SUMMARY:

• 15 years of IT experience including 9+ yrs. of SAP Security and GRC with strong understanding of information security practices.
• Experienced in working 2 Full Life Cycle Implementations, upgrades and Production Support projects.
• SAP Security Lead on several in R/3 upgrades
• Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP applications security.
• Experinced in SAP HANA security including User Management, creating customized roles for all user types.
• Worked in Implementation, Enhancement and Production support projects.
• Hands on Experience on HR/HCM Security, Structural Profiles, Organization Structures PA, PD, Payroll, Time, Travel and ESS Modules.
• SAP GRC (5.3 & 10.0) Implementation and Production support experience with a good understanding of business processes.
• Experience in Configuration and support of GRC 10.0 AC Suite (EAM, ARA, ARM, BRM)
• Experience in workflow configuration functionality in SAP GRC Access Request Management (ARM).
• Remediation of Segregation of Duties (SOD) within SAP implementation for SOX (Sarbanes Oxley) Compliance using GRC 10.0 tools Access Risk Analysis (ARA), Access Request Management (ARM), and Emergency Access Management (EAM).
• Central User Administration (CUA) experience to create users, assign roles, and maintenance.
• Security support for integration testing, user acceptance testing, and training efforts.
• Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across the SAP landscape.
• Broad experience in maintaining single, composite, and derived roles using Profile Generator (PFCG).
• Very good knowledge of producing and analyzing reports in SAP using SUIM, and security related tables AGR*, USR* etc.
• Extensive knowledge in user administration and user security in SAP R/3, ECC, CRM, XI/ PI, SRM,MII, MDM, BW/BI, BOBJ, BPC, SCM, HR, SOLMAN.
• Experience in setting up Single Sign - On concept

TECHNICAL SKILLS:

• SAP R/3,
• ECC 6.0,
• BW,
• BOBJ,
• GRC 5.3 and 10.1,
• CRM 2007,
• GTS
• HANA
• Windows 2000/2003 Server (Standard, Enterprise, and Datacenter Editions)
• Informatics 8.6
• MS SQL Server
• Oracle
• MS Office
• MS Project
• Lotus Notes
• Remedy
• Siebel 7
• Vantage
• Ghost
• HEAT
• Service Centre
• Front Range ITSM
• Active Directory
• LDAP

PROFESSIONAL EXPERIENCE:

Confidential

HCM OM/ PA Strucure/ Configuration Security Lead

• Confirgued security roles were in line with the new changes to OM and PA
• Worked on SAP HR/HCM using Structural authorization. Modules implemented Organization Management, Personnel Management Time Management, Payroll, Benefits & Compensation.
• Made changes to all roles affected by the chages and tested in deveoppment.
• Assigned communication infotype and structural profile to test ids.
• Lead and defined all Security testing phases
• Worked with end users to fix issues that occurred during intergration and regression testing
• Worked on SAP HR Structural Authorizations and position based Security issues during testing phases.
• Provided documentation for all areas of SAP Security.
• Troubleshooting the security related authorization problems using SU53, ST01, RSSM (for BW) and SUIM.
• BW analysis authorizations and role Build, Key BW authorization objects, troubleshooting authorization issues with RSECADMIN
• Production support of ECC, BI/BW and Net Weaver SAP platforms.
• Created and implemented of BW security roles.
• Security SME for project.

Confidential

SAP ECC GRC Security

• Plan and execute client engagements focusing on SAP GRC, SAP security, and audits of SAP environments.
• Work with clients to identify opportunities for improvement in the areas of SAP GRC, SAP security, and SAP controls.
• Help coach and train team members to grow the SAP knowledgebase of the team.
• Design and deploy custom GRC reporting based on business requirements.
• Generation of reports and rule set updates as required.
• Daily monitoring of jobs that are necessary for the GRC application(s) to run effectively and efficiently, for example nightly management risk analysis reporting.
• Worked closely with project teams to provide advice on security approach, governance frameworks, policies and procedure documentations around the SAP GRC Access Control modules.
• Review and analyse reports from SAP GRC Access Control and formulate recommendations for resolutions.
• Performed gap analysis, conducted risk assessments, managed issues, designed and documented procedures.
• Create and maintain SAP security roles for FI/CO, MM, HR and SD modules.
• Trouble-shoot authorization problems using Repository Information System and tracing authorizations using SU53, SU24 and ST01.
• Worked with BI Developers to prepare for the roll-out of new BI Security roles
• BW 7.0 upgrade, ECC 6.0 - EP3 Support pack Upgrade via SU25
• Conducted workshops to gather information needed to create security roles
• Created and implemented of BW security roles.
• Developed and Documented Security Policies and Procedures, User maintenance, Role maintenance using profile generator for BW Security.

