SUMMARY

• 7 years of SAP experience including SAP Security Implementation & Administration, GRC, Risk Remediation and Management, User Provisioning, Role Management, ABAP Development, Basis support.
• Involved in 4 full life cycle implementations, Re-Design and production support in mySAP ERP ECC 6.0, 5.0, SAP R/3 4.7, 4.6C, Net weaver (ABAP and Java Stack) lifecycles from Design phase to Post-implementation phase on different projects.
• Strong experience at designing security for SAP R/3 Modules SD, MM, FI/CO, ISCD, PP, HR/HCM, BW/BI7.0, SRM7.0/Enterprise Buyer/EBP, CRM 7.0, XI/PI, EP 7.0, Solution Manager.
• Comprehensive experience at maintaining, formulating Security Policies and Procedures, User maintenance (SU01, SU10), Role maintenance using Profile Generator (PFCG), Security TCodes and Security redesign strategy.
• Troubleshoot user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving the issue by giving required authorizations (SUIM, SU53, RSECADMIN, ST01 and ST22) in different modules.
• Strong Experience and knowledge of Security procedures for User administration and Central user administration (CUA).
• Experience at mass user creation and maintenance and using Computer Aided Test Tool (CATT/eCATT) scripts.
• Experience with Role Design and Modification as per SOX and SOD security requirements and compliancy.
• Experience with GRC Access Control(5.3, 10.0) - Risk Analysis and Remediation (Compliance Calibrator), Compliant User Provisioning (Access Enforcer), Super user Privilege Management (Fire Fighter), Enterprise Role Management (Role Expert).
• Expertise with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
• Strong experience in implementing and working with security with SAP HR module including Structural Authorizations, ESS & MSS and Position Based Security and Context Sensitive authorizations.
• Extensively worked on CRM Security. Set up Web UI Security using Business Roles. Created Business Partners and assigned in Org Structure using BP, PPOMA CRM.
• Experience with Portal Security, User Management, Development of Portal Roles, Single Sign On (SSO), Identity Management (IDM) and Security Weaver.
• Worked on Upgrade projects from R/3 4.6C to ECC 6.0 and BW 3.0 to BI 7.0 including upgrade & post-upgrade steps, assessment of authorizations and redesign.
• Strategizing and implementation of SAP Security models, processes and procedures adhering to SAP Best Practices.
• SAP BASIS Administration functions such as Transports, OSS notes, system monitoring etc.
• Worked as an onsite-offshore coordinator/team lead and able to work independently and as well as in a team environment with multiple projects/tasks.
• Extensive experience in interacting with business/process team for data and information gathering, integration and UAT process and sign off process.
• Excellent communication, problem solving, analytical, leadership and inter-personal skills.

TECHNICAL SKILLS

SAP Versions SAP 4.0x/4.6C/4.7, ECC5.0/6.0, Netweaver 7.0.

SAP Modules SD, MM,PP, PM, PS,FICO,QM, HR/HCM, BW 3x/BI 7.0, XI/PI, EP7.0,

CRM7.0, SRM7.0/Enterprise Buyer/EBP, SSO, LDAP, Solution Manager,

SAP Identity Management 7.x, Active Directory, Basis.

GRC Risk Analysis and Remediation (Compliance Calibrator), Enterprise Role Management

(Role Expert), Super user Privilege Management (Fire Fighter), Compliant User

Provisioning (Access Enforcer)

Databases ORACLE 9i/10g/11g,My SQL,MS-Access,

Operating Systems Windows NT/98/2000/XP/7,WINDOWS SERVER 2K/2K3 AIX 6.1,7.1,LINUX 7.2

Tools GRC 5.2,10.0,VRAT,VIRSA CC,FF,APPROVA,SW,QTP,Remedy,HP Quality Center,FrontPage And MS-OFFICE

Scripting CATT,ECATT,LSMW,QTP,UNIX SHELL SCRIPT, Java,PHP

EXPERIENCE

Confidential Columbus,OH

Sr. SAP Security Consultant

Responsibilities:

