SUMMARY:

• SAP Security Architect / GRC Analyst with over 10 years of experience in SAP Security and Governance Risk and Compliance (GRC). I have technical experience in installation, upgrade, testing, support, monitor and implementation of business applications. Extensively involved in Authorizations using automatic profile generator for modules such as SD, MM, FI etc., Central User Administration (CUA), Profile maintenance and Security maintenance of R/3.Knowledge in implementing Sarbanes - Oxley procedures for multinational organizations. Completed two full life cycles of implementations of R/3 which include design of overall
• SAP security. Experience in end to end implementation of HANA Security. Expertise in technical analysis, design, development and testing of SAP Governance, Risk and Compliance (GRC) security components and user access controls for ERP Central Components (ECC), Public Sector Supplier Relationship Management (SRM), SAP HANA and Business Warehouse (BW) on HANA.
• Possess strong analytical abilities coupled with excellent communication and interpersonal skills besides being a committed team player.

PROFESSIONAL EXPERIENCE:

Confidential, Minneapolis, MN

Senior SAP Security Consultant

Responsibilities:

• Responsible for Role Redesign for Finance (AP), implementation strategy of ECC 6.0 roles and authorizations based on business direction.
• Intensively involved in analysis on the basis of requirements gathering through tables, AGR DEFINE, AGR TCODES, AGR 1251, and USOBT C etc.
• Developed 30 character naming convention.
• Remediation for Default System ID for all environments.
• Remediation of sensitive access such as SE16/SE16N, SPRO, SCC4, SM36 and SA38/SE38.
• Restrict users from sensitive authorization objects such as S BTCH NAM and S BTCH ADM.
• Restrict users to specific programs through S DEVELOP and S PROGRAM.
• Maintained new range for table authorization groups in S TABU DIS.
• Remove the direct assignment of profile (SAP ALL, SAP NEW etc.) from System Users in Production and non-production environment.
• Developed a role for NUID (Non User Id) using tcode PFCG, SU53 and ST01.
• Align security, basis and configurator roles.
• Implemented ERP Maestro for removing SOD violations from the roles.
• Responsible for developing Fire Fighter id roles for Security, Basis, Developer and HR
• Assignment of newly developed roles to approvers, requesters, and controllers.
• Map the fire fighter id to requesters, approvers and controllers.
• Ensure security templates best practices are implemented for their assigned project audit, compliance and risk management.
• Development of document for knowledge transfer.
• Extensively involved in developing new business process.
• Configure workflow for fire fighter ids.
• Locking default ids (DDIC, SAP* etc.) in all default, production and non-production clients.
• Extensively involved in suppressing Sensitive Financial Data in Vendor Master.
• Restrict users to Vendor Master Central (XK01, XK02, and XK03), Financial (FK01, FK02, and FK03) and Purchasing views (MK01, MK02, and MK03).
• Managed Production Support for 1500 users.

Confidential, New York, NY

Senior SAP Security Consultant

Responsibilities:

• Extensively worked on the production support for more than 9000 users.
• Worked with Process Control team to remove the SoD violations from the role.
• Maintained test ids for unit testing and functional testing.
• Resolve issues on daily basis using transaction ST01, SU53 and SUIM.
• Developed new roles as per requirements of Process Control for GRC 10.1.
• Responsible for review of the role changes.
• Maintained owners and controllers for Fire Fighter ids.
• Maintained SU24 and regenerated the roles.
• Table maintenance for custom T-codes and restricting them through object S TABU DIS and S TABU NAM.
• Configure Business Role Management (BRM) and upload new roles in BRM for users in GRC 10.1
• Configure MSMP work flow for ARM and EAM.

