SUMMARY:

• SAP Security Consultant with 14 years of experience in SAP R/3 security and GRC Implementation and administration.
• Participated in 3 full cycle implementations. Payroll processing, PA, OM, Time Management, HCM, Project Management
• Implemented preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy. Strong proficiency in the GRC Suite 5.3 & 10 versions all Access control tools. Worked on GRC systems tuning according to Sarbanes - Oxley (SOX) Compliance rules (Access Control Suite)
• Extensive expertise in the areas of ECC/R/3 Security, Portal Security, CRM Security, BPC, Portal, Solution Manager, SRM/EBP security, FICO, HCM, BW/BI/BO 7.0 security, APO Security, upgrade activities and compliance issues. Used RAR/ARM to identify the business risks and worked with audit and business with the remediation process to meet the Sarbanes-Oxley section (SOX) 404 compliance SOD rules. Customer Service, Service Processing, Service Contracts & Customer Service Workflows.
• Extensive knowledge of repairs processing, goods receipt, storage location and tracking, integration with SAP Sales Order processing and Finance aspects to track costs of repair, details of repair and final invoice to customer, replacement processing including scrap and refurbishment processing, Equipment master setup, tracking and integration with warranty tracking and coordination with SD and FI modules for reporting of warranty recognition
• Hands on experience on Configuration of GRC 10.0 tools EAC, ARM, ARA. Pre-configuration, parameter settings, Centralizing FF system, Workflow configuration. Worked with Audit in creating mitigation control and worked custom control review reports. Experience working with transport management system. Extensive Knowledge in SAP Portal, UME and LDAP.
• Strong knowledge and experience in BI analysis authorizations, troubleshooting and managing assignment using RSECADMIN & RSU01
• Good hands-on experience in HR position-based security and Structural authorizations
• Worked on authorization security using custom T codes
• Expertise in managing user groups and table security
• Used SAP Profile Generator to create, generate and assign authorization profiles
• Designed and Assigned Derived roles, Composite roles and Single Roles using Profile Generator (PFCG) for FI, SD, MM, PP, PM, APO, SCM, BI, CRM modules
• Expert in user administration, end user support, transporting roles and computer aided test tools (CATT). Performed integration and Implementation of SSO in Enterprise Portal with R/3 4.6C, 4.7 and ECC5.0, CRM, BI7.0. Provided day to day security support and administration for all security modules
• Excellent problem solving, analytical, technical and trouble shooting skills, team player with good communication skills. Process Control and Segregation of Duties (SOD)When required.
• Provided SAP Security support while coordinating with the business process owner group and SAP Basis team.Experience with Active Directory
• Experience in using UAR to configure workflow for User Access Review and User SoD Review.
• Assigning temporary ID to super users allowing emergency access Management (EAM) and reporting for audit purposes.
• Automated workflow for user maintenance using auto provisioning tool Compliant User Provisioning (UAM) User Access Management.

PROFESSIONAL EXPERIENCE:

Confidential, Raritan, New Jersey

Sap Security Consultant

Responsibilities:

• Creating, modifying single / composite Roles through Change requests (CR’s)
• Creating and maintaining authorization objects to TCodes in SU24 as per the requirement.
• Working on missing authorizations for the IT & Business users.
• Working on Mass user lock activities on yearend activities through EWZ5 / SU10.
• Mass user creation and roles assignment through Z transactions.
• Mass maintenance of users/user groups. Work on defects using HP ALM tool and assist functional team in resolving security issues.
• Password reset, Validity date extensions upon approvals for users
• Monitoring of Security related Background Jobs on daily basis
• Using system trace to record authorization checks in different sessions using ST01.
• Working with security related tables such as AGR*, USR* etc.
• Generating SUIM reports as per requirement for various dimensional reports.
• Creating user groups and assigned to the respective user ids.
• Working with functional team coordinating in creating and adjusting the roles.
• Missing Authorization analysis using SU53 report from the user.
• Working with Critical authorization objects.
• Tickets handling-related to various issues ranging from user expiration to missing authorizations.
• Analyzing the User Access Problems using SU53 and SUIM.
• Run the trace with ST01 and identify the problem related to objects.
• Restrict table access through Authorization groups through Tcodes SM30/31.
• Troubleshoot authorization issues
• Redesign the existing roles
• Created RFC's between the two systems.
• Configuration of all components ofGRC10.0 system
• Running Risk Analysis on theGRCAccess Control tool
• Removal/Mitigation of SOD violations
• ModifyingGRCrule set
• CreatingGRCaccess request for assigning additional access and firefighter access
• Maintenance of workflow for access requests for assigning additional access and Firefighter access
• Maintenance of SAP licenses by running SAP system measurement report, consolidate results to LAW and submit to SAP.
• Configured and Implemented SAPGRCAccess Control 10.1 all four modules ARA (Access Risk Analysis) EAM (Emergency Access Management), BRM (Business Role Management) and ARM (Access Request Management) along with Approval Workflow using MSMP and BRF+ application.
• Configured CUA for all Systems in theGRCLandscape.
• Provided and support forGRC, policies and procedures, and security role design to users in business terminology
• Recommended and Mitigation Controls inGRC.
• Configured EAM (Firefighter) for additional access to all end users.
• Worked on EAM administration which include assign FFIDs to FFID owner and controller, maintain configuration table, Reason codes and critical T-codes.
• Worked on various roles and eliminated the Transaction codes which are causing conflicts from those roles.
• Performed user level and role level Analysis for SoD conflicts.
• In ARA copied Global rule set to new Ruleset and modified as per client Requirement also include custom
• Configured Access Request Management (SAP GRAC ACCESS REQUEST) all request types.
• Configured basic, detour and parallel workflow using MSMP and BRF+ application.
• Created custom default path by using PFCG user group for approval.
• Configured Email notification for new, change, lock and unlock request and for Firefighter email notification to controller to monitor firefighter activities.
• Define and documented Project plan for day to day operations.
• Created documentation (BPP's) forGRCfrom implementation to day-to-day activity for Client better understanding.
• Created a Segregation of duties (SOD) document.
• Trouble shoot Authorization issue for workflow using STAUTHTRACE and SLG1
• Built SAP Fiori roles with OData services with backend roles so that end user can perform their operation.
• Perform daily monitoring of scheduled jobs related to security and compliance activities and associated