• The scope of the project was to redesign the security for SAP ECC6.0, FI-CO, ISCD, HCM, BI modules.
• Designed, Developed and maintained Single roles, Composite roles, Master and Derived roles and Secured roles by Organizational levels for different SAP Modules– FICO, ISCD, HR/HCM, BI 7.0, PI and Enterprise Portal7.0.
• Involved in Blueprint and Redesign existing security roles to maintain SOX Compliance.
• Worked with business to redesign the roles without any SOD risks in roles and defined roles based on different business functions in compliance with SOX.
• Prepared RBE (Reverse Business Engineering) data and prepared various reports showing usage analysis of transactions, programs by different business users-Very critical for role-redesign.
• Extensively worked with Profile Generator Tool (PFCG) to design the roles.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes as recommended by SAP best practices.
• Extensively worked with the ST01 tracing and analyzing the trace records for the user in the process of trouble shooting.
• Make sure that the authorization groups for all the required tables have been maintained in TDDAT table using SE54 transaction.
• Transported the generated roles and profiles using SAP transport management system.
• Implemented HR security and provided production support on HR security and structural authorizations (MSS)
• Extensively worked with the SUIM tool everyday in the process of monitoring the system.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles.
• Exclusively worked on BI Objects by restricting the access for Reporting and Power Users.
• Made the info objects authorization relevant and created analysis authorizations to provide security on Hierarchies and Info Objects.
• Implemented BI Security with management of Analysis Authorizations at Characteristics, Key Figure and Hierarchy Node Level using Transaction RSECADMIN.
• Worked on BEx analyzer using transaction RRMX and restricting the users to see the queries using S RS COMP and S RS COMP1.
• Extensively worked with the PLOG, P ABAP, P PERNR, P ORGIN and P ORGINCON objects in designing the HCM Roles.
• Maintained Infotype 105 in PA30 transaction to maintain HR master data.
• Set up structural authorizations for HCM module which involved activating, creating and assigning structural authorization for administrator.
• Designed, Developed and Tested ESS/MSS roles in conjunction with Enterprise Portal.
• Developed and maintained T& E User and T&E Surrogate roles to submit expense reports for self and others in department.
• Redesign GRC Rule-set, Identified new risks, functions and removed false positives in GRC rule set.
• Worked with business to build custom GRC rule sets for SAP Insurance Landscape (not provided by SAP standard rule sets).
• Based on our company’s SOD Risk Matrix, all the roles have been done SOD checks at both role level and user level using GRC RAR and also implemented mitigation controls.
• Designed, documented and implemented the GRC Stay Clean procedures such as Rule set change, User and Role Creation and Change process and other SAP Security Processes.
• Schedule background jobs in GRC RAR for time to time data synchronizations, Rule generations.
• Created Mitigation Controls and assigned it to users as part of company procedures.
• Extensively used Emergency Repair tool(ER) to provide access to the users.
• Closely worked with the Internal Auditors while doing the System Audit and implemented the recommendations advised.
• Performed quarterly SAP Security self assessment Audit and coordinated with external auditors for resolution of audit issues.
• Defined and documented SAP Security Standards and Operational and Administrative processes.
• Primarily responsible for the pre and post system refresh steps for Security processes.
• Assisted the testing group users in their security issues, at various stages of the project.
• Actively involved in Annual Access Re-verification exercise at Allstate.
• Extensively worked on production tickets and requests, second and third level support, fixing end user Roles/Profiles based on change requests created for breaks/fixes.

