­­­­SUMMARY:

• Energetic, goal driven SAP Confidential specialist with 15 years of solid expertise in all facets of SAP Confidential design and implementation. Technically sound individual with exposure to a wide range of SAP platforms. Proven analytic and problem - solving skills with the ability to assess needs, define requirements, develop & execute value-added solutions that improve operating efficiency. Well versed in completing projects on time and as promised, by coordinating team efforts while working with the project team. Well versed in documenting and bridging the gap between business requirements and technical processes to meet the needs of dynamic and continuously changing environments. Experienced in production support activities like application support, process improvement, enhancements, resource optimization, SLA monitoring, service delivery, service transition etc. Hardworking and dedicated professional with strong interpersonal, communication, negotiation, and leadership skills.
• Involved in design/redesign, implementation, cutover, production support activities for wide variety of SAP platforms in multiple SAP global implementations
• Worked closely with the business / functional teams to gather Confidential requirements.
• Designed and developed Confidential roles for ECC 6.0, BI 7.0, HCM, Nota Fiscal Electronica, SCM, Solution Manager, TDMS, PI Systems
• Designed and developed analysis authorizations (SAP BI 7.0) at Characteristics, Key Figure, and Hierarchy node level for reporting users i.e. end users/power users /report writers
• Well-versed with troubleshooting authorization issues in BI 7.0 and updating analysis authorizations/roles
• Developed front end folder level Confidential in SAP Business objects by creating user groups/access levels in BOBJ CMC.
• Migrated user groups/access levels/folder level Confidential in BOBJ to QA/Production systems thru promotion management.
• Developed Confidential /structural authorizations in PA, PD, ESS and MSS Modules.
• Worked extensively in GRC 10.1 in the areas of ARA(RAR), EAM (SPM), BRM(ERM), ARM (CUP).
• Developed Confidential for ODATA services in portal and backend, updated communication channels, web services in Process Orchestration portal
• Extensively worked in Composite Environment portal - activities include creation of portal roles, setting up permissions for systems, updating user mapping for systems, updating web services, managing portal users etc.
• Developed Confidential roles in NetWeaver Planning, NWDI, SLD, Biller Direct portals.
• Handled Confidential defects as part of Unit and Integration test cycles
• Involved in Confidential upgrade from 4.6C to ECC 6.0 and BW 3.5 to BI 7.0
• Developed roles and privileges (including System, Object, Analytic and Package Privileges) in HANA Studio.
• Worked on Confidential setup for managed system configuration and BPCA in Solution Manager
• Worked on Confidential setup for Central User Administration.
• Extensively worked on SAP GRC AC 5.3 SP10 (CUP, RAR, SPM and ERM) and VIRSA Compliance Calibrator (VRAT), VIRSA Role Expert (VRMT), Fire Fighter (VFAT) tools
• Very good understanding on segregation of duties and Sarbanes Oxley regulations on application Confidential and business processes.
• Worked closely with auditors and modified roles to achieve SOX compliance for users and roles.
• Experience in user administration in ABAP and Portal systems, role Maintenance, analyzing and troubleshooting issues
• Created Confidential design documents for reference and conducted knowledge transfer sessions to handover projects to Production support team

AREAS OF EXPERTISE:

• Confidential requirements gathering
• Confidential role design & develop
• Confidential testing support
• Troubleshooting & fixing Confidential issues
• Cutover & Go-live Support
• Project Implementation
• Post go-live Production Support
• Identify SOD conflicts and Remediation
• Implementing Best Practices
• Audit & Compliance

TECHNICAL SKILLS:

ECC 6.0 & 4.6C, BI 7.0, BW 3.5, SAP Business Objects 4.1, SAP HANA Studio 2.0, SAP HCM, SCM 7.02, SRM 5.0, SAP Nota Fiscal Electronica, SAP Test Data Migration Server 4.0, SAP Landscape Transformation, GRC Access Controls 10.1, SAP Solution Manager 7.1, SAP Process Integration, SAP Composite Environment, SAP Process Orchestration, SAP NetWeaver Planning, SAP Biller Direct and Novell Identity Management tool.

