SUMMARY

• Over 8+ years of experience as SAP Security and GRC Consultant.
• Extensively worked on End - to-End GRC Implementation projects, performed post-implementation and Support activities.
• Successfully implemented Access Control, Access Risk Analysis, Access Request Management, Enterprise Risk Management, Emergency Access Management and Business Role Management.
• Expert in SAP Security Administration with - ECC 6.0, BI 7.1/3.5, CRM, Solution Manager Modules & SAP NW ABAP, & JAVA architecture concepts.
• Worked on up gradation project from SAP GRC 5.3 to 10.0.
• Worked on SAP HCM to design security for HR Department users in decentralizing use of HR Data.
• Having good knowledge on HR Security Objects Structural authorization HR Master Data
• Coordinating with the Business Process Owners and Functional Teams to prepare a SOD Matrix Documentation to ensure no SOD violations.
• Reviewing compliance and ensuring the organization adhering to rules, practice, business ethics, internal guidelines and principles.
• Worked on Profile Generator (PFCG), Role creation, modifications, User Administration and Authorization objects
• Monitoring and Maintaining a safe, healthy and secure environment in identifying the risks and assuring all the key risks are being monitored effectively.
• Planning individual audits, defining audit objectives and preparing audit plans.
• Proactively evaluating risks and Internal controls against changing market and economic trends.
• Participated in the Company's Audit by providing the requested reports and agreeing appropriate corrective actions to remedy and planning the necessary measures.
• Involved in complete SAP R/3 project lifecycle from design phase to post-implementation phase on several projects in security arena.
• Proficient in troubleshooting and handling user issues by using SU53, tracing (ST01) and User Information System (SUIM). Locking and Unlocking users, running reports in Excel sheets and monitoring users having access to some specific controls.
• Worked on Master Data Governance(MDG) Security, Custom Objects to manage Business Data.
• Change settings of generated MDG Database tables.
• Configuring SLD by creating software components, technical system and business systems
• Experience and knowledge of security procedures for user creation, maintenance and migration in client-specific user administration model and central user administration (CUA).
• Developed and documented security policies and procedures, user maintenance, activity group/role maintenance using profile generator.
• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users.
• Performed Client copies/deletes in Sandbox, Development and .
• Experience in defining background jobs, scheduling and maintenance, modifying, deleting and analyzing the jobs and regularly monitoring the job logs and the job status
• Expert in Client Administration Client Creation, Client copy, Client export, Remote Client Copy, Client Deletion, Securing Clients and assigning Logical System to client.
• Excellent analytical, problem solving and time management skills.
• Worked on Solution Manager Security, user administration and access mainitianance.
• 24X7 Production Support.

TECHNICAL SKILLS

Network OS: Windows Servers 2008/2003 Enterprise Editions, Windows XP/NT 4.0.

Languages: JAVA, SQL

ERP: SAP GRC AC 10.0, SAP ECC 5.0/6.0, Net Weaver 2004/2004s, BW 3.1/3.5, MDG 7.0, BI 7.0, FI/CO, SD, MM, EP, CRM, SRM and Solution manager.

Tools: /Database Netback up, BR*Tools. SQL Server, MaxDB, DB400

PROFESSIONAL EXPERIENCE

Confidential, Michigan

SAP Security and GRC Consultant

Environment: SAP GRC AC 10.0, ECC 6.0, MDG 7.0, SAP HR/HCM, SAP BI 7.0, Windows 2008, MaxDB

Responsibilities:

