OBJECTIVE:

• 14 years of IT experience, SAP/GRC Security experience across various modules of R/3 (MM, PP, PS, PM, WM, SD, FI, HR, and FICO) and BW, BI, MDM, MDG, SRM, SUS, CRM, PI, Reporting, E - Sourcing and EP Security. Deliver outstanding leadership and interpersonal skills. Show Effective communication and translate/liaison between technical and business units, making complex security Design easy to understand.
• Implement full life cycle project with SDLC Compliance. Effectively prove my diversified Knowledge across various industry sectors with respect to SAP Security implementation within R/3, HR, CRM, BI/BOBJ, GRC5. .1, SUS, SRM, MDM, and MDG. Adhere to SOX Compliancy and administer using VIRSA, GRC 5.3, 10 & 10.1, S/4 HANA Security Administration.

SUMMARY:

• 14 years of experience in the Information Technology industry as an SAP Security Consultant
• 14 Years of Production support and Client Specific Application Implementation Experience.
• 13 Years of VIRSA, GRC 5.3, 10.0 & 10.1 End to End Implementation & Support experience.
• Handled full life cycle implementation projects of SAP R/3, GRC 5.3, 10 & 10.1, SRM, SUS, MDM, MDG, ECC, BI/BOBJ, PI, CRM, HR from Blue print to go-live and maintenance of post go-live activities which involved to end users and production support.
• Worked as security admin in all functional areas (MM, FI, SD, WM, MFG, PP, PM, PS) and other areas like CRM, SRM, SUS, MDM, Reporting, E-Sourcing, XI, BI/BOBJ, HR and EP.
• Experience in implementing security for various SAP modules such as FI, CO, MM, SD, etc. in various versions of R/3 including 4.6C, Enterprise R/3 4.7 and NW7.X products such as ECC 6.0/EHP6, BI 7.X, EP 7.X SRM 7.X,CRM, GRC.
• Interacted with business/process team for data and information gathering. Strategizing and implementation of SAP Security model, processes and procedures by following SAP best practices for SAP security
• Experience in analyzing and processing of SOD and SOX issues, Audit projects and in reviewing critical and sensitive authorizations, implement improvements to meet audit requirements
• Experience in NetWeaver Identity Management (IDM).
• Experience in CRM, and HR security
• Extensive Experience in Upgrade Remediation for all products of SAP Security.
• Experience in working with Automatic Profile Generator, creating and modifying Single, Composite and Derived roles. Transporting roles using Change Requests, Download/Upload
• Extensively performed User Master Reconciliation and Mass Generation of profiles, SUIM reports for reporting, audit and troubleshooting purpose
• Strong Experience with helpdesk, resolving ticket issues and troubleshooting support problems, Documentation and knowledge transfer and an active team player
• Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy
• Respond to requests and prepare SAP security reports based on management and department needs
• Troubleshooting System, User and authorization problems, Batch/Background Jobs Management, CATT Scripts
• Documented processes, improved user change management procedures, monitored segregation of duties, and supported any SOX standards.
• Solved SAP Security issues by following established protocols and continuously improved safeguards.
• Prepared user security assignment files daily, for processing by the Security Administration team and monitored quality levels.
• Exposure to the One Solution of Approva.
• Worked in various ongoing projects at the client location.
• Excellent team player with good analytical communication skills and self-initiation.
• Functional Knowledge in the areas like FI, MM, SD, PM & PS
• ECC Security Upgrade EHP4 - EHP6 & BI Upgrade 7.0 - 7.3
• Role Re-Organization.
• SAP Installations, configuration, MPP’s, Project planning, deliverables, Implementation and Support.

PROFESSIONAL EXPERIENCE:

Confidential, Houston, TX

SAP BASIS, GRC & Security Technical Lead

Responsibilities:

