SUMMARY: I am an experienced SAP security consultant with over all 18 years IT experience and have over 7 years of security experience. I have a complete understanding of SAP Netweaver system integrity in technical as well as functional areas, which allows solving potential problems in specific functional area as well as system area. I have been involved in complete Netweaver Projects lifecycle from design phase to post-implementation phase on various projects. I performed SAP Security related task such as Security Audits, SOX (Sarbanes Oxley) Compliance, Developed and Documented Security Policies and Procedures, User maintenance, Activity group/Role maintenance using profile generator, and security redesign strategy. I have complete knowledge of Portal Identity Management and Content Management. I also have very good experience with GRC (Versa). I have extensive experience with Oracle SQL and Pl/SQL and developed lots of stored procedure, functions, triggers, and packages.

SAP ERP : SAP 4.6B, 4.6C, 4.7, 5.0, 6.0., SAP Portals, GRC 5.2, GRC 5.3, SAP BW 3.5, SAP BI 7.0
DBMS : Oracle 7.x, 8.0, 8i, 9i, and 10G
Operating Systems : Red Hat Linux 8.0, windows 2003, 2008/NT/XP, Unix
Programming Languages : C, Java 2.0, SQL, PL/SQL, Power Builder 5.0

KEY STRENGTHS:

• Made changes to production roles for MM, SD, PP, FI and CO to remove the high level access and segregation conflicts for sensitive t-codes.
• Worked on upgrading ERP 4.6B to ERP 6.0.
• Supported go live.
• Lead the team of four security admins.
• Implementation and maintenance of Central User Administration (CUA).
• Extensive knowledge of transporting roles between clients and R/3 systems.
• Encouraging and enabling knowledge transfer
• Implementation of new security designs in SAP R/3
• Defining organization specific strategies for securing reporting, table, and custom programs requirements.
• Using Profile Generator creating roles and Composite roles, User security, User management.
• Using Portal Identity Management (UME) created and maintained users.
• Using Portal Content Management created iViews, Pages, Worksets, roles, and Folders.
• Well familiar with BI Analysis Authorizations. Restricted the query access at both data level and field level.
• Configured GRC 5.3. Created custom rule sets and worked with mitigation controls.
• Created stored procedures, functions, triggers, and packages.
• Performed export and import of schemas and fine-tuning of SQL queries.

PROFESSIONAL SAP EXPERIENCE:

Client: Confidential, CA Dec 2009 - Current
NetWeaver Security Consultant

Responsibilities

• Working with functional business process teams to redesign new process and create new end-user single, composite roles.
• Work with profile generator (PFCG) in creating roles, profiles, composite roles, and derived roles.
• Work with Identity (UME) Management in creating and maintaining users and their profiles.
• Work with Content Management in creating and maintaining iViews, Pages, Worksets, Roles, and Folders.
• Worked on upgrading ERP 4.6B to ERP 6.0.
• Supported go live.
• Configured GRC 5.3. Created custom rule sets and worked with mitigation controls.
• Worked with process experts & head of departments for SOD conflicts and assigned appropriate roles to the users.
• User Administration for more than 10000 users.
• Creating new users and maintaining users on day to-day basis (Single roles, Composite roles and Derived roles).
• Supported audit team for generating audit reports.
• Creating Individual and Complex roles for the user security.
• Worked with the functional teams to facilitate design and creation of roles and profiles under tight deadlines.
• Generate security reports for the department managers and to the management for Sarbanes Oxley Audit.
• Generate roles and composite roles in the development system and transported to the quality and production system.
• Trouble shooting system problems by analyzing system log, Update monitoring, Alert monitors, system traces, lock entries, system dumps.
• Developed and implemented complete security redesign plan and documented Security procedures, User guide lines.
• Implementing audit control points for end user roles.
• Designed and developed Security Implementation Matrix in excel database.
• Implementation and maintenance of Central User Administration (CUA).
• Designed and developed security profiles in PFCG for SD,MM,FI.
• Generating different reports for the management using t-code SUIM.
• Troubleshooting security issues in different areas like MM, PP, SD, FI.

