Experience Summary

• Involved in complete SAP R/3 project lifecycle from design phase to post-implementation /Support phase on several projects in security arena.
• Proficient in troubleshooting and handling user issues by using SU53, tracing(ST01) and user information system (SUIM),locking and unlocking users ,running reports in Excel sheets and monitoring users having access to some specific controls.
• Provided SAP Security planning, implementation, testing and support for ECC 6.0.
• Experience and Knowledge of security procedures for user creation, maintenance and migration in client-specific user administration model and central user administration (CUA).
• Provided Sap Security design, configuration and support for SAP 6.0 systems running BI/BW 7.0, experience with BI 7.0 authorization concept.
• Hands on experience with HR Security and BW/BI Security.
• Developed and documented security policies and procedures, user maintenance, activity group/role maintenance using profile generator.
• Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production R/3 systems and users.
• 24X7 Production Support.
• Providing reports of daily, weekly & monthly security monitoring tasks adhering to SOX Audit guidelines
• Experience in working with SAP GRC Access Control Tools like Access Risk Analysis (ARA) and Role Management , Fire Call ids
• Analyzing the various issues of portal users by checking their accounts both in the portal and also in the backend ECC system
• Checking the assignment of portal groups to the users
• Transport new roles across landscape in CHARM
• Maintaining the documentation of the support process
• Guiding the support consultants to use the newly implemented GRC tools in the SAP environmen

• ERP:
• SAP R/3 4.6C, 4.7 EE, ECC 6.0, BI 7(BI Cont. 7.03), EP 7.0,CRM 4.0/5.0/7.0, XI/PI 6.0,SCM 7.0,SRM 5.0,Virsa, GRC 5.3, 10/10.1
• RDBMS:
• Oracle8.x/9.x/10g, MS SQL Server 2000/2005
• OS:
• Linux, Sun Solaris 10,AIX 5.x,HP-UX 11i ,Windows 2003 Advance server

• Conducted comprehensive analysis of existing Security environment and Identified Security issues, recommended and implemented solutions to problems.
• Experienced with Structural and Non-structural Authorizations.
• Set up Central User Administration (CUA) to manage multiple systems/clients.
• Provided SAP Security Planning, testing, and support for E.C.C 6.0.
• Involved in the Role re-design project for creation of enabler roles
• Restrict table access through authorization groups.
• Creating roles and assigning roles to users.
• Creating derived and composite roles with proper approvals.
• Created customized end user roles and menus, plus hundreds of ‘mini-roles’ to allow for low-level modular access control.
• Responsible for all Security –related aspects and good experience with monitoring.
• Documentation of all the procedures and involved in end user training.
• GRC upgrade experience with GRC RAR, CUP, ERM, SPM and SAP CUA (Central User Administration) integration with SAP GRC.
• Experience in creating and assigning Fire Fighter ID’s and extracting Fire Fighter logs.
• Provide daily EP security production support such as ID requests, access requirements and troubleshooting problems. Defined and maintained authorizations and roles.
• Assigned user roles to user ids, setup security for the developers according to business requirements.
• Used ARA & RM tool extensively for handling SoDs conflicts at role & user level.
• Performed Daily & Quarterly SoD conflicts review.
• Fixing end user Roles based on Change Requests crated for breaks/fixes.
• Analyze Root Cause of Authorization Problems and fix the missing authorizations, User support, resolve end user problems on day-to-day basis.
• Maintain User administration and System administration for Portal systems.
• Work with Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts
• Used SU24 and maintained check indicators for Transaction codes.

Security Audit:

• Supported Internal and External Security audits in the production systems.
• Worked closely with the Audit Team for User-role conflict removal in SAP.
• SAP User Access Management and Auditing for Sarbanes-Oxley Compliance requirements and remediation/Mitigation of security roles for SOD conflicts.
• Assisted Sarbanes Oxley Compliance - SAP System Audit and documentation of significant Processes and controls