• SAP BASIS & Security Team Lead for Implementation & Go-Live.
• Prepared MPP’s, Meet Client deadlines, deliverables, Escalations, Documentation, and Project Planning.
• Installed GRC servers across the landscapes.
• Hand-over systems to client within the given timelines.
• GRC 10.1 Implementation & Installation of AC - ARA, ARM and EAM modules
• GRC 10.1 ARA, ARM and EAM Configuration.
• Implemented GRC process Controls
• As a GRC Architect to identify the client specific risk’s working with internal auditors.
• SAP Role Design, Naming standards, Documentation.
• User, Documentation and Demo’s.
• Password Self Service across the Landscape
• Successful Go-Live with all modules and Hyper-Care.
• Working as a Support Lead for SAP BASIS & Security team.
• Working as Incident manager & Changer manager for SAP BASIS & Security Team.
• Work with internal & external Auditors to review SoX Compliance, generate reports by executing the tables, Audit and generated Audit Information Systems logs. periodic Access reviews to avoid the audit issues.
• Worked on End to End S/4 HANA Security
• User management, Role management & Analytic Privileges
• Security parameters, SLT, Integration, Packages.
• Restrict Views as per Business Requirement.
• Access to 3rd Party Tools.
• Password Parameters.

Confidential, Houston, TX

SAP GRC & Security Architect

Responsibilities:

• GRC 10.1 End to End Implementation - Blueprint, Realization, Installation, Configuration, Testing, to users and process documents.
• Implemented GRC AC (ARA, EAM, ARM & BRM) - Identified Client Specific Risk’s for ECC & CRM, Configuration, Unit Testing, Workshops, Requirement Gathering, AC Process Flow define, User, Demo and so on.
• GRC Installation
• CRM, ECC, BI/BOBJ, XI/PI End to End Implementation
• Implemented CRM, ECC, BI/BOBJ - Role Matrix, Identify Roles to Job Positioning, define process document, Workshops for requirement gathering, Role Build, Unit Testing.
• XI/PI Security
• Day to day interaction with the business to gather the requirements for the role maintenance
• HPQC test tool for unit testing and UAT.
• Java systems - User Provisioning.
• OAM, D2D Security
• HR Security Implementation.
• Realization Phase - Role Matrix & Roles to Job Positioning.
• Workshops with ECC Functional and BPO Teams.
• Build the Security Roles & perform risk analysis
• Config ECC to GRC 10.0 system
• User Maintenance
• Troubleshooting the issues by running the trace
• Interacted with Portals configurators and developers in implementing Portals security
• Created Users in Portal and assigning the roles to the users.
• Build custom role and restrict access level.
• Create Groups and map to a Access Level
• Download groups and users from BI - Map to a Access Level
• Map groups to Folders and restrict Access Level
• Create Folders and Sub Folders in BOBJ
• BOBJ Folder level access restriction
• BI Requirement gathering and defined security strategy.
• Build BI as per the business requirement
• Maintained authorization profiles using OOSP and users using OOSB.
• Worked on Authorization all HR Objects PLOG, P ORGIN, P ABAP etc.
• Worked Extensively on HR tables T77*
• Position Based Authorizations - PO13, PA20, PA30
• Conducted Risk and Rules Workshop with Client, BPO, Functional Teams, Internal Auditors and Security Team
• Workshops with Client and BPO team to define ARA process workflow, Identify owners, Risk Analysis and so on.
• Given /Demo to the Client and BPO users.
• Post installation configuration at SPRO and NWBC
• BC Set Activation
• Creating connectors & Connector Groups
• MSMP workflow setup
• Leverage internal/external audit requirement to define custom rule set
• Scheduled background jobs for user/role risk analysis
• Defined and configured Risk owners and Mitigation controllers
• Applied Mitigations for Identified and approved SOD Violations.
• Post installation configuration
• MSMP workflow setup
• Emergency Access Management Installation Configured & Validated
• Defined Reason Codes for Fire fighter use
• Identify & create communication users & administrators access for EAM
• Troubleshoot SOD Reports issue and resolve.
• Perform issue resolution
• Conduct workshops for requirement gathering (Owners, Controllers, Number of FF ID’s, and so on).
• Post installation configuration - SPRO & NWBC
• MSMP workflow setup using BRF+ Flat Rule (Lineitem by Lineitem)
• End user Personalization
• Setup parameters
• Schedule Jobs
• Conduct workshops to define the AC workflow for User Request.
• Post installation configuration SPRO and NWBC
• Defined role attributes
• Role Methodology Configuration with BRF+ condition Group
• Defining the role definition based on client requirement.
• Define Org.Level Mapping
• Generate Action usage reports

Confidential, Denver, CO

SAP Security Architect

Responsibilities:

