SUMMARY

• Over 8+ years of experience in SAP Security / GRC Consultant with strong understanding of Information Security Practices.
• Well experienced with multiple SAP Security Lifecycles (Analysis, Conception, Implementation, Upgrade, Quality Assurance, Support, Redesign & Cutover)
• Extensive experience in all aspects of SAP Security Administration - Including up gradation And various SAP R/3 versions 6.0/5.0, R/3 4.7/4.6C, SAP BW 3.5, BI 7.0, EP 7.0/6.4/6.0,
• Worked on 3 Full life cycle implementation of SAP Security projects from design phase to
• Post implementation phase in SAP Security domain.
• Expertise in designing Security roles and evaluating Security profile parameters.
• Provide User administration support in all SAP systems and landscapes; daily processing of user requests and account maintenance.
• Experience with SAP Application Security development and administration R/3 environment for the following modules: FI, CO, MM, PP, SD, HR. Exposure of CRM business process, enterprise portal.
• Expertise in Internal controls, Procedures and Standard Operating Procedures related to Security Administration.
• Created the roles, authorizations, and administered User Master Data as per the Client SAP Controls & SOP (Standard Operating Procedures) documentation as required by the Audit.
• Expert in using LSMW & SECATT Scripts for mass user provisioning, deprovisioning and administration etc.
• Extensive experience with Automatic Profile Generator (PFCG), User Administration, Central User Administration (CUA), Authorization object maintenance, Problem analysis and trouble shooting, transporting roles, HR Security, Auditing, Segregation of Duties (SOD) and Sarbanes-Oxley Compliance etc.
• Good understanding of GRC concepts and Architecture.
• Working knowledge in analyzing and processing SOD and SOX issues within SAP implementation using GRC 5.3 and GRC 10.0, 10.1 access control tools such as Fire fighter, Compliance Calibrator and Access Enforcer for Sarbanes-Oxley section (SOX) compliance.
• Expert in role design according to Sarbanes-Oxley (SOX) compliance - strategy management related to SAP business processes, transactions, control infrastructure.
• Expertise in GRC components (Access controls) and strong understanding of Segregation of Duties frameworks.
• GRC Access Controls - Worked on Access Risk analysis, Access request management, Business role management, Emergency access management and Periodic access review and audit.
• Participated in the implementation and support of SAP GRC Access controls 10.0, 10.1 including ARA, ARM, BRM, UAR and EAM; assist with technical deployment of future rollouts.
• Strong understanding of Authorization Concept and working with Developers in setting up required Authority Check for Custom Tables, Reports and Custom transactions.
• Superior Communication skills, strong decision making skills, Organizational skills, and customer service oriented, comfortable working in a fast-paced, hands-on, growth oriented environment. Excellent Analytical and Functional skills.

TECHNICAL SKILLS

ERP: SAP ECC 6.0/5.0, SAP R/3 4.7, GRC AC 5.3 &10.0,1, EP 7.0/6.0,BI 7.0

Specialization: GRC 10.0, 10.1, Security (ECC, BW, BI), CUA, Profile Generator, User Maintenance Authorization, knowledge of functional modules.

Operating Systems: Windows 8/8.1, Windows 7/Vista/XP/2000/98

Data Base: DB2, MS SQL, MS Access.

Languages: C, C++, Visual Basic and HTML.

Tools: MS Office (Word, Excel, Power point), SECATT.

PROFESSIONAL EXPERIENCE

Confidential, Houston, TX

SAP Security/GRC Consultant

Environment: ECC6.0, BI7.0, GRC 10.0, 10.1 and Enterprise Portal 7.0

Responsibilities:

