SUMMARY

• Complete all security work for upgrades and implementations, including role development, trace, transport, overseeing testing, and user ID administration.
• Strongly expertise in using Profile Generator (PFCG) for creation and maintenance of Roles/Activity groups as required. Security Administration activities such as creating login Ids, assigning and resetting passwords, locking and unlocking users.
• Build authorization checks (SU24) for profile generator access.
• Extensively performed and monitored PFUD, SUPC, SUIM, SU53, SU56, ST01 SCC1, and SE09/SE10.Used CATT Scripts for creating mass users.
• Test SAP authority requirements using ST01 trace function.
• Working knowledge in analyzing and processing SOD issues using the GRC 5.3/10.0 access control tools such as Access Risk Analysis(ARA) formerly known as Risk Analysis and Remediation(RAR), Emergency Access Management(EAM) formerly known as Superuser Privilege Management(SPM)/Firefighter, Access Request Management(ARM) formerly known as Compliance User Provisioning(CUP), and Business Role Management(BRM) formerly known as Enterprise Role Management(ERM).
• Involved in Complete SAP R/3 project lifecycle from Design phase to Post - implementation phase, Upgrade & Support of several ERP implementations involving multiple modules, from system design stage to a “Go Live” stage.
• Familiar in using the ticketing tools like REMEDY,CLARIFY, HP.
• Expert in communicating effectively across the organization and integrating work across relevant areas. Creating manuals and documents for End-User training.

TECHNICAL SKILLS

ERP: SAP ECC 6.0/5.0, SAP R/3, GRC AC 5.3 &10.0,Net Weaver

Operating Systems: Windows 7, Windows Vista/XP

Office Tools: MS Office Suite, Acrobat Read

PROFESSIONAL EXPERIENCE

Confidential, Warren, NJ

Senior SAP Security and GRC Consultant

Environment: ECC 6.0, BI 7.0, GRC 10.0

Responsibilities:

• Project Planning for SAP system authorization, Compliance & Production support including individual task allocation and dependencies.
• Supporting GRC Access Control application including ARA, EAM, ARM and BRM.
• Developed and analyzed periodic Audit steps & quarterly User Access Review for the same.
• Support through Access DB (Incident Management).
• Assisted HR security implementation & support and Auto-Provisioning from GRC.
• Administered entire CUA landscape monitoring & improving performance.
• Well analyzed Segregation of Duties (SOD) with in the region of ECC and HR for provisioning and de-provisioning users using GRC Access Request Management.
• Responsible for creating multiple Composite and Master-Derived roles.
• Excellent understanding of risks involved & risk control recommendations of business processes.
• Extensively used MS Excel to present and track status/ audit reports.
• Participated in Internal and External security audits.
• Proposed & implemented Master-derived role approach as security redesign.
• Facilitated numerous design discussions and consolidated a re-design implementation plan.
• Support for new user creations, role requests, custom auth objects, table restrictions, etc.
• Worked with business, functional leads and Basis to identify critical roles.
• Worked with business to discuss SOD issues and suggested removal violations.
• Responsible for coordinating, communicating, teamwork within the team and end users.

Confidential, Virginia beach, VA

Senior SAP Security Consultant

Environment: SAP R/3 ECC 6.0, GRC 10.0/10.1

Responsibility:

• Working closely with the technical and functional leads to create and maintain security roles, discuss status reports, and policies related to the SAP R/3 systems.
• Handled Security designing roles for all modules of SAP R/3 such as FI, MM and HR.
• Involved in all aspects of SAP security from setting up naming conventions for roles, profiles, and test ids, while working closely with various functional teams to collect role requirements.
• Worked on Central User Administration (CUA).
• Worked on Authorization objects, Activities/values/authorization groups, Roles, Role derivations, Activity groups, Composite Activity groups and User id assignments.
• Analyzed roles and mapped them to transaction codes according to business process.
• Created and generated profiles, authorization objects, object classes, roles and assigned to user master record.
• Used Transport Management System (TMS) for Transporting the generated roles and profiles.
• Extensively used the following transactions on daily basis - SU01, PFCG, SU53, SU24, SM59, SUIM and ST01 for providing technical support to users.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Configured Profile Generator and performed transports and mass transports of roles and used CATT scripts for mass users and assigning roles.
• Performed reconciliation of User Master record & roles using PFUD and SUPC.
• Worked with process experts for SOD conflicts and assigned appropriate roles to the users. Also, supported audit team for generating audit reports.
• Involved in GRC 10.0 end to end implementation
• Involved in post installation and GRC Configuration activities.
• Performed Risk analysis for roles and user level.
• Extracted the FF log reports and sent to controllers.
• Performed Role Sync, User Sync and FF Log Sync successfully.
• Created RFC connection between GRC and Backend systems.

Confidential, Marysville, OH

Security Analyst

Environment: SAP 4.7, ECC 6, GRC 5.3.

Responsibilities:

• SAP Security administration and maintenance.
• Design, Configuration & Testing of SAP Security Roles.
• Creating/ Maintaining the ORG Fields in Objects.
• Role Download/ Upload, Mass Generation/ Mass Transport.
• Mass Assignment and De-assignment of Roles/ Users
• Mapping of Missed Authorization Object in Tcode.
• Locking critical transactions using SM01.
• Analyzing SU53 screen shots to debug authorization problems. Analyzing ST01 trace log to fix the authorization bugs.
• Providing Post Go-live Hyper care support.
• Provided support in implementation of SAP GRC 10.0 Access control suite to the team of consultants from SAP and local vendor.

Confidential

SAP Assistant Security Administrator

Environment: R/3 4.6C, BW3.5.

Responsibilities:

• Worked on creating and updating Roles as per the Basis team requirements.
• Identified and fixed the manual changes in SU24 for specific transactions.
• Recommended a matrix with role definitions that relate to the company functional roles and responsibilities.
• Identified fixes for production issues related to security and tested them in DEV and QA for transport to PROD environments.
• Set up the Profile Generator to create authorization profiles (PFCG).
• Created roles by using Profile Generator and assigned them to users and organizational units (PFCG).
• Creation and modification of Roles and profiles as per the requirement using PFCG.
• Massively transported roles from Development to Production System (PFCG).
• Analyzed user’s outputs and corrected security deficiencies (SU53 & SU56).
• Locked all the critical transactions (SM01).
• Unlock users and reset passwords for the data team members.
• Coordinated in completing the SAP security audit requirements checklist.