• Worked on Security for the implementation project SAP SRM-PPS.
• Working for the SRM portal roles and BI/BOBJ roles.
• Portal Security for SRM access
• XI/PI Security Activities
• Evaluating of the entire SAP security setup across all systems of Confidential and generate a report and firm recommendations.
• Worked on ECC Security Upgrade EHP4 - EHP6
• Worked on BI Upgrade 7.0 - 7.3
• BOBJ 4.1 Administration - CMC (Central Management Console)
• Folder and Group Security in BOBJ.
• Periodically roles/users are to be synchronized into BOBJ from BI system.
• Working closely with the client @ Blueprint stage
• Day to day interaction with the business to gather the requirements for the role maintenance.
• Recommended GRC 10.0 to Confidential and given presentation/demo’s to CDTO business, IT, Stake Holders on how GRC will support.
• Worked on Access Control GRC 10.0 - ARA, EAM, ARM modules
• Worked on Licensing Audit-USMM
• IDM - User Management.

Confidential, Houston, TX

Project Lead

Responsibilities:

• On-site Lead for SAP Security and BASIS team.
• Handling On-going Projects
• Key decision maker for SAP security modules(HR,MM,FICO,PS,PM,SD & BI)
• Day to day interaction with the business to gather the requirements for the role maintenance
• Working on the Security Tickets.
• Interacting with the users to solve their issues
• Worked for the Implementation project Access Control GRC 10.0
• CRM User and Role Administration
• HR Security
• IDM Security

Confidential, Wilmington, DE

IHC (In-House Consultant)

Responsibilities:

• SAP Security IHC (In-House Consultant) for a landscape
• On-site coordinator for the Wipro offshore security team
• Key decision maker for security & authorizations for a cluster (landscape)
• Evaluating and analyzing all the security maintenance tickets prior to the execution
• Day to day interaction with the business to gather the requirements for the role maintenance
• Interacting with the users to solve their issues
• Process improvements in security and authorizations area
• Work with Audit team to resolve SOX/SOD related issues and will provide the proofs to the (Internal & External) auditors.
• Worked as a security admin for the Implementation project XI, BI, MDM, SRM, SCM, SRM-SUS, Reporting, EP & E-Sourcing.
• Creating users and roles in MDM repositories (Service, Material and Vendor)
• CRM Security
• Worked on Sunset project - migrate Mexican cluster to the North America Cluster.
• Worked on Viking IT Mtg project - Client sold out a plant and migrating the related data to the new company.
• Worked on role re-organization process for the GRC 5.3 implementation project (RAR, CUP, and SPM).
• Worked on GRC 5.3 Implementation project
• Regular GRC activities - RAR - Rule Set Maintenance, Generating rules, transports, monitoring backgrounds, analyze and fix the issues.
• SPM - Configuration
• CUA Administration.
• Worked on GRC 10 Migration project.
• Worked closely with Audit team for SAP Security Audit and generated Audit Information Systems logs.
• Worked with process experts on Segregation of Duties (SOD) issues.
• Utilized the GRC Compliance Calibrator tool to verify requests for business correctness and test for any Segregation of Duties conflicts.
• Determined the users who have SOD conflicts using GRC tool and change the authorization objects which are creating conflicts
• Run the RAR (Risk Analysis and Remediation) tool to find SOD conflicting roles and modify them according to the requirement.
• Maintain various role matrices for roles, authorization objects to keep track of the modifications made the roles.
• Periodic Access reviews to avoid the audit issues.
• Extensively used the GRC suite of products (Compliance Calibrator, FireFighter, and Access Enforcer)
• Performed SOD’s for roles and helped team in fixing major issues.;
• Utilized the RAR tool to check for Segregation of Duties conflicts at transaction code level and authorization object level
• Maintained the Conflicting Tcodes, Critical Tcodes in the Rule Architect
• Created the Business Process, Functional Groups, Risk ID’s, Rule ID’s for the Compliance Calibrator according to the Organization Requirement
• Assigning the Mitigation control on the roles
• Worked with Role Expert to creating and modifying roles
• Worked extensively with FireFighter to resolve emergency and show stopping issues.
• Created Firefighter ids
• Helped Organization with Firefighters Tables during Refreshes.
• Processed non-prod and production tickets in Access Enforcer (AE)
• Mitigated risks in AE
• Created users and provision access as requested.
• Uploaded roles in AE for child systems.
• Generated weekly reports on processed tickets in AE.
• Assign Functional roles to functional role owners.
• GRC FF SPM log job (/VIRSA/ZVFATBAK)
• STMS QA approval job
• Inactive users, role expiration, Expired/Duplicate Role Assignment, Userid's with no systems/roles assigned (CUA job), Developer Key Table, SCUL Errors, SCC4, STMS QA access jobs will be scheduled and monitor them.
• The generated reports need to evaluate and resolve them accordingly