• Responsible to implement Role-based security administration, including design, testing and documentation.
• Extensive involvement in SAP project proposals.
• Worked with PFCG in creating roles, profiles, composite roles & derived.
• Created customized end user roles and menus to allow for low level modular access control.
• Set up security roles and user accounts for over 1000 End Users for primary Go Live.
• Worked with GRC systems in identifying conflicts single roles and composite roles.
• Redefined authorization scope using SU24 etc.
• Conducted all tasks for Business Blueprint and Realization phases of project.
• Created new and edited the existing Authorizations as per the requirements coming through Help desk which involves the inclusion of transactions in the menu tree or editing the activities as per SU53 results.
• Work with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security.
• Implemented IT controls and a new security process for User Access Management and Segregation of duties to ensure.
• Worked extensively with SPM in creating and assigning of Fire Fighter ID’s.
• Assigned Fire Fighter Control to Fire Fighter ID.
• Analyzed all customer programs and transaction codes for authority checks.
• Worked with functional team leads to define the new transactions.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Trouble shoot R/3 security problem by using different scenario such as system trace, parameter change, SU53, and SU56 in order to find security problem.
• Continuously improved security configuration to reflect best practices and to prepare for system audits.
• Extensively used Central User Administration (CUA) using SCUM and SUCL to set up over 1000 SAP users & created CATT scripts for mass user creation.
• Respond to requests and prepare SAP security reports based on management and department needs.
• Worked with Info object level BI security and Coordinated with the functional and business team.
• Administered the BOBJ authentications & permissions
• Configured RFC connection between the systems in the landscape.
• Experienced in creating CATT scripts for user creation, user deletion, role deletion, assigning roles to users.
• Extensively used PFCG to create roles/profiles for various modules such as HR, MM, FM, GL, CO, AP, AR etc. and created, generated profiles, Authorizations, object classes, objects, and roles and assigned to user master

• Created users, roles and assigned required privileges for the database access.
• Performed transports and mass transports of roles.
• Used PFCG for creation, modifying roles, composite roles, global roles, derived roles.
• Troubleshoot security/authorization related problems using SU53, ST01, RSSM (for BW) and SUIM.
• Used several transactions (SU10, SU53, SU24, SUIM, SE93 etc.) and administered Huge user base.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Created Transaction codes for the programs and ran the transactions.
• Created users and maintained user master and established security policies and procedures.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
• Performed transports and mass transports of roles and Used CATT scripts for mass users and assigning roles.
• Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of Significant Processes and controls.
• Performed Risk Analysis at user level and Role level and to mitigate risk for the users using risk analysis and Remediation tool (RAR)

Client
Confidential, Sweden.
Role :SAP Security

Environment
SAP R3 4.7 Ext set 1, BW 3.0, CRM 4, IPC, SEM/AP and VRAT.

Roles and Responsibilities:

• Troubleshoot day-to-day problems, Verification of ABAP Short Dumps and System logs.
• Configuring and Managing Transport Management System (TMS).
• Establish detailed security plan, strategy and maintenance procedures Security, Profile Generator (PFCG) and related functions.
• Provide on-call support on a rotational basis and as needed.
• Creation, modifying roles, composite roles, global roles, derived roles.
• Creating users and authorizations to the users.
• Traced user authorization errors.
• Secured roles by company code, plant, cost center etc
• Ran security reports for critical transactions and objects and for users who never logged on.
• Used several transactions (SU10, SU53, SU24, SUIM, SE93 etc.) and administered users
• Respond to requests and prepare SAP security reports based on management and department needs.
• Providing reports of daily, weekly & monthly security monitoring tasks adhering to SOX Audit guidelines
• Review critical & sensitive authorizations, implement improvements to meet audit requirements
• Knowledge of Audit information system.
• Experience with Bex analyzer, Info Objects, Info Sources, Info Packages, ODS, Info Cubes, work flow

• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24.
• Performed transports and mass transports of roles.
• Established detail security plan, strategy and maintenance procedures Security, Profile Generator (PFCG) and related functions.
• Created users and maintained user master and established security policies and procedures.
• Used PFCG for creation, modifying roles, composite roles, global roles, derived roles.
• Created user locks and maintained user locks.
• Proficient in handling user issues and troubleshooting user issues.
• Traced user authorization errors.
• Used several transactions (SU10, SU53, SU24, SUIM, SE93 etc.) and administered users.
• Used Virsa tool extensively for handling SOD conflicts for each user.
• Created structural authorization profiles.
• Extensively used VIRSA/GRC access control suite to meet the SOX compliance.
• Worked with VIRSA systems VRAT tool in identifying conflicts single roles and composite roles.

• Creation of Users & Given Authorization to them
• SAP security through the profile Generator and Management of Users and Authorizations.
• Tracing Authorizations
• Modification /Creation of various authorization profiles
• User master maintenance
• Basis support of end user issues through clarify cases in user and authorization profiles
• User Information System, finding missing objects
• Solving the trouble tickets requested by users

• Extensive experience with SAP security and user administration.
• Good acumen in monitoring and maintenance.
• Transport management system and transportation of changes requests.
• Scheduling and managing background jobs.
• User administration and system authorization. Evaluating, granting, revoking, maintaining user authorizations.
• Database Monitoring - alerts, performance and error analysis.
• Error Analysis through OS log, System Log, Database log, Dump Analysis.