PROFESSIONAL EXPERIENCE:

Confidential, Teaneck, NJ

Manager - Projects Manager

Environment: ECC 6.0, BI 7.0/ SAP Business Objects 4.1/ SAP Hana Studio 2.0/ SAP GRC 10.1/SAP Process Orchestration/SAP Composite environment

Responsibilities:

• Worked on Confidential setup for SAP ODATA services in ECC 6.0 and SAP Process Orchestration systems
• Created UME roles in PO system with appropriate portal actions and mapped roles to groups.
• Setup Confidential for technical users in PO system for webservice calls from external applications
• Created portal roles for custom apps and mapped roles to groups in Composite Environment
• Setup permissions/user mapping for systems in Composite Environment and updated webservices
• Developed and assigned analysis authorizations in BI 7.0
• Analyzed and resolved users access issues in BI 7.0.
• Configured SAP Business objects for LDAP/SAP authentication and imported appropriate backend roles to SAP BO
• Created access levels/user groups in SAP Business Objects 4.1
• Setup Confidential for folders/connections/applications etc. in SAP BO
• Worked on migration of Confidential to QA/production systems in SAP BO
• Experience in design and implemention of HANA- Confidential
• Created custom roles in HANA DB for Developers, and Data Base Administrators
• Created System, Object, Analytic, Package and Application Privileges
• Worked on both Catalog (Run Time) and Repository Roles (Design Time)
• Worked on HANA Application Life cycle Management
• Created and enabled Audit policy in HANA DB
• Worked on SAP GRC Access Controls 10.1 components Access Risk Analysis (ARA), Emergency Access Management (EAM) & Access Request Management (ARM) components
• Configured MSMP workflows for maintaining Rules, Agents, Paths, Route mapping etc. for access provisioning thru GRC Access Controls 10.1
• Created custom initiator rules through Business Rule Framework Plus (BRF+) for ARM.
• Configured password self-service, GRC notifications
• Setup Access Control Owners, Owners, Controlers, Firefighter Ids
• Worked on setting up GRC jobs for Authorization data/Repository Object/Action usage/Role usage/Master data/EAM workflow/EAM log synchronization/GRC notifications
• Enabled new Confidential roles in GRC for auto provisioning

Confidential, Beaverton, OR

SAP Consultant

Environment: BI 7.0/SAP GRC 5.3/SAP PI/SAP SCM7.0/SAP HR/HCM

Responsibilities:

• Worked on HCM Confidential to develop position based Confidential and structural authorizations
• Assigned structural authorization profiles to user ID s using Report RHPROFL0 to automatically assign appropriate structural authorization profile to each user id.
• Worked with BI functional team and developed the BI analysis authorizations.
• Created analysis authorizations to restrict users at Info Object level
• Developed BW roles and authorizations restricting access to infocube for specific characteristic, hierarchy node of the hierarchy etc.
• Developed new roles containing authorizations for BW reporting end users and Power users.
• Worked closely with the internal Audit team and made all the necessary corrections in Confidential roles to meet SOX compliance.
• Created roles in SCM Event manager for new parameters like Purchase orgs/Sales Orgs/Plants event handlers.
• Designed Confidential setup for webservices in Process Integration System

Confidential, Beaverton, OR

SAP Consultant

Environment: SAP ECC 6.0/BI 7.0/SAP GRC 5.3/EP 7.0

Responsibilities:

• Worked on SAP Securtiy redesign which includes tasks to
• Redesign existing Job/Position based roles to Task based roles
• Eliminate embedded Segregation of Duty Conflicts within Roles
• Remove unused Transaction codes in roles
• Develop/Configure Display /IT /Basis /Production support roles
• Created Task based roles(Tcode roles )
• Created Enabler Roles for Auth/Org fields like Company code/Sales Org/Purchase Org/AccountType/Plant/Movement Type/Sales Doc Type/Data restriction reporting/Condition type/Vendor type etc
• Created Test Ids for Unit/Integration/UAT Testing
• Resolved Auth Issues Using Trace i.e. ST01
• Created/updated analysis authorizations in BI 7.0 for new company codes
• Worked on SAP GRC 5.3 (Governance, Risk, and Compliance) which includes
• Running Risk Analysis and Remediation (RAR) reports (previously Compliance Calibrator).
• Extensively worked on Compliant User provisioning (CUP) previously known as Access Enforcer.
• Imported roles to CUP/Setting Role Owner/Importing Custom approver Determinators/Intitiators etc
• Setting up Connectors for Super User Privileged Management (SPM) previously known as FireFighter.
• Creating Firefighter Ids and /Configuring Firefighter Owners/Controllers/IDs etc.
• Supported issues of phased roleout(Geography wise)
• Designed and created users for RFC (ABAP/HTTP) connections for Basis team
• Opened OSS connections to SAP Systems, Created Users for OSS connections and updated passwords in Secure Area
• Set up background jobs for Confidential maintenance/Firefighter usage logs etc
• Created portal roles and and assigned to groups
• Handled Change Management control and validated the work done by team members at onsite and Offshore
• Involved in performing cutover tasks for Go-live and handled issues during Project Stabilization

Confidential, Wilmington, DE

SAP Security Consultant

Environment: SAP R/3 ECC 5.0/BI 7.0

Responsibilities:

• Performed assessment of the current SAP Confidential design in place of Production System.
• Analyzed the As-Is SAP Confidential setup and documented the gaps and provided recommendations on AZ SAP Confidential design and implementation.
• Analyzed the Segregation of Duty Conflicts at both role level and user level
• Did gap analysis and recommended the SAP Confidential best practices.
• Worked extensively on authorization groups (SE54/SUCU) and customized transaction codes (SE93).
• Analyzed the impact on roles to convert autorization field to org level field
• Modified authorization of roles after converting autorization field to org level field
• Created derived roles to restrict access based on planner group/plant level
• Created Test Ids and troubleshooted authorization issues in merging of Canada system into NA system
• Cleaned up users who have not logged in SAP systems since last 1 year
• User administration in all SAP systems in landscape i.e. ECC6.0, BI7.0
• Modified roles to controll access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, and S DEVELOP etc for batch Jobs, basis transactions, tables, and debug access.

Confidential, Gaithersburg, MD

Environment: SAP R/3 ECC 5.0, BIW3.1/BI 7.0, EP 7.0, SRM5.0, SM4.0, MSSQL 9.0 and SAP NetWeaver 2004s (BI 7.0 and XI)

Responsibilities:

• User Administration of all SAP systems in Landscape i.e. ECC5.0, BI7.0 as well as SRM5.0 through CUA/Solution Manager 4.0
• Created new roles and modified existing roles to meet SOX requirements to maintain SOD
• Secured and controlled access to all SAP systems to meet SOX requirements
• Weekly monitoring of SAP R/3 system which includes
• Monitoring the transports to Production system using Transaction STMS
• Monitoring all change activity with respect to user accounts without logon for 90 days and critical user accounts using Program RSUSR200
• Monitoring all change activity with respect to user accounts including changes pertaining to profiles using Transaction S BCE (RSUSR100)
• Monitoring all change activity with respect to roles using Transaction RSSCD100 PFCG (Display Change Documents for Role Administration)
• Monitoring Changes to table T000 by using program RSVTPROT (Evaluation of change logs)
• Troubleshooting Authorization Issues using transactions SU53, ST01.
• Modified Roles to extend existing roles to new Organization units i.e. Company code/Purchasing org etc.
• Analyzed existing roles and created new roles with respect to Job responsibilities
• User administration in Portal as well as in Solution Manager.
• Testing User access automation project.
• Documenting Confidential policies for SOX Audit.
• Involved in SOX Compliance process to clean up user accounts which involves confirmation from Manager/Supervisors on access of users have.
• Updating SU24 for T-code authorization changes
• Documented Confidential Roles testing.
• Performed transports using Transaction STMS i.e. Transport Management System (STMS)
• Customized SOD matrix to meet Client’s audit requirements