Confidential, Boston

Project Lead

Responsibilities:

• Defining menus and default parameters to users
• Performed transports and mass transports of roles
• APO Security
• Handling Enhancement Tickets & Projects
• Following the Security Procedures
• CUA - Central User Administration
• Day to day technical support and resolution of security issues, Analysing Problems and Resolving the Issues (Tickets). Involves Troubleshooting.
• Documenting all Security deliverables.
• Working for the current business process functional specifications and identified the relevant areas for customizations for the customer.
• Handled SOD conflicts for all production system using SUMAT tool.
• Exposure to The One Solution of Approva.
• Analysis and documentation of the User Roles for R/3, BW systems.
• Analysing and modifying Roles based on request.
• Managing all SAP Security related Change Requests for entire SAP production server throughout the widely spread landscape.
• Build each role as per the documents through the standard Profile Generator tool and other associated SAP transactions
• Documented all the changes related to roles in LNCC.
• Testing transactions assigned to the role and reporting the complexity of those transactions.
• BW Security - 3.1 & 3.5 Version, Implementation of BIW roles as per the end user requirement.
• Designed and periodically reviewed SAP critical transactions, tables and reports in compliance with SOX guidelines.
• Interacted with business managers to identify roles and their level of authorization in accordance with their job functions.
• Assignment of role requirements based on job functions and audit control processes.
• Implement and establish standards for custom authorization objects.
• Hands-on security upgrades using SU25 and Profile Generator (PFCG).
• Cleaned up and optimized security Roles.
• Review critical and sensitive authorizations, implement improvements to meet audit requirements.
• Create and modify Single roles, Composite roles and Derived roles by using Profile Generator PFCG.
• Work with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts
• Worked with functional team leads to define the new transactions and checking the suitable role to be fit without SoD Conflicts.
• Secured roles by Company Code, Plant, Cost Center, Profit Center, and Purchasing Organization. Work with Audit team to resolve SOX/SOD related issues.
• Continuously improved security configuration to reflect best practices and to prepare for system audits.
• Taking Periodic logs for the given Emergence id’s like (ZORANGE, ZRED & SAPOSS).
• Performed trouble shooting on R/3 security problems by using system traces
• Confidential has 6 system landscape each in R/3, BW (3.1 and 3.5 versions), APO & solution manager. With total number of users across all the systems running to 50,000 and 4 to 5 new projects running any time of the year-authorization requests to the tune of 500 per month are handled
• Performed Enterprise portal Security and administration.
• Helped in Implementing Structural Authorizations,
• Maintained authorization profiles using OOSP and users using OOSB.
• Worked on Authorization all HR Objects PLOG, P ORGIN, P ABAP etc.
• Worked Extensively on HR tables T77*

Confidential, Houston, TX

SAP Security Consultant

Responsibilities:

• User Maintenance and generating profiles based on user requirement
• Security Audit System
• SOD (SEGGREGATION OF DUTIES).
• Defining and Scheduling background jobs
• Quite Time Activity
• Handling Enhancement Tickets
• Used Virsa Compliance Calibrator (Simulation mode and Detail mode), Firefighter to identify SOD’s and resolve any issues.
• Used Virsa Role Expert to ensure consistency of Role definitions, testing and maintenance across the entire implementation
• Automated the access provisioning approval process by combining roles and permissions with workflow using Virsa Access Enforcer
• User maintenance (User creation/deletion/lockdown/activation /Password management)
• Knowledge in VENDAVO
• Vertex Updates

Confidential

Team Member (Jr. Basis Administrator)

Responsibilities:

• Involved in creating and maintaining role/profile, changes to existing roles by adding new authorization objects and values, and deletion of roles using Profile Generator PFCG
• User Maintenance and generating profiles based on user requirement
• Performed transports and mass transports of roles
• Creating customizing clients and performing client copies
• Security Administration
• Defining and Scheduling background jobs