• Responsible for all aspects of SAP ECC Security Administration tasks including coordinating and interacting with business, technical and functional consultants for gathering SAP Security requirements, Design/develop role, User Administration, transport roles/authorization, Testing, setup security system parameters, generating analysis reports, trouble shoot authorization errors and create/maintain SAP Security process documents for SAP systems.
• Ensure role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/control teams.
• Analyze all customer programs and transaction codes for authority checks.
• Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24).
• Responsible for developing roles, Composite Roles and derived roles using the Profile Generator (PFCG).
• Perform daily monitoring of scheduled jobs related to security and compliance activities and associated system administration tasks.
• Ensure segregation of duties (SOD) exists in the SAP systems.
• Troubleshoot existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets, put users in appropriate groups and resolve any issues in production system.
• Using System trace to record authorization checks in different sessions.
• Periodically analyze user master records and develop strategies to reduce any risks to the business from an authorization perspective.
• Involved with creation and maintenance of activity groups and custom authorization objects.
• GRC Security - Design, develop and Activation of Rule Sets.
• Perform Role and User Level SOD analysis for sensitive access.
• Provide technical support for any GRC production related issues.
• Perform SOD analysis and manage the mitigation process, monitor non-production environments for security violations.
• Create/Maintenance and documentation of Mitigation Control.
• Setting up Risk Analysis and mitigation.
• To identify the risks involved in the users access with the help of Compliance Calibrator and then minimizing those risks with the help of mitigation control document.
• Daily monitoring of GRC systems which includes monitoring of Batch jobs, System logs and Application logs etc.
• Troubleshoot any issues relating to Firefighters or IDs and with RAR.
• Perform Firefighter ID Provisioning Tasks.
• Monitor SAP GRC systems and troubleshoot the issues and report to the management on a timely basis.
• BW Security - Implemented Info object level BW Security and created BW security authorizations using RSMM transaction.
• Developed administrative and monitoring process for BW authorizations.
• Experience with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
• Used RSECADMIN in BI for creating, maintaining and assigning of Analysis authorizations.
• Assist users with access problems and questions using SUIM and SU53.
• Review and act on daily monitoring/change reports.
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management.

Confidential, Jersey City, NJ

SAP Security/GRC Consultant

Environment: ECC 6.0, BI 7.0, GRC 10.0

Responsibilities:

• Designing, writing and implementing security related standard procedures for the user administration, roles and profile generation.
• Created single role, composite role and derived role as per organizational structure in both R/3 and BW/BI systems using PFCG.
• Creating and maintaining the user IDs in CUA.
• Identify Segregation of Duty conflicts and propose recommendations that lead to implementation of mitigating controls and elimination of risks.
• Performed change control reviews to be SOX compliant on a weekly basis (Auditing Information System and Project Management Internal Control)
• Trouble shooting - Identifying the missing authorizations using SU53 transaction/ST01 trace and maintaining them in suitable role and SU56 in order to find security problem.
• Trouble shooting performance issues & adjustment of SAP profiles.
• Raised role change requests in Solution manager system.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security.
• Analyze user related information including roles and profiles, by utilizing transaction SUIM.
• GRC Security - Creation and Modifications of Risks, Functions, and Mitigating Controls.
• Perform control and Risk Owner modification Tasks.
• Interact with management to discuss and explain issues affecting users.
• Occasional mass-mitigation of user level violations.
• Troubleshoot any issues relating to Firefighters or IDs and with RAR.
• Perform Firefighter ID Provisioning Tasks.
• Monitor SAP GRC systems and troubleshoot the issues and report to the management on a timely basis.
• Provide first-level support for users with GRC related problems or questions about the systems administered.
• BW Security -Extensively used RSECADMIN in BI security to build analysis authorizations.
• Assigned the Analysis Authorizations access to users using the authorization object S RS AUTH.
• Worked with the Authorization checks by assigning Authorization groups to Programs (RSCSAUTH).
• Run security reports for critical transactions and objects for users who never logged on, worked with functional team leads to define the new transactions.

Confidential, East Hanover, NJ

SAP Security Consultant

Environment: SAP ECC 6.0, BI 7.0, GRC 5.3

Responsibilities:

• Interacted extensively with the business leads to understand the business requirements and build security as per their requirements.
• Worked with the business team to prepare and maintain role matrices and user mapping matrices.
• Communicated with Business Process Owner’s to obtain approvals for security changes.
• Worked with Automatic Profile Generator (PFCG) in creating Single roles, Composite Roles and Derived Roles.
• Followed key security standards such as maintaining check indicators in SU24 for authorization objects and Transaction codes, putting proper controls in place for securing programs and tables.
• Recommended and enforced the usage of Authority Check statement for custom programs.
• Monitored access to key authorization objects such as S BTCH ADM, S ADMI FCD, S TABU DIS, and S DEVELOP for debug access and etc.
• Implemented values for profile parameters for controlling password rules, logon rules, established monitoring process for inactive users and unsuccessful logons.
• Troubleshoot Authorization Errors using Transaction Code SU53 and ST01.
• Created ECATT Script for mass activities such as creating users, assigning roles to users, assigning user groups to users.
• Worked with table authorizations and created new Table Authorization Groups in SE54 to protect tables.
• Restricted access to SE16/SM30 by creating table specific custom transaction codes to the table using SE93.
• Made the info objects and characteristics authorization relevant as needed using RSD1.
• GRC Security - Trained on SAP GRC Access Control 5.3 - Risk Analysis and Remediation (Compliance Calibrator), Compliant User Provisioning (Access Enforcer), Super user Privilege Management (Fire Fighter), Enterprise Role Management (Role Expert)
• Troubleshoot any issues relating to Firefighters or IDs and with RAR.
• Perform Firefighter ID Provisioning Tasks.
• BW Security - Worked on SAP BI 7.0 Portal and Enterprise Portal user management.
• Experience with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
• Extensively used RSECADMIN tool to build Analysis Authorizations.
• Assigned the Analysis Authorizations access to users using the authorization object S RS AUTH.
• Resolved issues related to authorization objects using t-code RSSM.

Confidential, Memphis, TN

SAP Basis/ Security Consultant

Environment: ECC 6.0, BW 3.5

Responsibilities:

• Performed Installation of SAP ECC 6.0 EHP 6 along with the post installation activities.
• Printer spool administration and adding new spool servers and printers.
• Created, Managed and Release Change Requests for transports using transaction codes SE01, SE03, SE09 and SE10. Resolved TMS problems (STMS, SE03).
• Scheduled Batch & Background jobs and was responsible to trouble shoot various Job failures in different system landscape. Was responsible for scheduling and monitoring background jobs (SM36, SM37).
• Generated the RFC connections and established the trusted/trusting relationships between solution manager and satellite systems, Validate Trusted system entries in SM59.
• Performed system refresh from PRD to QAS system using TDMS.
• Responsible for all aspects of SAP Security Administration tasks - Coordinating and interacting with business, technical and functional consultants for gathering SAP.
• Security requirements, SAP security design, role development, Custom authorization, security system validation, User Administration, Testing, Transports and troubleshoot.
• Designed, Developed and maintained Single roles, Composite roles, Master and derived roles for SAP Modules FICO, SD, MM, WM, PP.
• Used SAP Security transactions - PFCG, SU01, SU10, SU24, SU21, PFUD, SUPC, SUIM, SU53, SU56, ST01, SE54, STMS, SCC1, SE09/SE10, RZ10, SM18, SM19, SM20,SE16, SM30... etc.
• Troubleshoot user roles, tracing the users, security authorization objects and custom reporting authorization objects to debug/troubleshoot an authorization error.
• Worked on creating and updating Roles as per the Basis team requirements and authority (FI, MM, PP and SD).
• Setup Profile Generator to create authorization profiles (PFCG).
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Mass transported roles from Development to Production System (PFCG).
• Monitored logged in users in the system and checked unauthorized logins (SM04).
• Analyzed user’s outputs and corrected security deficiencies (SU53 & SU56).

Confidential, Jersey City, NJ

SAP Basis/ Security Consultant

Environment: R/3 4.7, BW3.5

Responsibilities:

• Experienced with Spool Administration like configuring printers and trouble-shooting spool request, deleting old spool jobs and working with TemSe objects.
• Performed monitoring of SAP systems in the Landscape.
• Responsible for Client copies, system refreshes.
• Performed daily health check for Production systems.
• Responsible to define, monitor and scheduled various job chains for background
• Created roles by using Profile Generator and assigned them to users and organizational units (PFCG).
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Created profiles to effectively restrict user access to specific business areas.
• Resolving Securities Issues using SU02, SU03 and User Management.
• Used transactions such as SUIM, SU53 to troubleshoot problems.
• Mass transported roles from Development to Production System (PFCG).
• Analyzed user’s outputs and corrected security deficiencies (SU53 & SU56).
• Locked all the critical transactions (SM01).
• Unlock users and reset passwords for the data team members.
• Coordinated in completing the SAP security audit requirements checklist.