Client: Confidential, Seattle May 2008 - Nov 2009
SAP Security Consultant

Responsibilities

• Working with functional business process teams to redesign new process and create new end-user single, composite roles.
• Designed several utilities to support SAP R/3 security reporting needs. Reports of user usage profiles and authorizations, comparison reports in different R/3 system.
• Work with profile generator (PFCG) in creating roles, profiles, composite roles, and derived roles.
• Worked with process experts & head of departments for SOD conflicts and assigned appropriate roles to the users.
• User Administration for more than 10000 users.
• Creating new users and maintaining users on day to-day basis (Single roles, Composite roles and Derived roles).
• Supported audit team for generating audit reports.
• User Administration, User Authorizations and profiles, Log Monitoring. Setup profile generator (PFCG) to create authorization profiles.
• Creating Individual and Complex roles for the user security.
• Worked with the functional teams to facilitate design and creation of roles and profiles under tight deadlines.
• Generate security reports for the department managers and to the management for Sarbanes Oxley Audit.
• Generate roles and composite roles in the development system and transported to the quality and production system.
• Trouble shooting system problems by analyzing system log, Update monitoring, Alert monitors, system traces, lock entries, system dumps.

Client: Confidential, New York Jul 2007 - Apr 2008
SAP Security Consultant

Responsibilities:

• Designing and creating security strategies and policies for R/3, APO and BW systems
• Working with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles.
• Heavily involved in transporting single, derived and composite roles for APO go live.
• Provided day to day base business support to over 1000 users in different countries.
• Maintained RF and Coordinator tables for 5 plants.
• Worked very closely with auditors and managers for SOX audit
• Developed web collaboration access for Suppliers and Buyers for APO go live project.
• Very closely worked with functional and ABAP team to develop new security strategies.
• Worked with process experts & head of departments for SOD conflicts and assigned appropriate roles to the users.
• Transporting the new roles to different clients and R/3 systems.
• Day to day technical support and resolution of Security issues.
• Designed several utilities to support SAP R/3 security reporting needs. Reports of user usage profiles and authorizations, comparison reports in different R/3 system.
• Monitoring system logs, system dumps, system traces.

Client: Confidential, USA Inc, GA Jan 2005 - Jun 2007
SAP Security Admin

Responsibilities:

• R/3 system security and Authorization concepts knowledge transfer.
• Trouble shoot R/3 security problem by using different scenario such as ST01, SU53, SU24
• Implementation and maintenance of Central User Administration (CUA).
• Worked with process experts & head of departments for SOD conflicts and assigned appropriate roles to the users.
• Designed and developed security profiles in PFCG for all modules
• Generating different reports for the management using t-code SUIM, SECR.
• Troubleshooting security issues in different areas like MM, PP, SD, FI and CO.
• Monitoring system logs, system dumps, system traces.
• Transporting roles to different clients and R/3 systems.
• Day to day technical support and resolution of Security issues.
• Designed several utilities to support SAP R/3 security reporting needs. Reports of user usage profiles and authorizations, comparison reports in different R/3 system.

PROFESSIONAL PROGRAMMING EXPERIENCE:

Client: Confidential Sep 1998 - Dec 2004

Responsibilities:

• Maintained Oracle 7.2 database and Interacted with users heavily
• Fixed the bugs to stabilize the application
• Run monthly and yearly backend processes
• Created users and assigned passwords to use application and database
• Developed stored procedures for everyday batch processing
• Developed and implemented a screen to display invoice images
• Developed the code to display the images
• Created several tables, views, triggers, stored procedures, and functions

Client: Confidential Jun 1998 - Sep 1998

Responsibilities:

• Developed PLSQL everyday batch processing scripts.
• Developed several SQLPLUS reports.
• Created tables, views, and triggers.
• Developed stored procedures to compare and load the data into master and child tables.

Client: Confidential Sep 1996 - Jun 1998

Responsibilities:

• Developed several PLSQL scripts to clean the data.
• Developed several SQLPLUS reports.

Client: Confidential through DMR Consulting

Responsibilities:

• Developed and implemented several PLSQL stored procedures to extract and transform data.
• Performed data loading to Oracle database.
• Modified several batch processing shell scripts.
• Developed several test scripts.
• Developed technical documents.

Client: Confidential through DMR Consulting

Responsibilities:

• Developed several PLSQL packages.
• Developed several test scripts.
• Installed the application for several users.
• Developed several technical documents.

Client: Confidential Oct 1995 - Jul 1996

Responsibilities:

• Developed and implemented user screens using Power Builder.
• Supported the application after go live.
• Developed technical documents.
• Developed test scripts.

Client: Confidential Feb 1994 - Aug 1995

Responsibilities:

• Developed and implemented user screens like deposit, withdrawal, etc.
• Developed technical documents.
• Developed test scripts.

Client: Confidential Jan 1987 - Nov 1993

• Worked as administrative assistant. Responsibilities included balancing of C.O.D amounts and printing invoices.

EDUCATION:

• Electrical Engineering B.S.

VISA STATUS: U.S. Citizen