Confidential, Houston, TX

SAP Security,GRC and HANA Consultant

• Led a team of 3 responsible for requirement gathering, implementation and creating UAT test scripts for all functional teams ( FICO, MM, HCM, SD,PM,QM,CRM,SRM,PP,PM,QM.APO, Solution Manager and BW) for role redesign.
• Designed, Developed and maintained Single roles, Composite roles, Master, Derived and enabler roles and Secured roles by Organizational levels such as Company Code, Plant, Cost Center, Profit center, Purchasing Organization etc. for different SAP Modules - SCM, MM, WM, PP, HR/HCM, FICO and APO.
• Hands on Experience on HR/HCM Security, Structural Profiles, Organization Structures PA, PD, Payroll, Time and Travel.
• Worked on SAP HR/HCM, Master Data and Infotype based authorizations including Personnel Number Check, Payroll Objects . Using Enterprise Structure in Organization Management, created Structural Authorizations to control access to data stored in time-dependent structures, within SAP HR/HCM Module.
• Develop functionality, Testing Scenario's,and UAT scripts as per requirements and ensure that all test cases are passed.
• Participated in several R/3 upgrades using SU25, SUPC. 
• Collaborated with Functional Teams to close the open authorizations in roles that resulted from SU25 Upgrade
• Worked with internal and external auditors to verify that the environment was in compliance.
• Worked with implantation partner to upgrade from GRC 5.3 to GRC 10.1.
• Designed, restrictions for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users.
• Created users in HANA via the workbench.
• Created roles in HANA and created, activated and deleted objects in the repository using web workbench.
• Strong experience in managing BOBJ security and access rights using aggregation rules Advanced right, access level Inherited Rights. Strong exposure on managing security in BI universe, assigning rights for the objects to user/groups.
• Implemented an audit policy on the HANA DB engine. Audited actions included:-  user provisioning, all actions performed via privileged users, DML (data manipulation actions) and DDL(Data definition actions)
• Setup separate Roles for System,SQL and Analytic privileges.
• Synchronized HANA users with BW users including all the key security attributes.
• Mapping of BW roles to equivalent HANA roles.
• Implemented security in a SAP BW on HANA enviroment with Analysis authorization for row level security and Analytic\Calculation views on SAP HANA.
• Used SAP HANA studio for maintaining users, role, privileges.
• Used SAP HANA audit logging to trace critical events like user, role, privilege changes, Configuration changes, failed logons etc.
• Setting up Firefighter, Controller Ids and parameters for centralized Emergency Access Management, ARA and ARM.
• Formulated & implemented Unit Testing and UAT strategy.
• Configured MSMP workflow for Access requests, FF log review
• Configured and tested SAP GRC 10.0 ARM workflows.
• Configure MSMP workflows for different user provisioning scenarios like new, change, terminate, lock and unlock user accounts
• Worked closely with project teams to provide advice on security approach, governance frameworks, policies and procedure documentations around the SAP GRC Access Control modules.
• Remediation of Segregation of Duties (SOD) issues within SAP both at role and user level.
• Implementation for SOX (Sarbanes Oxley) Compliance using GRC 10.0 tools Access Risk Analysis (ARA), Access Request Management (ARM), and Emergency Access Management (EAM).
• Create and maintain SAP security roles for FI/CO, MM CRM, HR, BW, APO, SCM and SD modules.
• Trouble-shoot authorization problems using Repository Information System and tracing authorizations using SU53, SU24 and ST01.
• Applied SAP notes as needed.
• Used SolMan configuration validation to verify that systems were compliant.
• Worked extensively with ABAP team to make sure that authority check statements were included in all custom programs.
• BI 7.0 upgrade, ECC 6.0 - EP3 Support pack Upgrade via SU25
• Configuring Roles & Authorizations according to the Business Needs.
• Provisioning GRC Fire Fighter access to Provide Emergency Support to Business Users on Daily Basis.
• User maintenance via CUA SOLMAN
• Configuring Provisioning scenarios and MSMP workflows for it in Access Request
• Running SUIM on Daily basis to monitor S DEVELOP debug access.
• Running GRC SOD reports on Daily basis to ensure that the system was SOD free.
• Created SECATT scripts for mass user and role creation.
• ECC 6(FI, MM,SD,PM,QM,PP & HR modules), BI 7: Designed & Implemented 3 Tier Job Based Role Design
• Developed SOD free Single, Derived and Enabler Roles.
• Have worked and configured security design on BPC 10.0
• Worked with Functional Teams to configure security design and setting up roles in BPC 10.0 EPM/NW.
• Produced weekly SOD reports to show that the environment was SOD free.
• Performed Unit Testing and sent test plans to business users for UAT
• Documented the Testing and Training strategies related to Security Roles and GRC.
• Developed and managed Analysis Authorizations using RSECADMIN
• Run SM20 analysis for t-code usage analysis.