Confidential

Responsibilities:

• Involved in upgrading BW 3.1 to BI 7.0.
• Designed and created roles to restrict user's access by InfoAreas, InfoCubes, Queries and Workbooks.
• Worked on hierarchy authorizations and assigned to nodes using RSECADMIN.
• Created development / reporting roles using analysis authorizations concept.
• Used SAP Migration tool RSEC MIGRATION to migrate users, authorization objects.
• Developed reporting roles for FICO, MM, SD and PP modules.
• Created roles for BW developers using the authorizations objects S RS ADMWB, S RS DS, S RS ISNEW, S RS DTP, S RS TR, S RS RST, S RS PC, S RS BTMP, S RS BEXTX.
• Developed roles for reporting users using SAP standard authorization objects S RS COMP, S RS COMP1, S RS FOLD.
• Developed and assigned Analysis authorizations to users using RSECADMIN.
• Analyzed and resolved users access issues using RSECADMIN.

Confidential

Responsibilities:

• Interacted with Portal developers in implementing Confidential .
• Involved in role design for Confidential .
• Worked on Content administration to create roles and work sets.
• Created Users and assign appropriate Roles or groups in Portals using User Administration.
• Created groups in Enterprise Portal and assigned all roles to that relevant group.
• Configured Enterprise Portal 7.0 to integrate LDAP.
• Configured Single Sign-on in Enterprise Portal.
• Sixth Avenue Electronics, Springfield, NJ SAP Confidential Consultant
• Worked with Functional consultants and Super Users to come up with design plan for R3 Confidential implementation.
• Created and modified custom roles with reference to business profiles for SD, MM, FI, CO and HR modules on ERP system.
• Worked extensively and regularly with functional teams to gather user access requirements for defining new roles.
• Implemented CUA in Solution Manager 4.0 using transactions SCUA, SCUG, SCUL and SCUM.
• Worked on Migrating users from child systems to central system using the SCUG.
• Prepared job function matrix for grouping users.
• Fixed authorization issues encountered during Unit and Integration testing using transactions SU53 and ST01.
• Used SU10 for mass changes in User master records.
• Maintained authorization groups for all the critical tables in table TDDAT.
• Used transaction SUIM for various Confidential relevant reports.
• Performed transports and mass transports of Confidential roles.
• Provided Confidential training and prepared the Confidential processes & documents.
• Helped process experts in creation of Segregation of Duties (SOD) matrix.
• Analyzing the System Investigation Reports(SIRs) raised by the IT process and business process owners on SOD conflicts in Roles/Jobs/Users by running them in VIRSA VRAT (VIRSA Risk Assessment Tool) tool to analyze transaction code/authorization object level conflicts and addressing them with suitable remediation and mitigation controls.
• Handled SOD conflicts in Users and worked on Roles for Sarbanes Oxley Compliance.
• Used VRMT Tool to Create New Roles without conflicts.
• Created and Maintained Firefighter ID’s using VIRSA FF 3.0(VIRSA Firefighter Administration Tool).
• Worked with Internal Auditors in creation of User and Role Mitigations.
• Assisted Internal Auditors in framing new Rules for combination of new TCodes in ECC 6.0.
• Worked with Business experts in placing Mitigations for Conflicting and Critical TCodes.
• Created Role matrices for information and requirement gathering for R/3 Confidential .
• Created Portal Users & Roles in Enterprise portal system and assigned the Portal roles to users in DEV, QA, and PROD Systems.
• Worked on Locking & Unlocking the users in Portal Systems.
• Created SAP User Groups and assigned the Users to User Groups.
• Securing BW queries over InfoAreas, InfoCubes, ODS objects.
• Controlled access to BEx Analyzer using authorization objects (S RS COMP, S RS COMP1, and S RS ICUBE).
• Created custom reporting Authorization Objects in BW to secure reporting users.
• Secured query access with in the BEx Analyzer, BEx Browser.
• Set up Confidential by InfoArea, InfoCube, ODS, PSA, InfoObject, Query and Workbooks.
• Implemented InfoObject Confidential (field-level Confidential ) for Reporting Users.
• Securing the data presented in queries by hierarchy node.
• Traced SAP provided objects and custom reporting authorization objects to debug an authorization error.
• Authorization checks by assigning reports to authorization classes (RSCSAUTH).