Confidential, Florida, Lakeland

Sap Security Consultant

Responsibilities:

• Creating and modifying Single, Derived and Composite Roles using Profile Generator.
• Perform user administration (creating, changing, maintaining, deleting user accounts) using SU01,SU10
• Maintained restricted field level values in R/3.
• Lock/unlock users and reset user passwords.
• Trouble shooting missing access or additional access for the user using SU53, ST01.
• Worked extensively with user information system (SUIM).
• Good experience of Authorizations and its objects, creation of roles and its administration.
• Provided Detailed Reports of Users, User Status, Roles, Activity Groups, T-Codes and Objects when required.
• Review and act on daily monitoring/change reports.
• Used extensively agr 1251/SUIM for finding roles associated with specific T-codes.
• Restricted tables usage with S tabu Nam at the authorization object level.
• Assigned/Changed org level values to derived roles.
• Assigning /removing roles from users and end dating roles validity date.
• Worked with CUA (Central User Administration) for creating/changing/deleting users/roles in the CUA landscape system (Dev, QAS, Prod)
• Removed sap all, sap new from non-Basis/Security users
• Identify missing authorizations by using SU53 and maintain them manually in PFCG
• SAP audit for users.
• ST03N for Data Usage Analyzer.

Confidential, Vermont, Burlington

Sap Security Analyst

Responsibilities:

• Creating and modifying Single, Derived and Composite Roles using Profile Generator.
• Perform user administration (creating, changing, maintaining, deleting user accounts) using SU01, SU10
• Maintained restricted field level values in R/3.
• Lock/unlock users and reset user passwords.
• Trouble shooting missing access or additional access for the user using SU53, ST01.
• Worked extensively with user information system (SUIM).
• Good experience of Authorizations and its objects, creation of roles and its administration.
• Provided Detailed Reports of Users, User Status, Roles, Activity Groups, T-Codes and Objects when required.
• Review and act on daily monitoring/change reports.
• Trained the resources in SAP Security and created manual for the help desk.
• Analyzing authorization problems/errors and implementing appropriate solutions
• Performing Risk Analysis on user or role level, Define Rule set, Risk, Business process, Action, Roles and Implements them in GRC-RAR. Generating Detail or management report of Risk.
• Fire Fighter Configuration, Creating Firefighter ID, Maintaining Firefighter ID Owner and Controller,
• Assigning Firefighter ID to the user, generating report.
• Hands on experience on Configuration of GRC 10.0 tools EAC, ARM, ARA

Confidential

Sap Security Administrator

Responsibilities:

• Working on creation and modification of roles in QR releases in R3 environment. Working on security tickets as part of Production Support. Working with customized transactions and tables for role creation. Role requirements gathering, role design, profile generator, role testing Design, Analysis, Configuration, Deployment and Support of SAP roles in SAP ECC 6.0.
• Assisted in knowledge transfer to end users. Expertise in SAP single, composite and derived roles design and deployment, Risk Analysis, SOD, SOX compliance. Responsible for user provisioning and support for the client operation and mapped with sodmaster role, composite role, Drive roles and single roles for FI, HR, CRM, BI.
• Experience in testing, pre and post deployment SUPPORT and MAINTENENACE activities. Excellent trouble shooting skills of complex SAP authorization issues.Excellent understanding and experience of user authorization and provisioning in CUA system. Experience in User Administration and has handled approximately 25000 users at one client. Coordinating with SAP Functional and Development Teams to accomplish sound SAP security solutions. Worked on Tables, Classes, and Authorization Objects as per business requirements. Conducted on SAP Security to business users. Worked with offshore team played a user provision key role.
• Excellent problem-solving skills and team player with good communication skills.
• Analytical and critical thinking skills as well as Collaboration and influencing skills.
• Ability to handle multiple and moderately sized assignments simultaneously.
• Interested in process improvement and automation activities where possible
• Excellent analytical and logical skills with a good understanding at the conceptual level and possess excellent presentation with a strong desire to achieve specified goals. Excellent written and verbal communication skills including experience in proposal and presentation creation.
• Open attitude towards and ability to learn and utilize new technologies.
• Specialties: SAP ECC Authorizations, Deployment/Implementation, User Administration,
• Team Member responsible to correct the issues in derived roles. Synchronize it across the landscape.
• Reviewed over 16,000 roles comprising of Master, Derive and Single Roles.
• Where needed used SU24 to correct the issues.
• Used SUIM as and when required to verify the validity of objects and roles.

Confidential

Sap Security Consultant

Responsibilities:

• Implemented GRC Access Control 5.3(RAR, CUP & SPM)
• Configured & Integrated RAR, CUP, SPM & ERM.
• Configured the various connectors in SAP GRC CUP 5.3 to connect to different backend system. Create of Firefighter ID’s based on BPO request & mapping of user id & FF id based on request. Creation of Mitigation Control id & mapping of various risk is with control id based on region & business process.
• Participated in development phase of the system, implementation and role development
• Perform production support until the system was stabilized. Responsible for user provisioning and support for the client operation and mapped with sodmaster role, composite role, Derive roles and single roles for FI, HR, and CRM.
• Responsible forprovisioning Portal roles for the new hires or if any changes in their duties.
• Responsible of provisioning and maintaining a secure area for SAP OSS connection to apply a Note or investigate for Post go live. Responsible for break fix and enhancement which is required after GO live or after cutover. Assigning the role and after assigning the role to control the SOD compliance with SOX. Responsible of development of HR roles and Finance Roles according to SOD Daily use of. Daily use of AGR Tables and USR Tables.
• Transport roles to production system when enhancement or any changes done in development. Attend weekly security meeting to discuss to improve the process of daily activities also to attend. General meeting with functional, developer and Process team members for the status report. Accommodate daily urgent request from Business users or Managers. Open attitude towards and ability to learn and utilize new technologies.
• Responsible for user administration, roles and profile generation.
• Work with business and functional team to gather requirements for the end user authorization needs.
• Handle security development for various Modules FI, CRM, HR, etc.
• Created new roles as per segregation of duties requirements. Created Single role, composite role, and derived role as per organizational structure. User maintenance on day to day basis.
• Transport of roles, profile and user into SAP systems. Locking/Unlocking users based on user group and as per requirement. Extensively worked on authorization objects, fields, authorization and authorization profile in profile generator (PFCG).
• Identify missing authorizations by using SU53 and maintain them manually in PFCG. Analyzed user related information including roles and profiles by utilizing transaction SUIM. Involved in audit activities to ensure Sarbanes Oxley (SOX) compliance.

Confidential

Sap Security Consultant

Responsibilities:

• Participated in SAP Security for more than 25,000 users and maintenance of more than 20,000 roles. Designed, implemented and supported Security Roles and Authorization for SAP
• Team member for Sarbanes-Oxley (SOX) compliance, Segregation of Duties (SOD) and Firefighter. Managed the user authorization process, which included creation and modification of users, role assignment, locking/unlocking and password generation.
• Participated in all phases of an enterprise implementation of SAP ECC 6.0, and provided support post-implementation, working with hosting provider to implement enhancements, fixes, and upgrades. Managed requirements gathering, design, testing,, implementation and post-implementation support of an enterprise implementation of SAP ECC 6.0Worked directly with business users, implementation team members, and implementation partner. Modeling, designing, developing, testing, and implementing appropriate access controls based on business needs. Role design for Business and connecting PFCG roles. Done enhancement in UI components or changes in the navigation profile or in the business role.

Confidential

FoxPro Programmer

Responsibilities:

• Iraqi Credit Bank was one of the major and big banks in Iraq, it deals with money revenue up to billon of Dollars
• Programming the Bank Operation related to the work (Creating user accounts for customers with the bank and monitoring their accounts to make sure the customers get the best service

Technical Support

Confidential

Responsibilities:

• Confidential was a major subcontractor for the support, maintenance, repair, commissioning and operation of PC computers.
• Dealing with the representatives from the government regarding the job description, Purchase order, and time required for the project, and making the proper documents of the projects (document control).