SUMMARY:

• SAP Certified Consultant in GRC Access Control 10.0 with around 9 years of professional experience within IT Sector. Extensive experience in all aspects of SAP Security Administration - Including up-gradation, Full Life Cycle Implementation And Expertise in setting up SAP Security Solutions for various SAP landscapes, such as - ECC 6.0, R/3 4.7/4.6C, (MM, QM, WM, PP, FICO, AP, AR etc.), HCM, BI/BW 7.x (Analysis Authorizations), Portal Security, GRC 5.3, 10.x, Solution Manager, CRM, BOBJ, HANA, IDM and Active Directory.
• Implemented & upgraded SAP R/3 systems for complicated landscapes including ECC & BI.
• Efficiently managed multiple HANA projects and setting up HANA Security.
• Created and maintained both Catalog and Repository roles. Implemented Row Level Security for the Hana Views.
• Good knowledge on various scenarios of implementing HANA Security.
• Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP application security.
• Good understanding of SOD / SOX / Security Assessment / SAP Authorization.
• Experienced in adhering to the Change Management Process in transporting roles, security objects and maintaining the change documents.
• Set up security by Info area, Info cube, ODS, Info object, Query and Workbooks. Designing complex roles for BW Reporting Users, Administration Users and Developers
• Troubleshooting BI authorization related problems using RSECADMIN, RSD1 and RSA1 Tcodes
• Worked on Creating and Maintaining Business partners for Charm usage, troubleshoot Charm issues regarding Transport Management.
• Created and Maintained Users on Active Directory.
• Worked on BOBJ Security Administration. Folder, Universe, Applications, Connections and Category level security implemented in BOBJ
• Worked in securing Design Studio, Webi and Analysis for office reports.
• Knowledge on SAP bw by Hana.
• Audit - Process & follow-up on Audit requests every quarter.
• Extensively worked on Central User Administration (CUA) to manage multiple systems/clients.
• Experience setting up users and security on Enterprise Portal and creating users/user groups through UME for SAP Net weaver.
• Worked on Authorization Objects P ORGIN, P ABAP, P PERNR, P ORGXX etc and PD profile assignment to the positions.
• Used Tcodes SHDB and ECATT scripts for mass user creation and maintenance.
• Experienced in Implementing GRC Access Control Suite with all components - ARA (Access Risk Analysis), ARM (Access Request Management) and EAM (Emergency Access Management) components.
• Experience on workflow, configuration for GRC 10.x
• Hands-on Experience with Configuration of User Defaults, Setting up Connectors and Role
• Approvers. Maintained Connectors, Connector Groups and Connection Types .
• Configured SPRO settings for all components (ARA, ARM, EAM & BRM)
• Design & manage MSMP work flows
• Experience in configuring MSMP & BRF Plus rules in GRC Access Control 10.x.
• Designed and Implemented complex workflows for business scenarios like user management & emergency User management.
• Extensive experience in Configuration and support of GRC 10.x AC Suite.
• Worked on standard SOD rule set and customized per business requirements. Worked with the various Business stakeholders and Audit teams in identifying risks, mitigation Controls and Approval workflows in consideration with current processes.

TECHNICAL SKILLS:

Domain: SAP Security, GRC, Active Directory & Identity Management

Operating System: Windows server 2000 & 2003, XP, Linux

Tools: /DB /Packages: SAP 4.7EE and ECC6.0, BW 3.X, BI 7.X, BOBJ, HANA, GRC 5.3, GRC 10.0, GRC 10.1,SAP Net weaver 7.4, Quantum, Nessus, HP Quality Center, Win shuttle, Oracle.

Ticketing Tools: Remedy, SM7

PROFESSIONAL EXPERIENCE:

Confidential, Indiana

Sr. SAP Security Administrator

Environment: SAP ECC 6.0, SAP BW 7.5, BOBJ, HANA, BPC.

