SUMMARY:

• 8 years of experience working in SAP Security Administration & Authorizations and security planning for all SAP modules.
• Experienced using Virsa tools: Compliance Calibrator, Access Enforcer, Role Expert, Fire fighter
• Worked on a full life cycle implementation of SAP security from design phase to testing and Go Live phase.  
• Expert in user administration through the use of SU01, SU10, ST01, SUIM 
• Extensive experience with best practices using SU24 
• Worked closely with functional consultants for evaluation of requirements and defining, developing and testing the roles.
• Used Profile Generator for role maintenance, generate and assign authorization profiles. 
• Expertise in design, development and administration of user roles, authorizations, and user profiles. 
• Extensively worked with Profile Generator (PFCG), Role creation (single, composite and derived roles), modifications, User Administration by using SU01. 
• Maintained user master records; create, change and assign users to user groups and activity groups. 
• Used system trace (ST01) to record authorization checks for user sessions and tracing the missing authorizations. 
• Coordinated with other teams to ensure that security settings meet the business requirements and align with the defined controls and standards. 
• Used CATT scripts for automating the mass changes/generation of user master records, roles, profiles, etc. 
• Created new custom roles, t - codes, custom objects, custom object classes and implemented table and program security and global maintenance of authorization checks.
• Skilled in using CUA  
• Experienced with SAP Security strategies and guidelines for GRC.
• Knowledge on SAP Process Control 5.2 and experienced on SAP GRC Access Control 5.3 and GRC 10.0(ARA, ARM and EAM)  
• Experienced and strong with Security audits, SOX Compliance and applied Segregation of Duties (SoD) within all SAP Implementations.

TECHNICAL SKILLS

SAP  ERP: ECC5 & ECC6, PI, GRC, HCM, SRM, BW, BI, HR, GRC, SSO, SAP R/3 4.6C, 4.6B, 4.0B, BW 3.0B, BI/BW, HANA-   SLT,  HANA Studio.

Programming Languages: ABAP/4, HTML, COBOL, C/C++, SQLScript

Operating Systems: Microsoft Windows or UNIX

Databases: SQL Server, Oracle

Interfaces: BAPI, ALE, RFC

Data Modeling: Attribute views, Analytical Views, Calculation Views, Star Schema, Snow-Flake, Modeling, Fact and Dimensions tables. 

PC Applications: MS Word, MS Power Point, MS Excel

PROFESSIONAL EXPERIENCE

Confidential, NJ

SAP GRC analyst

• SOD Risk Management using Risk Analysis & Remediation (RAR) tool, Rule Building & Validation, creation of Risk-related mitigation controls and maintenance to provide continuous compliance. 
• Created Users, Roles, Privileges, Packages, Schemas as part of HANA Security and Development
• Worked with Fire Fighter tool. Assigned Firefighter Id’s to Owners, Administrators, Controllers & firefighters worked on Configuration Tables, Firefighter Emails & Critical Transaction Tables.
• Troubleshoot and develop solutions to SAP security issues in production, quality, development, and testing environments
• Responsible for security role and profiles in SAP ECC, SAP BW, SAP SRM, SAP Portals and SAP GRC; managing role violations, role owners and documentation
• Created Users, Roles, Privileges, Packages, Schemas as part of HANA Security and Development
• Dispatched Single Sign On (SSO) for entire organization
• Worked with risk managers while reviewing the technical specifications for RAR.
• Provided Training on Firefighter and Compliance Calibrator, which includes Firefighter User Interface, Strategy and Reports.
• Configured and Maintain Central User Administration (CUA).
• Performed user and role administration using SU01 and PFCG respectively. 
• Fixed authorization issues with the help of authorization analysis (SU53) and system trace (ST01)
• Performed User master maintenance such as creating new users, assigning roles, deleting users, renaming users, resetting password, Lock/unlock User ID using transaction code SU01 
• Resolved Segregation of Duties (SOD) conflicts for appropriate Role assignment to users.
• Worked with User Information System (SUIM) for reporting and trouble shooting.
• Designed, Developed, & Maintained Security Roles
• Worked on troubleshooting R/3 Security issues (SU53, ST01), RSECADMIN for BI.
• Resolved thousands of Production Support Tickets using remedy service desk tool.
• Traced users, SAP objects and custom reporting authorization objects to debug an authorization error, resolving the issue by giving required authorizations (RSRTRACE)
• Experience with ECC6, SRM, PI security ABAP, HANA and UME (J2EE) roles.
• Analysis, Design and Implementation of the BW Data Models on HANA involving End-to-End data modeling and reporting for the Global BI reporting program to the client. 
• Created multiple data modeling and reporting objects involve Composite providers, DSO, HANA Calculation Views, BEx reports with complex time structures. 
• Activation of BW Content (v.7.4), customizing BW solutions on HANA, creation of HANA Views, data flow, enhancing transactional and master data standard extractors, construction of different types of Info providers, universes, Query development in SAP BEx and SAP BO WEBI, performance tests, data-load process chains, incidences attendance and elaboration of functional and technical documentation, etc. 
• Worked on creating Attribute Views, Analytical views and Calculation Views. Developed HANA Views and Composite providers within BW reporting and BOBJ reporting 

SAP Security Analyst

• Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined process controls and standards.
• Defined and managed user profiles for 500+ employees (SU01). Created and maintained authorization objects and roles for all employees (PFCG & SU24).
• Analyzes and resolves problems related to authorization, access and user role administration within our client's SAP landscape.
• Performs on-going review, analysis and plans for improving SAP system security conforming to SAP documented best-practices and functional needs.
• Supports account setup and maintenance, role development, authorization management in SAP landscape (ECC, SCM, BW, BOBJ, APO, CRM and Solution Manager).
• Configured and Maintain Central User Administration (CUA).
• Experience with SOD, SOX and audit best practices. Maintains a best practice model for security design and deployment.
• Work with User Information System (SUIM) for reporting and trouble shooting.
• Monitored system security logs and user access (SM19, ST03N).
• Developed and documented process procedures for user administration and authorization maintenance.
• Implemented password parameters using RZ10 using SAP security best practices.
• Documented user role matrix and transaction role matrix with authorization limitations.
• Builds, maintain and communicates appropriate SAP security policies, processes and procedures.
• Prioritizes workload effectively in a fast-paced environment while balancing day-to-day support activities with project needs and timelines.
• Researches ERP security technologies and trends to maintain subject matter expertise and always seeks to improve our client's posture, processes and approach to security.
• Configured the Process Control solution for internal controls management which enabled members of audit and internal controls teams to gain better visibility into key business processes and ensure a high level of reliability in financial statement reporting.

SAP Security Analyst

• Responsible for technical design, development, testing, implementation, support, and documentation of Security roles and objects 
• Generate Reports from Tables to address reporting requirements using SE16N
• Develops solutions for securing custom transactions, tables and programs.
• Supports projects by translating functional security requirements into technical security role and authorization designs.
• Created Single Roles, Composite Roles, and Derived Roles as per organizational Structure. Assisted in the creation and maintenance of authorization objects and roles for all employees
• Experience on authorizations, user maintenance and central user administration
• Identified missing authorization with the use of SU53 after seeking manager approval and maintained them using SAP tool PFCG
• Holds a customer-centric mindset, collaborates with internal functional and technical teams to streamline security related changes.
• Participated in designing, writing and implementing security related Standard Operating Procedures for User Administration, Roles and Profile Generation.