Sr. SAP Security/GRC Consultant

Responsibilities:

• The scope of the project was to redesign the security for SAP ECC6.0, SD, MM, HR, FI-CO, BI 7.0(Reporting and analysis based Security), CRM and Enterprise Portal7.0 modules.
• Designed, Developed and maintained Single roles, Composite roles, Master and Derived roles and Secured roles by Organizational levels such as Company Code, Plant, Cost Center, Profit center, Purchasing Organization etc.
• Performing risk analysis for the transaction codes in GRC 5.3 using RAR and looking for any SOD conflicts
• Performed mitigation at the user level by applying mitigation control id. Analysis of the roles in Compliance Calibrator by simulation for remediation.
• Updated the rules by creating new risk id for conflicting functions and transported through the landscape of GRC RAR.
• Extensively worked with Profile Generator Tool (PFCG) to design the roles.
• User administration (SU01, SU10, CUA and Solution Manager): setting up UserIDs, assigning roles, resetting password locking/unlocking users, creation of Multiple R/3 User IDs using eCATT.
• Creation of Authorization Groups to restrict the R/3 table access and program access and review and correction of sensitive authorizations (S TABU DIS, S USER TCD), including assignment of authorization for sensitive tables.
• Troubleshoot user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving the issue by giving required authorizations (SUIM, SU53, RSECADMIN, ST01) in different modules.
• Used transaction RSECADMIN for creating analysis authorizations and S RS AUTH for assigning authorizations for BI query end user roles.
• Made the info objects authorization relevant and created analysis authorizations to provide security on Hierarchies and Info Objects.
• Worked on BEx analyzer using transaction RRMX and restricting the users to see the queries using S RS COMP and S RS COMP1.
• Set up structural authorizations for HR module which involved activating, creating and assigning structural authorization.
• Extensively worked with the P PERNR, P ORGIN, P ORGINCON and P ORGXXCON objects in designing the HCM Roles.
• Designed roles for CRM enterprise sales and services by restricting users on Sales, Presales and Billing transactions.
• Created Ebuyer and assigned the users to Organizational Unit (Users Gen) and validate to appropriate Spending and Approval Limits in the user roles.
• Created Test IDs and attach appropriate Business Role, support Testing team and also performed Unit Testing, Integration testing on created roles using Test Director Tool.
• Used Compliance Calibrator (Risk Analysis and Remediation) to automate all SOD related activities like defining SOD conflicts, monitoring SOD conflicts, prevention of SOD conflicts and mitigating controls.
• Worked on Virsa Fire Fighter (FF) for Technical, Functional, and Audit team and implemented fire fighter to capture every action of users.

Sr. SAP Security Consultant

Responsibilities:

• As a SAP Security Consultant working for the implementation project, performed administration activities such as setting up user login ID’s, designing Roles, Authorization Objects, Profile Generator, User Tracing and Troubleshooting.
• Worked extensively with the ECC 6.0, HR, BI 7.0, EP, SEM, ESS/MSS and SIM Environments.
• Extensively involved in Re-designing the SAP Security for ECC system. Designed the Role based security for the users by knocking out Task based security.
• Extensively worked with Profile Generator Tool (PFCG) to design the roles.
• Involved in Complete full life cycle implementation of Redesigning the Security from requirements gathering to after Go-live support.
• Performed User Administration using Central user administration (CUA) to create and maintain all user master data across the multiple systems landscape
• Designed custom roles for end users, process and technical teams (Basis, Configurations, Developers and Security) in the sandbox, development, quality, and production environments for all SAP modules.
• Responsible for day to day technical support and resolution of security issues, trouble shooting R/3 security problems.
• Extensively worked with the SUIM tool everyday in the process of monitoring the system.
• Extensively worked with the ST01 tracing and analyzing the trace records for the user in the process of trouble shooting.
• Extensively worked with the PLOG, P ABAP, P PERNR, P ORGIN and P ORGINCON objects in designing the HCM Roles.
• Did the defect fixing for all the HCM, FI, TM, PY and BI by analyzing the traces. Resolved the conflicts in the integration testing between ESS/MSS and Security Redesign.
• Did the system cleanup process by generating reports based on queries and identified the users who are withdrawn from the company and who are scattered in different organization structures.
• Extensively involved in Unit testing and Integration testing and coordinated all the testers in all the testing life cycles.
• Implemented InfoObject Security (field-level security) for Reporting Users and also created analysis authorizations.
• Used transaction RSECADMIN for creating custom authorization objects and S RS AUTH for assigning authorization objects for BI query end user roles.
• Portal Security – Designed, Developed, Testing and Implementation of Enterprise Portal User IDs, Roles.
• Used the Peregrine production support ticketing system and Amtrak’s local ticketing system eTrax to assist the users 24x7.
• Involved in Blueprint and Redesign existing security roles to maintain SOX Compliance.
• Implemented Risk Analysis and Remediation (Compliance Calibrator 5.2), Super user Privilege Management (FireFighter 5.2)
• Created FF-IDs for functional people and regularly monitored FF log reports.
• Used CC (Compliance Calibrator) and RE (Role Expert) to do the role analysis to find out the Conflicts in the roles.