Responsibilities:

• Efficiently managed multiple HANA projects and setting up Security.
• Designed and Created roles in HANA DB for Developers, Modelers, Data Base Administrators and Business End users
• Worked in Synchronizing Hana DB with reporting tools like BOBJ, Tableau .And Maintained security at various levels
• Configured SAML, Maintained Mass user and role administration using sql, troubleshoot complex authorization issues in HANA
• Worked on System, Object, Analytic, Package and Application Privileges
• Worked on both Catalog (Run Time) and Repository Roles (Design Time)
• Implemented Row level Security for Hana Views.
• Experienced in securing FI/CO, Sales, and MDM views in HANA & maintained the restriction for the reports in BOBJ.
• Used T Code RS2HANA CHECK to generate SAP BW to HANA Authorizations. Also identify the issues for any inconsistency from BW to Hana and correct them accordingly.
• Security maintained for Folder, Universe and Application level in BOBJ. Created new access levels as per the requirement in BOBJ.
• Worked in securing Design Studio, Webi, Analysis for office and Lumira.
• Worked on Integrating BPC Embedded on HANA and maintaining BPC Security.

Confidential, Iowa

Sr. SAP Security Administrator

Environment: SAP R/3 4.6, ECC 6.0, GRC 5.3,10, SAP BW3.X/7.X/7.5, BOBJ, HANA, Enterprise Portal, SAP Netwaver, Quantum, AD, IDM.

Responsibilities:

• Providing Senior Level SAP Security Administration, analysis, support tasks for all SAP Systems and Landscapes including troubleshooting, analysis, and speedy solution of all technical errors related to security.
• Applying SAP Best Practices while defining, developing and testing authorization roles in various modules.
• Upgraded SAP Application from 4.7 EE to ECC 6.0 by Comparing USOBX C and USOBT C Tables and also updated application by using SU25 T-Code
• Found new authorization objects which comes while upgrading and updated roles as per required by Business.
• Designing business application authorization profiles for production roles, setup Role test scenarios, trained business analysts responsible for supporting business users in security testing procedures to ensure business users are granted proper authorizations and do not suffer unnecessary security interruptions.
• Expert in Troubleshooting Security issues from all functional/technical perceptive
• Expert in Su24 tcode/auth check maintenance
• Help Coordinated for IT Audit activities, track remediation efforts and worked closely with internal audit resources.
• Creating and Maintaining Business Partners (BP) for Users in Solution Manager.
• Experienced in adhering to the Change Management Process for transporting roles and tables, security objects and maintaining the change documents.
• Worked on OSS ID, Generating Developer & Object keys, Registering Objects in service marketplace
• Created and Maintained Users on Active Directory
• Set up security by Info Area, Info-Cube, Info-Object, QUERY and WORKBOOKS.
• Configured roles and authorization objects to secure reporting users.
• Limiting the Query access within the BEX Analyzer.
• Implemented Info Object Security (field-level security) for Reporting Users and also created custom reporting authorization objects.
• Securing the data presented in Queries by Hierarchy node.
• Maintaining authorizations for Hierarchies.
• Maintaining PD profiles for users in table OOSB as per their position in the organization.
• Checked for inconsistency in HR Master Data and Hierarchy nodes.
• Folder,Universe,Applications,Connections and Category level security implemented in BOBJ
• Created and maintained different user type access levels in BOBJ as per requirement.
• Created groups based on the security requirement provided by the business.
• Worked on HANA Roles/Privileges for end users and IT users
• Worked on HANA Security roles on HANA Editor for Run Time roles activation
• Imported the backend roles into BOBJ and mapped the respective groups
• Implemented GRC Access Control 10.x Suite with all components - ARA (Access Risk Analysis), ARM (Access Request Management) and EAM (Emergency Access Management) components.
• Activated BC sets for required settings in SPRO, Configured and tested connectors for SAP backend systems.
• Defining and assigning Role Approvers, Monitors, Risk ID owners. Risk ID creation and assignment to appropriate approvers & monitors for the risk.
• Performing Work around activities such as Workflow configurations, perform Risk Analysis at User level & Role level, Maintenance of Risk IDs / Functions and generate Rules, Scheduling Background jobs.
• Performed Risk analysis and Implemented mitigation controls as per SOD/ Sox controls required by compliance team.
• Experience in documenting SOX procedures for support systems. Drafted required SOPs based on the SOX requirements.
• Creation of Firefighter IDs, defining Firefighter ID owners / controllers and assign FFIDs to firefighters, generate FFID Log Report as per business requirements.
• Prepare & deploy required test scripts in HPQC tool per traceability matrix. Coordinate the user acceptance testing in GRC QA environment.
• Extensively Worked on SAP GRC Applications RAR (Risk Analysis & Remediation), CUP (Compliance User Provisioning) and SPM (Super user Privilege Management).
• Prepare testing strategy and conduct testing kickoff meetings with end-users for user acceptance testing, functional and IT users for system integration system. Involve in regression & stress testing.
• Worked as User administrator for Quantum tool. This includes creating and maintaining users, assigning appropriate roles.