Confidential

Responsibilities:

• Implemented Structural Authorizations using OOPS, OOAC, PPOC, PA40, SU01, PA30, OOSP, PO10, PO13, SE38 Transactions.
• Deployed Confidential using Structural authorizations in tandem with R/3 Standard Roles.
• Created Personal Master Record (PA40), User ID (SU01, SU10), Infotype 105 (PA30)
• Created Structural Authorization Profiles (OOSP)
• Created Infotype 1017 (PO10) for all nodes in Organizational Plan
• Assigned Authorizations to positions using PO13
• Assigned structural authorization profiles to user ID’s using Report RHPROFL0.

Confidential, Houston, TX

SAP R3/BW Security Administrator

Environment: SAP R/3 4.6C, 4.7Ent, BW 3.5, Oracle 8i/9i.

Responsibilities:

• Worked with SAP R/3 4.6C and BW 3.5 systems. Mainly responsible for SAP R/3 & BW Confidential .
• Analyzed existing Confidential and prepared Role matrix for existing Roles.
• Created and modified roles and profiles using Profile Generator (PFCG).
• Created Users and assigned roles using transaction SU01.
• Configured Profile Generator and transported settings to all clients.
• Setup Confidential profile parameters for production system.
• Changed passwords for Super users SAP* and DDIC.
• Maintained the authorization objects using T-Codes like SU24 and AUTH SWITCH OBJECTS.
• Performed mass user creation in production system using the CATT scripts.
• Generated profiles on mass scale using transaction SUPC.
• Supported unit and integration testing, supported go live and post go live activities and troubleshooted Authorization issues by using ST01 and SU53.
• Monitored SAP application access and Confidential violations.
• Resolved all Production Support Authorization Issues.

Confidential

Responsibilities:

• Gathered requirements, understood functional business processes and resources supported for SAP BW.
• Interacted with BW Team in design of Confidential roles
• Developed roles for BW Administrators, Power users and Reporting users.
• Responsible for creation and maintenance of Roles to restrict access to BW queries, InfoCube, InfoAreas using Profile Generator (PFCG).
• Involved in testing of roles along with BW team.
• Created roles using authorization objects S RS ICUBE, S RS MPRO, S RS ISET, and S RS ODSO.
• Made InfoObjects authorization relevant and Created Custom Reporting Authorization Objects using transaction RSSM.
• Worked on BW objects InfoCubes, InfoObjects, Hierarchies, Update and Transfer rules, InfoAreas, InfoObject Catalog, ODS (Operational Data Store).
• Secured workbooks to provide Confidential on Queries.
• Created hierarchy authorizations using S RS HIER.
• Troubleshooted Authorization issues using RSSM, RSSMTRACE and ST01.
• Involved in Unit testing and worked on RRMX, RSMO, RSRT, and RSA1 to optimize authority checks.