Confidential, Hollywood, CA

SAP Security Consultant - Lead

• Gathered security requirements from all functional teams and business partners for FI, MM, SCM, HR, Solution Manager and BW.
• Performed monthly and quarterly finance analytics using IDEA Analytics tool on tables BSEG and BKPF as per audit requirements.
• Designed single, composites and derived roles mapped roles to users.
• Checked ABAP custom programs via SE93 for authority check statements.
• Executed daily SOD checks in GRC 5.3 as per external audit requirements.
• Mapped requirements to job functions and job functions to roles.
• Worked with team leads to develop security work plans and go live cutover plan
• Was the ECC and HR Security SME.
• Involved in Implementing Structural Authorization and Extensively used the following T-Codes:
• OOPS - Turn on PD PA Switch.
• OOAC - Turn on Structural Authorizations Main Switches
• OOSP - Creating structural authorization profiles.
• Gathered requirements from business and built roles as per requirements.
• Provided support during the project and post go live support.
• Assisted SAP in production support tasks as needed. Wrote Catt (SECATT) Scripts for mass role creation, changes, mass user creation, change tasks. Provided post Go Live support.
• Created technical and functional design documentation and knowledge transferred to client’s offshore team.
• Configured SAP users for Single Sign On.
• Helped in resolving post go live issues.
• Used screen variants to disable fields as per business requirements.
• Assignment of Authorization Groups to Tables.
• Role design, development and assignment for both BI and ECC.
• Performed Administration of SOX Process.
• Mitigated SOD conflicts.
• Designed, tested, and documented Profile and Role naming convention, approval process.
• Provided Senior Level SAP Security Administration, analysis, support tasks for all SAP Systems and Landscapes, including R/3, BW,CRM, SRM & BI.
• Worked with both external and internal auditors.

Confidential, Houston, TX

SAP Security Analyst

• Day to day support and resolution of Security issues SAP ECC and CRM.
• Executed daily SOD checks in GRC 5.3 as per external audit requirements.
• Created roles and assigned to user master.
• Extensively used Profile Generator (PFCG) to create roles/profiles for various modules such as MM, FM, GL, CO, AP,CRM, AR .
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Transported the generated roles and profiles using SAP transport management system.
• Cleaned up of roles and profiles not being used.
• Used SE93 to verify that custom TCODES had authority check statements.
• Reviewed and fixed issues brought up by auditors.
• Used SECATT to create scripts to assist in role modification and or creation. Used SU10 for mass user updates.
• Maintaining company approved audit standards for SAP Application security, resolved BW, SD, FICO security related issues.
• SOX compliance-Role removal for users with conflicting access based on SOD Review.

Confidential, Houston TX

SAP Security Consultant

• Resolved customer issues via, phone, email, chat regarding authorization issues.
• Updated customer tables via SU24.
• User Trace using ST01 and analysis.
• Analyzes SAP authorization assignments as well as segregation of duties conflicts.
• Troubleshooting the security related authorization problems using SU53, ST01, RSSM (for BW) and SUIM.
• Create and maintained roles via PFCG and generate Authorization Profiles.
• Used SECATT to delete clean up roles.

Confidential, Houston TX

SAP Security Analyst

• Provided SAP Security support for SAP Net Weaver systems running BI/BW 7.0 (Net Weaver 2004s) and ECC 6.0
• Provided SAP Security production support for 2000 users.
• Responsible for all SAP Security tasks, role design, development, configuration, troubleshooting, resolution, and documentation of all Production, Test and Development Systems.
• Maintained and controlled the access of the project team members in the all environments
• Worked with ABAP team on custom TCODE creation.
• Updated customer tables via SU24 (managing authorization objects).
• Role maintenance.
• User Trace using ST01 and analysis.
• Find out missing Authorizations using SU53 reports from the users.
• Audit reports monthly using SUIM.
• Developed and implemented improved policies and procedures, implementing Best Practices solutions for SAP security change management controls, to support SOX compliance standards requesting changes, testing and transporting SAP security roles to production environment.
• Wrote CATT (SECATT) Scripts for mass role creation, changes, mass user creation, change tasks.
• Provided post Go Live support.