Experience Summary:

• Overall 9 years of experience in SAP Security and Authorizations with strong understanding of information security practices.
• Handled security for various modules: BI / BW, APO, FI, CO, MM, SD, PM, HR / HCM, ESS, MSS, CRM, SRM, XI/ PI,Solution manager Enterprise Portal EP .
• Experienced in working for Full Life Cycle Implementation, Go-Live, Post Go-Live, and Production Support projects.
• Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP applications security.
• Security support for integration testing, user acceptance testing, and training efforts.
• Experience in implementing security in BW including infoobject level security with BW/BI.
• Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across the SAP landscape.
• Extensive User management experience.
• Broad experience in maintaining single, composite, and derived roles using Profile Generator PFCG .
• Central User Administration CUA experience to create users, assign roles, and maintenance.
• Experience in designing and implementing SAP HR Security using position based Security and
• ESS and MSS Modules.
• Very good knowledge of producing and analyzing reports in SAP using SUIM, and security related tables AGR , USR etc.
• Experience setting up users and security on Enterprise Portal and creating users/user groups through UME for SAP Netweaver.
• Experience in setting up Single Sign-On concept.
• Remediation of Segregation of Duties SOD within SAP implementation for SOX Sarbanes Oxley Compliance using GRC 5.3 tools Risk Analysis Remediation RAR , Compliant User Provisioning CUP , Superuser Privilege Management SPM and Enterprose Role Management ERM .
• Good exposure to GRC 10 area.
• Extensive experience with resolving ticket issues and troubleshooting security authorization problems while adhering to Service Level Agreements SLA .
• Experience on Audit projects and working as a liaison between the security team and auditors.
• Ability to manage multiple tasks in Production support and implementation projects.
• Experienced in adhering to the Change Management Process for transporting roles and tables, security objects and maintaining the change documents.
• Audit support experience with KPMG, E Y, PWC auditors.
• Good understanding of ASAP Methodology.

Technical Skills:

• ERP : ECC 6.0, SAP R/3 Enterprise 4.7/4.6C,BI 3.5/7.0,SCM 4.1/7.0 EP 7.0
• Modules : FI, CO, HR/HCM, MM, SD BW/BI
• Operating Systems : Windows 2000/NT/XP
• Databases : Oracle 9i/8i, SQL Server, MS Access
• Security Audit Tools : SAP GRC Access Control 5.3

Professional Experience:

Confidential

SAP Security Lead

Confidential is a global chemicals, technology and specialty materials company. It's one of the world's largest producers of acetyl products, which are intermediate chemicals, for nearly all major industries, as well as a leading global producer of high performance engineered polymers that are used in a variety of high-value applications.

Responsibilities:

• Project management and support in SAP Security globally.
• System, support pack and enhancement pack upgrades for SAP modules such as ECC, HR, BI, etc. as well as for GRC.
• GRC Access Controls 5.3 administration
• Portal user administration for multiple NetWeaver environments.
• Configuring Roles Authorizations according to the Business Needs.
• Configured Workflow in CUP and Created Users GRC 5.3 in SAP via CUP.
• Working on Remedy Ticketing Tool for the Business User Support.
• Working on Access Management for Various GRC Issues to Users.
• Handled New hires termination process on daily basis.
• GRC Admin activities like Role Owner changes,Background job scheduling for Email despatcher etc in GRC CUP.
• Working on Priority P1,P2 Tickets according to Super User Support. Finding exact Roles and Fixing the issues on priority
• Running SM20 on Daily basis to monitor ctitical t-code Usage.
• Provisioning GRC Fire Fighter access to Provide Emergency Support to Business Users on Daily Basis.
• Worked on Users Security, including T-Codes like: SU01, PFCG, PFUD, ST01, SUIM, SUPC, SU24, SU53, and SU56.
• Developed authorization profiles for FI, CO, SD, MM in Development, Test and Production environments.
• Administered Users, Authorization Data and Authorization Profiles.
• Trouble-shoot authorization problems using Repository Information System and tracing authorizations using SU53, SU24 and ST01.
• Providing support for work book access hierarchies and node level access, Comprehensive knowledge exchange and documentation of security including Profile Generator, Day to day technical support and resolution of security issues.
• Performed SAP License Administration analysis, implementation, and submission to SAP
• Created BW roles and restricting them in Queries, Info cube, Info area levels.
• Set up Central User Administration CUA for multiple clients across 12 systems.
• Performed user administration activities in the CUA System landscape
• Troubleshoot CUA related issues.
• Delinked/Linked child clients from CUA setup during client refreshes.

