs SM19,SM20 and SM18
• Managed and maintained USOBT C and USOBX C tables by using SU24 /SU25
• Create and maintained custom transactions by using SE93.
• Performed user administration activities such as creating, deleting, renaming, locking and unlocking users, and resetting passwords, maintaining logon data and assigning roles to the users.
• Created User Groups by using transaction code SUGR.
• Fix the bugs related to roles and authorizations in order to build security in R/3
• Experience in Transport Authorization and provided production support for roles.
• Managing Standard and Custom Authorization Object.
• Transport Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape.
• Transported the generated roles and profiles using SCC1 and SE09/SE10.
• Supported GRC 5.3 - SAP GRC Business objects Access control, Risk analysis and remediation, Super user Privilege Management, Compliant User Provisioning, Enterprise Role Management

Portal security

• Working on creating and transporting roles.
• Created transport packages to move roles from development portals to other systems in the landscape
• Performed user administration activities such as creating user ids, copying user ids, assigning roles, assigning groups etc.
• Created groups and assigned roles to groups.

Confidential

SAP Security Analyst Implementation

Roles and Responsibilities:

• Provided SOD and Role matrices templates to the Business owners.
• Interacted with the Role owners and the team lead for maintaining the correct restrictions on the Transaction codes and the activities within the Transaction codes.
• Worked closely with ECC Developers on LSMW for Data migration.
• Extensively used Automatic Profile Generator PFCG to create and maintain Parent and Child/Derived roles and to Upload and Download of roles.
• Transporting the change requests from the Development environment to Testing/QA environments.
• Created custom transaction Codes for restricting access to custom tables, views and programs.
• Created transaction variants for SE16 and SM30.
• Created Authorization groups and assigned Tables and Programs to the groups.
• Implemented Line Authorizations to restrict records and transaction codes using the critical Authorization Object S TABU LIN.
• Worked on critical authorization Objects like S TABU DIS, S DEVELOP, S RZL ADM, S ADMI FCD and S TRANSPRT.
• Performed reconciliation of user master record and roles using PFUD.

Central User Administration

• Implemented Central User Administration CUA within R/3 and BW system landscape
• Performed user administration activities in the CUA System landscape
• Troubleshoot CUA related issues
• Delinked/Linked child clients from CUA setup during client refreshes using the program RSDELCUA

GRC 5.3:

• Working extensively on Compliance user provisioning CUP for access issues.
• Reviewed, Analyzed and manually removed the roles from the backend system using Access Control.
• Helped the users by role administration and guiding them on CUP usage.
• Worked with SAP Development on SAP GRC products for version 5.3
• Extensive experience of role maintenance using Risk Analysis at object level.
• Have done risk simulation for impacting Composite roles with assigned users.
• Extensively used the GRC suite of products Compliance Calibrator, Firefighter, Role Expert and Access Enforcer.