SAP Security Consultant

Responsibilities:

• Designed, implemented and maintained security for all landscapes which include SAP ECC6.0, Net Weaver2004s, Solution manager4.0, CRM5.0, SRM5.0, PI, Portal and BI 7.0.
• Created users and maintained user master and established security policies and procedures.
• System study of the current landscape, handling SAP security issues in authorizations (thru PFCG) on PRD, DEV and QA servers.
• Major involvement with the Development and function teams in their day-to-day security requirements.
• Created and modified Single, Composite and Derived Roles using Profile Generator (PFCG) to meet business requirements by making sure users do not get more or less authorizations than needed to perform their task.
• Troubleshoot R/3 security problem by effectively analyzing trace files using ST01 and authorizations for users (SU53) and tracked missed authorizations for user’s access problems and inserted missing authorizations manually in order to analyze security problem.
• Used Central User Administration (CUA) to handle User Administration/maintenance activities: setting up UserIDs, assigning roles, resetting password, locking/unlocking users.
• Extensively used SUIM reports for critical transactions and objects and for users who never logged on.
• Experienced with SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes as recommended by SAP best practices.
• Provided Authorizations for Middleware Developer, Administrator, Consultants in CRM.
• Set up CRM security for Marketing, Business Partner Security, E-commerce (Internet Sales) and Product Security.
• Implemented security for BW reporting users using analysis authorizations in BI7.0 using the new security tool RSECADMIN.
• Protected security related Tables using SE54.
• Created and maintained service users for different XI components like Integration repository, Integration Directory, Adapter Engine and soon.
• Used SAP supplied roles and also built new roles in SRM to restrict Managers, Secretaries and employees based on the Spend/ Approval limits.
• Transported roles to DEV, QA and PRD environments as per the Change management process.
• Assisting the End Users by providing necessary access for the daily tickets and doing the role changes for the Developers and Functional Users.
• Remediation of Segregation of Duties SOD using VIRSA Compliance Calibrator.
• Worked with respective functional heads for segregation of duties and security changes based on SOX requirements.
• Worked on creating users in User Management Engine (UME) and assigning appropriate roles.

SAP Security Consultant

Responsibilities:

• Discussed security recommendation with management team.
• Created and modified Single, Composite and Derived roles.
• Extensive knowledge on troubleshooting security related problems using SU53, ST01 and ST22.
• Created and maintained user master records using SU01 and SU10.
• Worked with the business managers in defining access requirements for end users, maintain role design methodology and worked with Functional team members to set up end user roles.
• Worked on SAP check indicator defaults and field values using transactions SU24 and maintained check indicators for Transaction code during testing.
• Identified fixes for production issues related to security and tested them in DEV and QA systems and transported to PROD environment.
• Supported Unit testing and Integration testing of roles/profiles.
• Performed reconciliation of user master record and roles using PFUD and SUPC.
• Performed User Administration activates such as setting up user logon ID’s and assigning and resetting passwords, locking and unlocking users.
• Worked on user administration in SAP portal security, creating users, roles and user groups in to give users access to iview objects