Confidential

SAP Security and GRC Consultant

Environment: SAP R/3 4.6, ECC 6.0, GRC 5.3, SAP BI, ORACLE 11.2.0.3 Data Base, MS Office Suite

Responsibilities:

• Gathered, analyzed, developed, tested, transported, supported and troubleshooting ECC,BI Security.
• Developed roles for various modules by following change management process.
• Performed periodic role review in production systems and remediate the roles if required.
• Performed System and Client opening activities. Developed SHDB and ECATT scripts for mass user administration, role development and other activities.
• Troubleshooting BI authorization issues and assigned appropriate roles to the users.
• Worked with BI related tables like RSECVAL, RSECHIE etc. to gather required information to provide appropriate roles to BI users.
• Involved in GRC Implementation & ECC Security rollout project, configured workflows for user provisioning, deprovisioning.
• Configure & maintain GRC AC 5.3 tools - Risk Analysis & Remediation, Super user Privilege Management, Compliant user provisioning.
• Designed Rule sets, Risk IDs, Mitigation controls & Workflow for RAR.
• Designed firefighter mechanism as part SPM implementation and integration to CUP.
• Design ECC roles for various job roles and analyzed the SODs. Worked towards remediation and mitigation user & role access.
• Created single roles, mass role uploads, mass role approvers changed in CUP.
• Trouble shooting user provisioning issues in CUP workflow (reroute, approve, reject the request as per the requirement).
• Worked as part of remediation team and assist in elimination of Segregation of Duties (SOD) conflicts inherent within the International paper SAP security model.
• Created FF ids in backend system and maintained the controllers, owners in VIRSA tables, updated FF controllers and reviewers in Custom Approver Determinator.
• Responsible for all SPM governance model changes, changing FF owners, controllers.
• Perform SOD checks in GRC System to System
• User and Role level Risk Analysis is Performed in GRC
• Worked on Risk Analysis and Remediation
• Worked on Fire-fighter and maintained (SPM)
• Monitored the cup request workflow and troubleshooted the issues during user provisioning

Confidential

SAP Security Consultant

Environment: SAP R/3 4.7, ECC 6, SAP BI, SAP HR, MS Office Suite

Responsibilities:

• Responsible for analysis of end users authorization related problem in R/3 system. Analysis on basis of SU53 and Trace file from ST01, provide possible solution to end user and guide them.
• Troubleshoot security/authorization related problems using SU53, ST01 and SUIM
• Daily monitoring which includes: Checking all application servers, Work process overview, Background Jobs overview, Spool logs, system Tuning, Performance monitoring.
• Worked closely with the Technical Lead to create and maintain security roles, discuss status
• Reports, policies related to the SAP R/3 system, project timeliness and deliverables.
• Technical Role Documentation. Designing & Testing of Roles from End to End.
• Created Groups in Portal and assigned users to that Groups.
• Monitoring of Background jobs to recognize various logs like ABAP dumps, Old spool requests etc.
• Worked with PA20, PA30 Transactions to check details of a position ID and worked with PO13 transaction for indirect role assignments.
• Worked on Authorization Objects P ORGIN, P ABAP, P PERNR, P ORGXX etc.
• Performed System and Client opening activities.
• Transported the generated roles using SAP transport management system.
• Worked with security related tables such as AGR TCODES, AGR USERS, and AGR DEFINE.
• Central User Administration: User creation and role assignment for all child systems through CUA
• Created/updated analysis authorizations for query reports (RSECADMIN), and also updated
• Report authorizations derived roles to include such analysis authorizations (S RS AUTH).
• Opening SAP Connection and maintaining access data through SAP Portal.

Confidential

Application Security Consultant

Environment: GT Tool, Linux, Confidential Applications

Responsibilities:

• Accountable for creating LDAP’s for new user.
• Monitored the GT tool and worked with Help Desk team to ensure timely repair.
• Involved in performance tuning and creating and maintaining database.
• Worked with users to troubleshoot and solve operational issues. Responsible for coordinating recovery in the event of system failure.
• Troubleshooting critical hardware and software issues and other day-to-day user tickets.