• Proposing the Hardware Sizing for SAP GRC 10 Landscape Implementation.
• Implementation of SAP GRC AC 10 and performing the Post Implementation activities.
• Involved in Requirement Elicitation Process with the Business Process Owners and Functional Consultants to plan the management of Critical Activities and ensure the Application Security in SAP Landscape.
• Analysis and Design of SOD matrix that ensures a reduced Audit Exceptions.
• Analyzing the Risk and managing the Risk by either Risk Mitigation or Risk Remediation Control.
• Configuring and Maintaining the Rule Sets for GRC Access Control.
• Performing User level and Role level Simulation and Ad Hoc Risk Analysis.
• Configuring the Emergency Access Management(EAM) to the respective modules and backend systems.
• Creating owners and controllers for Roles, Risks, Functions, FIREFIGHTER's.
• Assigning owners and controllers to Roles, Risks, Functions and FIREFIGHTER's respectively to review and Approve upon the requests.
• Maintaining Reason Codes and Reviewing the Log Report for Emergency Access monitoring.
• Worked on Business Role Management to maintain the role-specific settings, configuring role methodology, creation of single roles and mass management of roles.
• Involved in Business Rules Framework coordinating with BPO's and Functional Consultants for creating Business Rules using BRFplus workbench.
• Creating and Customizing Multi-Stage Multi-Path(MSMP) workflow for Business Rules Framework
• Worked on Profile Generator (PFCG), Role, Profile creation, modifications, User Administration and Authorization objects
• Created 1000’s of roles that would meet the Business Requirements that would eliminate the SOD conflicts.
• Worked with the functional consultants and business owners in designing the Roles with respect to modules SD, MM, PP, HR, FI, CO, BI, CRM for both Consultants and End users
• Worked with BI Admin to understand Analysis Authorizations to ensure data level restrictions for users.
• Performed technical writing for team (i.e. wrote validation documentation, installation protocols, SOPs, test scripts, guides, etc…).
• Designed tools and utilities to automate Documentum processes for EDM support team business analysts. Provided technical expertise on migration utilities such as Global Batch Import (GBI), and Global Batch Export (GBE).
• Worked and assisted team of developers in maintaining and supporting Document Management System (DDMS/DECADE) to meet business requirements and compliance with FDA regulations.
• Developed File System Export (FSE) utility to extract metadata and file information from windows file system (NTFS, FAT32).
• Position based Security via Indirect Org Assignments, Context Sensitive HR solution, Structural authorization and The HR: Master Data with Context authorization object (P ORGINCON)
• Assign these roles and structural authorizations to the SAP HR user, based on his job profile.
• Create and maintain Authorizations in SAP HR through roles categorized under payroll administration, administration and time administration.
• Work on these roles with create/maintain/view authorizations for combination of HR objects, HR Infotypes & subtypes, HR transactions, HR reports, HR clusters called role based authorizations or a combination of role based authorizations and the HR structures like organization structure, calendar etc (called structural authorizations).
• Worked on MDG security for maintaining domain specific data governance for create, change and distribute master data.
• Worked on MDG Authorization objects for Sales, Materials and Finance Areas.
• Made the info objects and characteristics authorization relevant as needed using RSD1/RSA1.
• Extensively used RSECADMIN tool to build Analysis Authorizations.
• Assigned the Analysis Authorizations access to users using the authorization object S RS AUTH.
• Resolved issues related to authorization objects using t-code RSSM.
• Extensively worked with Single Roles, Derived roles and Composites Roles that meets the Business Requirements
• Used SUIM to query authorization data, role assignments to users, locked users, users license data, change documents for analysis.
• Extensively worked on SU24 for redefining the Authorization Scope.
• Authorization checks for customized programs and Transaction codes
• Created new users and assigned appropriate roles as per the requirement and maintained security according to the company policies document.
• Based on the SU53, troubleshooting the user authorization issues and provided access to users by modifying the roles accordingly.
• Analyzing the authorization issues with Authorization Trace ST01, that gives detailed authorization checks against the user buffer.
• Responsible for all Security-related aspects of upgrade and good experience with monitoring.
• Documentation of all the procedures and involved in end user .
• Involved in the company’s security audit by providing the requested End User licenses, Role assignments and entire user management strategies being followed within the system.
• Respond to requests and prepare SAP security reports based on management and department needs.

Confidential, Burbank, California.

SAP GRC and Secuirty Consultant

Environment: SAP GRC 5.3, 10.0, ECC 6.0, MDG 7.0, SAP BI 7.0, SAP HCM, SAP BPC 10.0, Windows 2008, MAXDB

Responsibilities:

• Strongly involved in SAP GRC 10.0 upgrade project proposals.
• Identifying key considerations for upgrade and migration to the existing landscape.
• Defining the Migration Plan, completing the prerequisites, importing the configuration and application data into GRC 10.0
• Upgrading the existing version of GRC 5.3 to GRC 10.0, performing post up gradation activities followed by support activities.
• Configuring the common configuration settings, common component settings, Activating the required BC Sets and Access Control specific settings.
• Using ASAP methodology conducted all tasks for Business Blueprint and Realization phases of project.
• Defining Connectors and Connector groups, assigning connectors to connector groups, adding connectors to the required scenarios.
• Executed and scheduled various synchronization jobs that pulls the update to date data like Transactions, Authorization objects, User Roles and Profiles, work load statistics from Backend systems.
• Customizing the SOD rules upon the discussions with various departments to meet the changing market trends and business scenarios.
• Configuring the RAR to automate the rule based security that relate to regulatory compliance.
• Used RAR tool to pull the Risk reports and remediated the Users Risks to maintain enterprise wide application security.
• Creating Risks, Functions based on the requirement and reviewing the Risk remediation and mitigation strategy.
• Creating Mitigation controls to the risks and assigning the owners and approvers accordingly.
• Creating FIREFIGHTER ID's with respect to the modules and assigning the respective owners and approvers to monitor and review the FF Log Summary Report.
• Worked on Business Role Management (BRM) for configuring and maintaining Role Management, specifying naming conventions, defining role sensitivity, maintaining role status etc.
• Designed Master Data Governance(MDG) security, User Administration and Role Assignments.
• Involved in configuration activities using Transaction MDGDT
• Work with profile generator (PFCG) in creating roles, profiles, composite roles & derived.
• Created over 100 customized end user roles and menus, plus hundreds of “mini-roles” to allow for low level modular access control.
• Worked on HCM Position Based Security with Structural Authorization for ESS & MSS
• Maintenance of HR organizational structure to administer and control user access,including time-limited access (temporary assignments to positions)
• Experience with Structural Authorizations development in HR
• Thorough usage of HR switches, various authorization objects and extensive knowledge on HR security tables
• Experienced in BPC Security 10.0 on creating the Users, Teams, Task Profiles and Member Profiles.
• Assigning data access profiles to Users or Teams, assigning Task profiles to users or teams
• Worked on productions support to solve the day to day BPC authorization issues for users.
• Set up security roles and user accounts for over 1000 End Users for primary Go Live.
• Redefined authorization scope using SU24 etc.
• Created new and edited the existing Activity Groups as per the requirements coming through Help desk which involves the inclusion of transactions in the menu tree or editing the activities as per SU53 results.
• Configuring Central User Administration(CUA) Setup, assigning the logical systems to clients.
• Trouble shooting performance issues & adjustment of SAP profiles.
• Having knowledge on SRM security Objects and troubleshooting missing authorizations
• Creation and maintenance of the users in the SAP HANA
• Creation of roles and assignment of privileges to roles
• Assigning roles to the users in the SAP HANA
• Creating and Managing the analytical privileges.
• Work with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created SOD Matrix and single critical transaction policies for IT security.
• Analyzed all customer programs and transaction codes for authority checks.
• Ran security reports for critical transactions and objects and for users who never logged on
• Worked with functional team leads to define the new transactions.
• Trouble shoot R/3 security problem by using different scenario such as system trace, parameter change, buffer reset, SU53, and SU56 in order to find security problem
• Continuously improved security configuration to reflect best practices and to prepare for system audits.
• Respond to requests and prepare SAP security reports based on management and department needs.

Confidential, Minneapolis, Minnesota

SAP Security Administrator

Environment: ECC 6.0, BI 7.0, EP, Windows 2008, MaxDB

Responsibilities:

• Post Go Live support to resolve all Basis & security-related issues and day to day technical support and resolution of Basis & security issues.
• Completely Installed, designed and implemented methodology for controlling end user access to plants, fund centers, cost centers, etc. Applied to both R/3 and BW/BI 7.0 environments.
• Conducted comprehensive analysis of existing Security environment and Identified Security issues, recommended and implemented solutions to problems.
• Experienced with Structural and non structural Authorizations.
• Responsible for all Security-related aspects of upgrade and good experience with monitoring.
• Documentation of all the procedures and involved in end user .
• Developed methodology and programs for continuous reconciliation of End User.
• Configured RFC connection between the systems in the landscape.
• Experience with Bex analyzer, Info Objects, Info Sources, Info Packages, ODS, Info Cubes, work flows.
• Configured Profile Generator (PFCG) and assigned user authorizations and profiles to user ids, setup security for the developers according to business requirements.
• Applied OSS notes in order to correct profile generator, security transactions and security report bugs and made source code corrections to run back ground jobs.
• Maintained all the instance profiles in development and production systems.
• Scheduled jobs in Background to clean up spool request, dumps.
• Creating and Assigning Roles/Profiles to Users using PFCG.
• User Administration and Password Management (Expiry of users and Profiles).
• Analyze Root Cause of Authorization Problems and fix the missing authorizations.
• User support, resolve end user problems on day-to-day basis.
• Profile Maintenance: Maintained all the instance profiles in development and Production systems.
• Scheduled jobs in background to cleanup spool requests, dumps, batch-input sessions, background jobs. Trace analysis and performed Daily SAP System checks and logs.
• Maintain User administration and System administration for Portal systems.
• Work with Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Used SU24 and maintained check indicators for Transaction codes.Security Audit:
• Supported Internal and External Security audits in the production systems.
• Worked closely with the Audit Team for User-role conflict removal in SAP.
• Scheduled the security background jobs that generate the reports.
• Identification of Key controls, Risks and SOD Issues.
• 24X7 Production Support

Confidential, Chicago, Illinois.

SAP Security Administrator

Environment: SAP ECC 6.0, Oracle 10g, Windows Server 2008

Responsibilities:

• Working closely with Audit team for user-role conflict removal.
• Advised developers to use function module AUTHORITY CHECK for custom programs.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones
• Work with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles.
• Extensively worked with security related tables such as AGR TCODES, AGR USERS, AGR 1251, AGR 1250, AGR DEFINE etc.
• Creating new users and maintaining users on day to-day basis (Single roles, Composite roles (jobs) and Derived roles).
• Perform UNIT testing on created roles.
• Transport Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape
• Transported the generated roles and profiles using SAP transport management system.
• Used SU53 to troubleshoot missing authorization issues for End Users.
• Used SM36, SM37 for Defining, Scheduling and Monitoring the Background Jobs appropriately
• Effectively analyzed trace files using ST01 and tracked missing authorizations for user’s access problems and inserted missing authorizations manually.
• Created users and maintained user master and established security policies and procedures.

Confidential, Lagos, Nigeria.

SAP Security Administrator

Environment: SAP ECC 6.0, SAP BW 3.5, BI 7.0, SQL Server, Windows Server 2005

Responsibilities:

• Provided SAP Security planning, implementation, testing, and support for ECC 6.0.
• Responsible for all Secure-related aspects of upgrade and good experience with monitoring.Documentation of all the procedures and involved in end user .
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Troubleshoot R/3 security problem by using different scenario such as system trace, parameter change, buffer reset, SU53, and SU56 in order to find security problem.
• User support, resolve end user problems on day-to-day basis.
• Work with profile generator (PFCG) in creating roles, profiles, composite roles & derived.
• 24X7 Production Support.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security.
• Maintained all the instance profiles in development and production systems.
• Analyze Root Cause of Authorization Problems and fix the missing authorizations
• Ran security reports for critical transactions and objects and for users who never logged on
• Worked with functional team leads to define the new transactions.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Trouble shoot R/3 security problem by using different scenario such as system trace, parameter change, buffer reset, SU53, and SU56 in order to find security problem

Confidential

SAP Security Administrator

Environment: SAP ECC 6.0, SAP BW 3.5, BI 7.0, SQL Server, Windows Server 2005

Responsibilities:

• Provided SAP Security planning, implementation, testing, and support for ECC 6.0.
• Responsible for all Secur-related aspects of upgrade and good experience with monitoring.
• Documentation of all the procedures and involved in end user .
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Troubleshoot R/3 security problem by using different scenario such as system trace, parameter change, buffer reset, SU53, and SU56 in order to find security problem.
• User support, resolve end user problems on day-to-day basis.
• Work with profile generator (PFCG) in creating roles, profiles, composite roles & derived.
• 24X7 Production Support.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security.
• Maintained all the instance profiles in development and production systems.
• Analyze Root Cause of Authorization Problems and fix the missing authorizations
• Ran security reports for critical transactions and objects and for users who never logged on
• Worked with functional team leads to define the new transactions.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Trouble shoot R/3 security problem by using different scenario such as system trace, parameter change, buffer reset, SU53, and SU56 in order to find security problem