Confidential, Brooklyn Park, MN

SAP Security Analyst

Responsibilities:

• Managed production support for more than 17000 users.
• Upgraded Governance Risk and Compliance (GRC) from version 5.3 to version 10.1.
• Integrated SAP Governance Risk and Compliance (GRC) 10.1 with ECC, SRM, SAP GATEWAY Systems, Enterprise Portal, SAP BW and BW on HANA using transaction SM59, SPRO, SICF, and SE61 etc.
• Developed and maintained authorization process design and related documentation for Governance Risk and Compliance (GRC) 10.1.
• Configured Multi Stage Multi Path (MSMP) workflows and extended workflows using BRF+.
• Worked on Risk Analysis, BRM, EAM, and change management process.
• Involved in maintenance, enhancement and development work of SAP GRC 10.1 security components.
• Worked with Release management team in developing of the cutover plans.
• Generated Test scripts for testing team and worked on defects which have been raised during testing.
• Worked with compliance and functional team to remove SOD violations from the roles.
• Maintained owners and controllers for Fire Fighter ids.
• Developed Matrix for both Canada and Domestic systems using Microsoft Excel for Managers and Group Mangers.
• Developed the workflow for a new service to leverage Service Market Place Ids (OSS ids) and Developer Keys in SERVICE NOW.
• Successfully finished the projects which include the removal of SA38 and SE16/SE16N from business users with no single downtime to compliance with SOX.
• Supported technical teams on trouble shooting security issues and take proper action on provided access staying aligned to business process and procedures.
• Ensure security templates best practices are implemented to for their assigned project audit, compliance, and risk management.
• Delegated work to offshore team.
• Delivered project activities upon project planned dates and provided timely progress report to management.
• Completed end to end HANA implementation as a data mart for reporting and analytics.
• Created Design Time roles for BW modelers, Basis, Security, and Database Administrator for PRD and NON PRD systems.
• Used Schema privileges to allow access and modify Schemas.
• Used Analytic privileges to allow read access to data in SAP HANA information models.
• Also used Packages to allow access and the ability to work in packages in the repository of the SAP HANA database.
• Managed licenses.
• Monitored and traced to resolve issues.

Confidential Phoenix, AZ

SAP Security Designer / Architect

Responsibilities:

• Extensively worked on the production support for more than 18000 users.
• Troubleshoot issues on daily basis by using SUIM, ST01, PFCG, SU01, SU10 and screenshots provided by the business user using SU53.
• Hands on experience on HR Security, Structural profiles, Organizational structures PA, PD, Payroll, and Time, Travel and ESS and MSS modules.
• Maintained HR organizational structure to administer and control user access including time delimited access.
• Maintained and created roles (Master and Composite) using Profile Generator (PFCG).
• Extensively worked on Demand Management for the role redesign.
• Worked with compliance and functional team to remove the SOD from the roles.
• Worked on Separations Enforcer (TM) SOD Version 005 to simulate the roles on user basis and role basis using /PSYNG/SE.
• Maintained functions depending on the requirements provided by the Compliance team
• Assigned Fire Fighter Roles with the proper approval to the end user.
• Have done extensive table maintenance and collaborated with business team to decide upon restricting tables through authorization object S TABU DIS, S TABU NAM, etc.
• Developed new roles as per requirements of Business Compliance Team.
• Interact with end user to resolve their issues on Timely manner.

Confidential, Richmond, VA

SAP Security Analyst

Responsibilities:

• Responsible for the review of role redesign, implementation strategy of ECC 6.0 roles and authorizations based on business direction.
• Communicated security and risk-related concepts to technical and non-technical audiences.
• Analyzed potential impact on company systems and informed management of actions needed or other recommendations Completes priorities as assigned.
• Created a 30 character naming convention.
• Prepared Security strategy document.
• Communicated effectively both horizontally with peers and customers, and vertically with management.

Confidential, Oklahoma City, OK

SAP Security Analyst

Responsibilities:

• Extensively worked with Role based security for more than 7500 users.
• Created Roles, assigned transactions and maintained authorization profiles.
• Assigned Portal Roles to end users.
• Maintain transaction and authorization data in roles.
• Generated authorization profiles, assign roles and profiles to Users.
• Created and maintained Single role and Derive roles.
• Maintained security roles for SAP landscapes using PFCG.
• Used Changed control process to create, transport roles for DEV, QA, to PRD.
• Troubleshoot security/authorization related problems using SU53, ST01 and SUIM.
• Modified Check Maintain flags in SU24 as needed.
• Scheduled Jobs to produce the reports of FF Ids and sent to Functional Managers.
• Implementation of Emergency user concept with GRC Firefighter tool and Business Firefighter Ids for example closing a financial pay period.
• Worked as a production support on a daily basis and security monitoring of production systems.