Confidential

Designation : Sr. SAP Security Consultant

Environment: ECC 6.0, HCM Manage People NetWeaver 7.0

Rio Tinto is one of the world's leading mining and exploration companies. They process the metals and minerals essential for making thousands of everyday products. The Group's major products include aluminum, copper, diamonds, energy products, gold, industrial minerals and iron ore. Rio is strongly represented in Australia and South Africa.

Responsibilities:

• Expertise in SAP Security and Authorizations which includes Role Maintance, User Administration.
• Updated HR structural authorizations design to streamline maintenance and user access issues.
• Designed, developed, and maintained structural authorizations and standard/derived roles for position-based HR security strategy, driven by complex span-of-control requirements.
• Implemented Personnel Administration and Organizational Management PA and OM modules of HCM.
• Developed and maintained roles and performed user administration for ECC, Solution Manager, BI, GTS, PI, and SCM development systems.
• Set up, configured, and maintained Central User Administration CUA landscape.
• Performed gap analysis, conducted risk assessments, managed issues, designed and documented procedures.
• Trained clients to maintain structural authorizations and documented all changes/recommendations.
• Working on HR Security such as assigning of roles to positions, handling issues in portal.
• Security support for integration testing, user acceptance testing, and training efforts
• Interacted closely with the Data Owners of various agencies to determine appropriate security roles to assign users.
• Worked with business, functional support team for maintaining the GRC components.
• Experienced configuring GRC Access Control 5.3 for various scenarios and documenting each scenario.
• Implement and configure Risk Analysis and Remediation formerly Compliance Calibrator.
• Implement and configure Super user Privilege Management formerly Firefighter.
• Create roles in the UME to support GRC Access Control access.
• Worked with Internal Control team for Role Remediation and User Remediation.
• Train Compliance and Business Leads how to interpret RAR SoD reports and work with Security how to resolve SoD conflicts.
• Remediate Sarbanes-Oxley audit results and develop mitigating controls with business leads.
• Worked in all risk control processes including IT general controls, testing plans, testing execution in an integration testing environment and control remediation.
• Extensively worked on management view, risk analysis, audit reports, security reports and background jobs for analyzing the risks in role level.
• Created analysis authorization RSECADMIN to implement field level security for financial report by company code and sales organization.
• Co-ordinate Functional Unit testing FUT , Integration Testing IT , for Roles and authorizations to ensure accuracy and segregation of duties.

Confidential

Senior System Engineer Security

Confidential is the Parent company, Matsushita Electric Industrial MEI Co. Ltd. is the Headquarters in Osaka Japan. It has total 231 companies, scattered in five different regions North and Latin America, Europe, CIS Middle East and Africa, Asia and Oceania, China and North Asia.

Responsibilities:

• Completely designed and implemented methodology for controlling end user access to plants, fund centers, cost centers, etc. Applied to both R/3 and BW environments. Designed security solution for FI AR, AP, SD, FA , CO, FM, MM, QM, PM, PS, HR Time Entry, Travel modules.
• Configured and managed Central User Administration CUA environment.
• Performed full analysis of client's existing security solution, documented and implemented detailed remediation steps.
• Worked with profile generator PFCG in creating roles, profiles, composite roles, composite profiles, derived roles, and global roles.
• Knowledge transfer to team members, provided ongoing security related support for all security milestones during different phases.
• Responsible for complete lifecycle, from designing, unit testing, integration testing, user mapping, go-live and post production support.
• Provide daily SAP R/3, CRM, APO, BW, SCM, EBP and HR security production support such as ID requests, access requirements and troubleshooting problems. Defined and maintained authorizations and roles.
• Designed, developed, and maintained roles for HR / HCM Organizational Management, Personnel Administration, Succession Planning, Compensation Management, and Performance Management , BI / BW, ESS, MSS, and Portal for Global SAP Implementation.
• Maintenance of HR organizational structure to administer and control user access, including time-delimited access.
• Made the BI Security Roles as granular and optimum so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used SAP best practices like setting the following InfoObjects as authorization-relevant and using them in Analysis Authorizations 0TCAACTVT, 0TCAIPROV, 0TCAVALID.
• Maintaining the Users and Authorizations in SAP XI systems.
• Maintained Assignment of Authorization Objects SU24 .
• Maintained program authorization groups Report RSCSAUTH and table authorization groups SE54 to protect access to programs and tables.

