SUMMARY:

• Over 8 years of SAP SECURITY and GRC Configuration & Administration along with SOX compliance expertise
• Well experienced with end to end Security & GRC implementations which include Analysis, Conception, Implementation, Upgrade, Quality Assurance, Cutover and Production Support
• Well versed and hands on experience in GRC upgrade from 5.3 to 10.0
• Configured and implemented Access control on GRC 10.0/ 10.1.
• Extensive experience in
• SAP Security Administration - ECC 6.0, R/3 4.x/3.x, BI 7.0/3.5, SCM, SEM (BW, BPS, BCS), APO, SRM, CRM 7.0, PI, Portal & Solution Manager Modules.
• SAP Compliance - GRC 10.1, 10.0, 5.3, 4.0 (ARA (Access request Management), ARA (Access Risk Analysis), EAM(Emergency Access Management), BRM(Business Role Management))
• Experience with SAP Portals (EP 7.0 & 6.0), Single Sign On(SSO), IViews, ESS & MSS
• Extensively used Clarify, Remedy, HPALM, Test Director, QTP, Documentum & other tools.

EXPERIENCE:

SAP GRC Consultant

Confidential ( Confidential ), TX

Responsibilities:

• Worked on Integrated Design Document for Confidential GRC 5.3 to 10.1 upgrade project.
• Executed post installation steps of GRC which include activating BC sets, SAP ICF’s, Common Work Flows etc.
• Designed and created end user and project roles for GRC.
• End to End Configuration for Access Control which includes ARA, ARM, BRM, and EAM.
• Configured and customized Rules sets, mitigation controls and alerts (ARA).
• Configured MSMP Work Flows and BRF+ Rules to design multiple paths for General Access Requests, Super User Access Request, Requests, SOD Detour paths etc.
• Configured complex BRF+ Agent rules for custom approvers agents using database lookup.
• Configured Connectors for multiple ABAP systems, LDAP System and Portal.
• Customized the layout of NWBC screens using LPD CUST and authorizations based on the client requirement.
• Scheduled backend synchronization jobs to perform User-Role-Profile, firefighter Log and WorkFlow Sync.
• Fixed multiple issues faced by testing team.
• Researched and applied OSS Notes as applicable.
• Extensively involved in post-Go-live activities, and Access Provisioning.
• Documented process and procedures for SOD analysis/ simulation, remediation/mitigation, monitoring and applying controls.
• Worked on remediating audit finding around critical authorizations.

SAP GRC Consultant

Confidential, MO

Responsibilities:

• Implemented position-based security for CRM
• Configured organizational assignment request to assign roles indirectly to users through respective positions.
• Designed separate custom MSMP workflows for position-based security.
• Configured HR Triggers to create change and terminate users automatically when there is a change in organizational structure.
• Designed new workflows for HR Trigger Access Requests.
• Created complex brf+ rules for HR triggers by using custom Info types and subtypes in HR decision tables.
• Implemented multiple SAP notes to resolve the issues faced during this project.
• Helped project team in resolving multiple issues in GRC such as LDAP connectivity, Storage issue, FF Log issues, Workflow issues etc.
• Created test scripts for GRC-CRM integration project.
• Prepared documents to educate CRM functional team, Business users, Security team and production support team regarding position-based security.
• Prepared proper Design document, functional spec document and documents for Hallmark.
• Integrated BI systems with GRC to implement ARA and ARM components.
• Created BPC Non-Production and Production roles.

SAP GRC Consultant

Confidential, Brooklyn Park, MN

Responsibilities:

• Extended ARM functionality to support Confidential Canada implementation which included creating new BRF+ rules, agents and routing rules exclusive to Canada roles and users
• Designed Fire Fighter strategy for Confidential on GRC 10.1
• Tested and fixed certain functionalities in existing MSMP work flows.
• Worked on SOD project to remediate risks
• Created custom notification templates for end users and approvers.
• Created Business roles for all the modules such as ECC, BW, SRM, CRM, PI etc.
• Created GRC documents to end users and production support team.
• Helped production support team in identifying and resolving GRC Access Request issues and FF Log issues.
• Created documents for Role owners, controllers and managers as part of setup
• Create test cases to support each scenario in ARM and FF

SAP CRM Security Consultant

Confidential, Brooklyn Park, MN

Responsibilities:

• Worked with SME’s and Project Managers in gathering requirements for CRM Business roles for Targets Agile Marketing Project.
• Have extensive knowledge on Finance Management and PM&W Modules of CRM.
• Worked with CRM Functional team in designing CRM Business roles using t-codes CRMD UI NBLINKS and CRMC UI PROFILE
• Helped functional team in configuring Marketing Plans, Campaigns, Funds, Funds Management, Budget, Budget postings from security perspective.
• Built CRM End user roles and support roles for Confidential ’s Agile Marketing Project
• Maintained PFCG Authorizations based on Business Role Design.
• Implemented position based security by assigning users to configured positions using PPOMA CRM and designed a role mapping strategy to support role assignment
• Worked with functional team to thoroughly test CRM roles.
• Provided support by resolving issues during cut-over, go-live and hyper care.
• Prepared detailed documentation on Role Requirements, Unit testing and knowledge transfer to production support teams.
• Provided to Support team on CRM specific Authorizations.
• Coordinated with different Confidential teams to perform penetration testing by external vendors on CRM Web UI.
• Upgraded CRM and ECC to latest versions through SU25.
• Designed and developed security for charm process in solution manager 7.1.
• Extensively worked on business role concept in solution manager by integrating PFCG roles with solution manager business roles.
• Worked closely with solution manager consultant in developing business roles - Work centers, External services, Navigational links etc.

