PROFESSIONAL SUMMARY

• To ensure 10 years of my SAP SECURITY, GRC IDM Expertise provides an efficient and effective structure for ensuring the security, integrity, accuracy and availability of all the enterprise information
• SAP Professional Level certified Proven professional expertise in SAP application, communication infrastructure security, SAP GRC IDM
• Well experienced with multiple SAP security lifecycles Analysis Conception, Implementation, Quality Assurance Tests and Cutover .
• Extensive experience in SAP Modules - ECC All Modules , BI/BW/BOBJ 4.0/ 7.0/7.3 Analysis Authorization , HR Structural Authorization , Portal, CRM 6.0/7.0, SRM, PLM, SCM APO , PI GTS
• Experience in implementing Central User Administration CUA setup for handling users profiles centrally.
• Well Experienced in Assisting Internal/External Audit in various processes, reports, controls risks
• Hands-on experience in planning, configuring and implementing GRC AC 10.0, 5.X/VIRSA Suite PC 3.0/10.0
• Expertise in Identity Management IDM Oracle IDM 11g, SAP Net Weaver IDM 7.2
• Well Experienced in SSO Logon Tickets,X.509,SNC SAML Cryptography SSL, SNC, Digital Signatures Configuration
• Implementation, Upgrade Support of several ERP implementations involving multiple modules, from system design stage to a Go Live stage
• Proven experience in ability to adapt quickly and work in teams, a can-do ability to take charge when necessary and drive the work to completion
• Excellent communication skills, strong analytical and reporting skills, personal organization and interpersonal skills

PROFESSIONAL EXPERIENCE

Confidential

SAP GRC Lead

Responsibilities:

• Developed Security across multiple modules like ECC,CRM,SRM, MDM,GRC,GTS, BI/BOBJ, BPC, NFE Enterprise Portal for new Org units
• Configured Supported Emergency Access Management, Automated User provisioning , Access Risk Analysis Business Role Management in GRC 10 Access Control
• Configured Supported the Business Rules for Automated Monitoring of controls through GRC Process Control 10.0
• Extensively Involved in the usage of MDUG tool for Data Migration in GRC Process Control
• Worked on the MSMP Workflow Configuration, BRF and Function Modules for custom Workflow development
• Created a Custom Rule Set with Org rules activated which can be tailored to Multiple Org units
• Configured CUA for a centralized User maintenance across the development systems
• Upgraded NWBC 3.0 to 4.0 and was in the frontline in resolving the NWBC compatibility issues with the back end

Confidential

SAP Security Architect

Responsibilities:

• Architected implemented security roadmap for ECC 6.0,CRM 7.0, SCM APO ,SRM, MDM, GTS EP
• Redesigned the Existing Authorization Structure in BI/BOBJ 7.0/4.0 for granular Efficient reporting
• Upgraded Configured GRC 10.0 AC modules Access Risk Analysis, Emergency Access Management Automated User Provisioning
• Customized RAR SOD rule set and used the same for role user SOD simulations for SOD free roles user access matrix
• Involved in the Installation and Configuration for GRC Process Control 10.0
• Implemented new Internal controls for custom business rules in GRC PC 10.0
• Created a custom BRF Rule for custom Automation Path
• Configured automated workflows in Oracle IDM 11g suite including SOD checks, mitigations and user provisioning as well
• Configured SSO using SAP Logon Tickets in Oracle Access manager
• Delivered extensive documentation, training material, operations/troubleshooting manuals to Security Operations Personnel

Confidential

SAP Security/GRC/IDM Consultant

Responsibilities:

• Analyzed the current SAP security Setup and provided recommendations for improvement to address audit deficiencies SOX compliance
• Re-designed security roles restricting access to sensitive transactions and objects and to create uniformity in the role design for ECC, CRM, SRM, MDM, SCM, GTS, BI 3.5/7.0, BOBJ 4.0, and Enterprise Portal 7.0.
• Implemented HR security using Evaluation paths, structural authorizations and Profile Generator.
• Configured CUA to handle multiple systems and integrated with LDAP
• Extensively Involved in the installation and configured all components of GRC 10.0 Access Control
• Integrate SAP IDM 7.2 with GRC AC 10.0 for Centralized User Provisioning across multiple systems
• Configured SSO SNC SAML for ABAP JAVA Application Server
• Acted as Liaison with internal external Audit teams to establish and review various SAP instances implement improvements risk remediation to meet audit requirements
• Created Standard Operating Procedures for User Access management, Role Management and Transport management.

Confidential

SAP Security GRC Consultant

Responsibilities:

• Involved in Planning, Implementation Support of Security administration for multiple Global SAP rollouts for ECC 6.0, APO, SRM, IDM 7.1, BI/BW 7.0/3.5, GTS, CRM 6.0, GRC 5.2 , Enterprise Portal and Audit assistance
• Upgraded BI 3.5 to BI 7.0 and implemented the Analysis Authorization
• Implementation support of all GRC components including Compliance Calibrator, Access Enforcer, Role Expert Fire Fighter
• Performed a detailed risk analysis of all business processes and identified areas in need of controls.
• Integrated SAP IDM 7.1 with SAP GRC with automatic LDAP sync
• Configured SSO using Logon Tickets methodology for Web Based access GUI for HTML
• BW 3.5 Legacy BI 7.0 support administration.
• Designed reports for SOX Audit liaisons for tracking SOD Cleanup progress, criticality etc

Confidential

SAP Security Analyst

Responsibilities:

• Developed the Security blueprint and involved in the role development strategy for a worldwide release of ECC 6.0.
• Extensively developed security models for ECC, HR, SCM, GTS, SRM, BI/BW, CRM 5.0 modules
• Formulated a security development plan defining the roles of the SAP Security team.
• Worked on Assigning authorizations through the Org Structure for HR Model
• Involved in the Creation of CUA and Controlling User Access through the Golden Client
• Provided reports to the internal and external auditors and created custom audit roles based on audit needs.
• Involved in the Installation and configuration of VIRSA CC FF.
• Identified and created mitigation controls, Risk I.D's for SOD issues based on audit feedback.
• Configured Owners, Controllers and security setup along with various configuration parameters in Firefighter.