Confidential

System Engineer Security

• Design and implement BW and Enterprise Portal roles
• Configure Compliance Calibrator tool by Virsa including setting up the rules, functions, risks and mitigating controls.
• Remediate roles as per the SOX requirements to make the roles free from SOD conflicts.
• Design and implement Access Enforcer tool by Virsa as a user provisioning tool.
• Involved in the business workshops to resolve the SOD conflicts in the current existing roles.
• Design and implement etime project by OpenHR for compensation benefits etc.
• Create new transaction codes for programmers and maintain check indicators as necessary using SU24.
• Design, prepare and participate in various Integration tests including the initial unit and PILOT tests by coordinating with the BASIS team in the areas of security transports to other clients and systems including the user master copy whenever there is a client refresh or new client creations.
• Daily issue resolution and end user support Production Support issues
• Worked on analyzing the authorization problems using Trace ST01 and SU53 transactions
• Check SOD conflicts using Compliance Calibrator Virsa tool and apply mitigating controls to make users SOD free.

SAP AG

SAP AG is a Confidential that makes enterprise software to manage business operations and customer relations. Headquartered in Walldorf, Baden-W rttemberg, Germany, with regional offices around the world, SAP is the leader in the market of enterprise applications in terms of software and software-related service. SAP is one of the largest software companies in the world

Department : Apps Dev ERP DC Reporting / Self services

Confidential

• Created SAP Roles, and users in standalone training environment for 19,000 named user base covering R/3 BW.
• Trouble-shoot authorization problems using Repository Information System and tracing authorizations using SU53, SU24 and ST01.
• Maintenance of HR-Organizational structures, assignments positions, roles .
• Experience in working with Transports STMS in transporting roles between Development, QAS and Production R/3 systems and users.
• CUA administration and maintenance experience - Monitoring CUA logs daily using SCUL, monitoring and reprocessing failed IDOCs.
• Responsible for creating user IDs based on a standard naming convention, setting up of new users, modifying user accounts, resetting passwords, locking and unlocking user IDs.
• Providing support for work book access hierarchies and node level access, Comprehensive knowledge exchange and documentation of security including Profile Generator, Day to day technical support and resolution of security issues.
• Educated client personnel in R/3 Security and general Basis knowledge.
• Modification of the User access based on the requirements based on SU53 transaction snapshot after seeking the Managers approval.
• Continuously improved security configuration to reflect best practices and to prepare for system audits.

Confidential

SAP Security Consultant

• Administered Users, Authorization Data and Authorization Profiles.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Involved in revamping of security spec design, development testing protocol design.
• Worked on Users Security, including T-Codes like: SU01, PFCG, PFUD, SCAT, SCEM, ST01, SUIM, SUPC, SU24, SU53, and SU56.
• Developed authorization profiles for FI, CO, SD, MM in Development, Test and Production environments.
• Creation and Maintenance of activity groups and custom authorization objects.
• Creating BW roles and restricting them in Queries, Infocube, Infoarea levels.
• Secured Reporting users by configuring roles and authorization objects.
• Identified all the org level info objects and confirmed they are Authorization relevant.
• In BI security created roles and analysis authorization based on the Info Cube and Info Area level.

Confidential

• Extensively used Automatic Profile Generator PFCG to create profiles for various modules such as HR, MM, FM, GL, CO, AP, AR etc.
• Created users and maintained user master and established security policies and procedures.
• Fixing end user Roles/Profiles based on Change Requests created for breaks-fixes.
• User Administration and Password Management Expiry of users and Profiles .
• Analyze Root Cause of Authorization Problems and fix the missing authorizations.
• Setup profile generator to create authorization profiles. Created users and assigned appropriate authorizations / profiles to them.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.