SAP GRC Consultant

Confidential, St Paul MN

Responsibilities:

• Activated BC sets, SAP ICF’s and Designed end user and project roles for GRC.
• End to End Configuration for Access Control which includes ARA, ARM, BRM and EAM,
• Configured and customized Rules sets, mitigation controls and alerts (ARA).
• Configured MSMP Work Flows and BRF+ Rules to design multiple paths for General Access Requests,
• Super User Access Request and HR Triggers. Configured multiple paths to in corporate various approval and stages based on role criticality and detour path to notify SOD flags.
• Setup Connectors and architected business roles in GRC-BRM to support user provisioning across ECC, CRM, PI, TM, Portal, BI
• Configured templates for Notifications via SPRO for all the approvers.
• Designed Fire Fighter strategy for cutover, hyper care, production support and end users.
• Configured and maintained FF IDs, Controllers, Owners and reason codes for Emergency Access Management.
• Organized workshops with functional leads to gather master data required for Access Controls implementation (FF IDs, Role Owners, Approvers, Risk and Mitigation owners).
• Worked with Internal Auditors and business coordinators in creation of User and Role Mitigations.
• Scheduled backend synchronization jobs to perform User- Role-Profile, fire fighter Log and Work Flow Sync.
• Supported testing, Setup Test scripts in HPQC for functionality Validation - SOD Analysis, FF logs, jobs, simulation and test plans
• Setup Access management dashboards and reports.
• Created documents for Role owners, controllers and managers as part of setup
• Researched and applied OSS Notes as applicable.
• Extensively involved in post-Go-live activities, and Access Provisioning
• Documented process and procedures for SOD analysis/ simulation, remediation/mitigation, monitoring and applying controls.

SAP GRC Consultant

Confidential, Washington DC

Responsibilities:

• Analyzed security design in ECC 6.0, CRM 7.0, BI 7.0, BOBJ, SCM 7.0 and provided recommendations for improvement.
• Developed SAP Security Policy incorporating industry best practices and recommendations.
• Creating Standard Operating Procedures for User Access management, Role Management and Transport management
• Assisted BASIS in Installation of GRC 5.3 and configured all the components of Access control (CUP, RAR, SPM)
• Implementation & support of all GRC components including RAR (Compliance Calibrator), CUP(Access Enforcer), ERM(Role Expert) & SPM(Fire Fighter)
• Created & Defined JCO connections for Cross System GRC simulation & analysis
• Identified & uploaded role owners, approvers, mitigating controls, control & Fire Fighter ID owners
• Defined the Approval and Access Request Workflow paths in CUP
• Integrated GRC AC 5.3 with Sun IDM 7.2 and was involved in the Intra Migration process
• Configured CUA system to enable single point of user administration.

SAP Security & GRC Analyst

Confidential, Iowa

Responsibilities:

• Worked on Confidential ’s internal Bolt-on tool for User administration, running Health checks (HC), Quarterly Employment re-verification (QEV), Continuous employment need (CBN) and user administration audit.
• Support internal and external (Pearson, Kubota, Honeywell, Phillip Morris- Altria) Confidential clients in user and role administration in ECC, BI/BOBJ, HR, CRM, PI and JAVA systems
• Worked with Business Process Owners in creating a strategy in implementing CRM 7.0 security.
• Created and maintained Business Partners in the CRM system.
• Defined Business roles and implemented position based security by assigning users to configured positions using PPOMA CRM.
• Good knowledge of user interface configuration in WEB UI
• Created business roles along with Role Config, transaction launcher, BI reports in CRM 7.0
• Well versed with contents of CRMC UI NBLINKS- work centers, work center link groups, logical links
• Supported implementation of Access Control, Super user Privilege Management, Risk Analysis and Remediation.
• Involved in post implementation activities- GRC upgrade to 5.3, Disaster Recovery
• Provided and documentation to the audit and Global access provisioning team in Access Enforcer.
• Provided reports to the internal and external auditors and created custom audit roles based on audit needs.
• Worked with the various Business stakeholders in identifying risks, mitigation controls and approval workflows in consideration with current processes.
• Mentored the PMO and audit teams in viewing and analyzing reports.
• Supporting multiple ongoing audits for KPMG, PWC and perform quarterly health checks.
• Modify/ correct external client’s roles per their security policies.
• Designed, built and delivered Security for Solution manager 7.0 system for document Management and Charm with enabler role concept.
• Creation and maintenance of user groups across the entire landscape.
• OSS Management for project requirements including OSS id administration, issuing developer keys, object keys
• Setup of new Java systems along with Basis and Security portal roles.
• Worked with Basis in installing the Kerberos SSO solution.
• Synchronized the Single Sign-On mechanism with the Enterprise Active Directory (LDAP).
• Configured SSO with the Enterprise Portal for both internal and external users.
• Configured and assigned Portal roles for ECC users.
• Involved in using UME groups and SNC, Integrated and synchronized Enterprise Active Directory with the Enterprise Portal.
• Work with management for ongoing sizing of internal and external client support.
• Confidential orientation and knowledge transfer to new hires