Confidential

Responsibilities:

• Implemented position based Confidential (PD Authorizations) model by creating an Org Structure.
• Created Structural Authorization Profiles (OOSP)
• Assigned structural authorization profiles to user ID’s using Report RHPROFL0

Confidential, San Antonio, TX

Environment: SAP R/3 4.7 Ent. / ECC 5.0, CRM 5.0, Oracle 8i/9i, VIRSA CC 4.0 and SOX

Responsibilities:

• SAP R/3 Confidential Administration over all the systems in the landscape. Responsible for providing Confidential for FI, CO, SD, MM, WM, PP, HR modules.
• Coordinated with functional experts for creation and maintenance of roles.
• Reviewed and corrected sensitive authorizations ( S BTCH ADM, S ADMI FCD, S TABU DIS, S PROGRAM, S DEVELOP etc.), including creation and assignment of custom authorization groups for critical tables/programs.
• Extensively used CUA for user administration from one central client.
• Worked on User Roles, Profiles and Authorizations for various modules using Profile Generator (PFCG).
• Used CATT scripts & Microsoft Excel to create and maintain mass user accounts/to assign user groups and roles.
• Extracted profiles and roles information from SAP system by using SUIM.
• Generated profiles on mass scale using transaction SUPC.
• Analyzed and resolved authorization issues using SU53, SU56, ST01 and PFUD.
• Performed level 0 testing and facilitated Unit and Integration testing.
• Trained users on SAP Confidential related issues to work with and resolve.
• Led a project to Clean up unused roles and profiles. Developed/automated tools for ongoing cleanup.
• Transported the generated roles and profiles using SAP transport management system.
• Knowledge transfer to team members and provided ongoing Confidential related support for all Confidential milestones during different phases of implementation.
• Worked on identifying SOD conflicts at Role/Job and User level that are inherent within SAP Confidential model.
• Validating single and composite roles in VRAT tool for segregation of duties conflicts and Preparing SOD template for conflicting transactions.
• Implemented use of Critical Transaction codes combination (Table SUKRI) for monitoring SOD violations in transaction SUIM.
• Worked as part of remediation team to work closely with Business process and IT Process Owners, Role and Job Owners to help them in understanding the conflicts caused by SAP authorization objects and the options exist for remediation/mitigating the conflicts.
• Experience with VRAT rule building and maintenance.
• Modifying profiles and roles to remove the SOD conflicts present in the roles.
• Protection of Internet sales processes in Channel management in mySAP CRM thru ACE.
• Maintained User groups and Authorization data in mySAP CRM.
• User administration of IC WebClient in mySAP CRM.
• User and role management in CRM Billing.

Confidential, Indianapolis, IN

SAP Security Administrator

Environment: SAP R/3 4.5B, Oracle 8i

Responsibilities:

• SAP R/3 Confidential Administration over all the systems in the landscape.
• Planned, coordinated, and implemented SAP R/3 Confidential architecture and necessary authorizations to match business requirements.
• Worked with functional teams to gather Confidential requirements.
• Designed SAP Confidential profiles and business roles during the SAP 4.5B implementation.
• Created new users and maintained user master records using transactions SU01 and SU10.
• Created and modified Single roles, Composite roles and derived roles using Profile Generator (PFCG)
• Performed reconciliation of user master data using PFUD and mass generation of profiles using SUPC
• Secured company information by creating user groups and there by restricted users to work in their own group.
• Used reporting transaction SUIM to analyze the users, roles, user groups, transaction codes and profiles.
• Maintained the table USR40 for illegal passwords.
• Troubleshoot authorizations issues using the transactions SU53 and ST01.
• Experienced Go-live, War Room activities & post Go-live production support.
• Processed SAP user access requests, and supported troubleshooting of day-to-day access problems.
• Established and Maintained documentation procedures and policies.
• Provided technical SAP Confidential support to other SAP project team members, including business configuration team(s) and SAP development team(s).
• Coordinated transports from development (DEV) to quality assurance (QA) to production (PRD) systems.
• Documented user management process to create users, identify and remove expired user ids, lock-unlock users, processes for access approvals and change approvals.
• Involved in Production support Authorization problems.