Confidential, Bolingbrook, IL

SAP R/3 Security Architect

Responsibilities:

• Completed a full cycle of implementation of new security design (Job roles approach) for more than 6500 users.
• Configured Compliance Calibrator and Firefighter on SAP R/3 4.7 and ECC 6.0.
• Implementation of Workflow and Email Notification for GRC tool.
• Scheduled Jobs to produce the reports of FF ids and sent to Functional Managers.
• Created Custom rules in the Compliance Calibrator tool and developed naming convention for Mitigating Controls and implemented them.
• Implementation of Emergency user concept with GRC Firefighter tool and Business Firefighter ids for example closing a financial pay period.
• Managed and cleaned the roles and compliance with SOX.
• Trained users in using the Compliance Calibrator tool to recognize SOD conflicts at the role and user level.
• Worked on CRM project to create and design the security of CRM roles.
• Involved in the implementation of GRC Access control 5.3 RTA (Real Time Agent).
• Successfully worked on multiple Security Audits; both internal and external.
• Designed, implemented and deployed SAP security strategy, procedures and roles for various projects and functional teams (MMPP, FI and SD).
• Worked with managers to develop strategy for compliance with SOD issues.
• Participated in the implementation of BW regional system.
• Utilization ofSU53, RSSM, and System trace and Debug utilities to optimize authorization checks.
• Worked as a production support on a daily basis and security monitoring of production systems.
• Worked on Solution Manager 7.0 for test cases and scenarios.
• Helped in rolling out the STMS transactions for transports, as they were using custom utility for transports.

Confidential, Norwalk, CT

SAP R/3 Security Administrator

Responsibilities:

• Designed, implemented and deployed SAP security strategy, procedures and roles for more than 1800 users.
• Worked on the Security Audit project in the 4.6C landscape
• Worked with Auditors on proposing and suggesting rules for finding out users that are assigned the transactions identified by Auditors.
• Worked extensively with process experts on Segregation of Duties (SOD) issues.
• Modified existing roles to make them complaint with SOD.
• Created new roles as per SOD requirements.
• Worked with management team and internal audit to develop a Sarbanes-Oxley compliance strategy.
• Removed SAP DISPLAY ALL role from all the users and created different roles for users to perform their duties.
• Performed transports and mass transports of roles.
• Performed reconciliation of user master records and roles (PFUD).
• Did knowledge transfer to the client’s employees and was involved in in campus security administrators.
• Worked on CATT scripts for user creation, user deletion, roles replications, role deletion, generate profiles, assigning roles to users, adding parameters to users, etc.

Confidential, Redwood City, CA

SAP Security Analyst

Responsibilities:

• Responsible to clean all the SAP access related issues found by internal auditors ( Confidential and Touche) and external auditors (PWC). Have cleaned all of them which include the change of more than 2000 roles in three different SAP systems within six months and in one year we were able to get the audit report with highest level of rating “Satisfactory” from Confidential and Price Waterhouse Coopers which we never got in the history of Confidential Ltd.
• During cleaning the roles there were no downtime for more than 7,000 users.
• Designed and created the new roles for HCM including ESS, MSS, Compensation, Benefits, Time Management etc.
• Responsible to place the SOD controls and compliance with SOX.
• Configured Compliance Calibrator and Firefighter (Emergency Access) on SAP R/3 4.7
• Created Custom rules in the Compliance Calibrator tool and developed naming convention for Mitigating Controls and implemented them.
• Implementation of Emergency user concept with Virsa Firefighter tool and Business Firefighter ids for example closing a financial pay period.
• Trained users in using the Compliance Calibrator tool to recognize SOD conflicts at the role and user level.
• Designed, implemented and deployed SAP security strategy, procedures and roles for various projects and functional teams (MMPP, FI and SD).
• Worked with managers to develop strategy for compliance with SOD issues.
• Design, Develop, Test and Implementation of APO Roles
• Troubleshot problems that occurred with e-portal authentication/authorization.
• Worked as a SAP Security analyst on a project of consolidation of two instances into one new instance which requires the implementation of ESS/MSS and new security design.