OBJECTIVE:

To obtain the position of HANA/BI, SAP GRC Access controls, Process Controls, Risk Management, IDM and Expertise in an organization that will give me an opportunity to provide top - notch compliance services

PROFESSIONAL SUMMARY:

• Over 12­­­­+ years of SAP Security experience which includes Full Life Cycle Implementations and Support for both core SAP and NetWeaver components.
• Implementation of SAP HANA Security, ECC EhP6, BW7.4, EP7.4, GRC 10.1, IDM 7.2
• Lead experience and knowledge in implementing and deploying Security Solutions on various large End to End full life cycle SAP projects with native HANA, BW on HANA, IDM, HANA Cloud and On-Premise, Fiori, BOBJ, Portal, GRC, Solution Manager, SRM, BPC, ECC with SD, MM, FI, CO, PP, WM, QM, HR modules
• Proficient in IT Audit, SOX, GRC and SAP/HANA Security best practices, architecture and role-based authorizations
• Implementation of SAP Fiori, HANA Security, ECC EhP6, BW7.4, EP7.4, GRC 10.1, IDM 7.2
• Experience with Single Sign On/Security configuration on SAP by using Kerberos, SAML 2.0 and SPNEGO.
• Strong experience with security & modeling through a conversion to suite on HANA, manage and remediate impacts
• Proficient in SAP authorization concept, role matrix, creating users and assign roles. Analyze, design, configure, build, test and deploy roles/profiles, and perform Sarbanes-Oxley (SOX) & Segregation of Duties (SOD) conflict resolution
• Proven track record in designing and delivering SAP/HANA Security roles, reporting & analytics policies, processes, procedures, documentations and solutions for global organizations, and using same for end user
• Expert in configuring SAP HANA authorization configuration for audit logging (user management, system and data access), tracing, users/roles, and privileges.
• Expert in creating and assigning Analytical Privileges, System Privileges and Object Privileges through Roles for users in HANA
• Expert in working with cutover team in scheduling and planning tasks and security rollout/cutover activities and hypercare (post production security support)
• Expert in creating/updating of Master/Derived, and Single/Composite role, analysis authorization
• Expert level experience in eCATT and LSMW for creating/uploading/copying mass users/roles /positions/analysis authorization, adhoc queries (SQVI ) and lookup
• Expert in SAP System, Business, License audit and IT controls.
• Expert in resolving SoD violation, risks and rule set creation
• Expert in securing system and data through customization of role maintenance, tables, Security design & implementation for assigning users to LDAP group for synch/upload with BO and access to HANA
• Creating role build plans and project schedules and driving current and future state architectural security roadmap
• Facilitating meetings with the business to gather business and technical requirements and the expected solutions
• Representing IT and security at meetings and speak to what we are doing and responsible for the deliverables
• Analyze, prioritize and translate functional requirements into technical design for SAP NetWeaver, and collaborate with teams and leads to ensure the requirements are met. Supporting test and cutover plans, and cutover execution
• Mapped the user requirements and produce gap analysis to identify alternate solutions specific to SAP Security requirements and provide technical recommendations on design and architecture framework and improvements
• Strong experience with Sarbanes-Oxley, IT risk assessments, develop reports & coordinate audit remediation activities IT auditing with a Big 4 audit firm. Manages Audit activities to identify IT risk and evaluate applicable IT controls
• Oversees the testing. Educates management teams about identified risks and designs controls to cover those risks.
• Strong experience with security & modeling through a conversion to suite on HANA, manage and remediate impacts
• Proficient in SAP authorization concept, role matrix, creating users and assign roles. Analyze, design, configure, build, test and deploy roles/profiles, and perform Sarbanes-Oxley (SOX) & Segregation of Duties (SOD) conflict resolution
• Proven track record in designing and delivering SAP/HANA Security roles, reporting & analytics policies, processes, procedures, documentations and solutions for global organizations, and using same for end user
• Security design & implementation for assigning users to LDAP group for synch/upload with BO and access to HANA
• Facilitating meetings with the business to gather business and technical requirements and the expected solutions
• Representing IT and security at meetings and speak to what we are doing and responsible for the deliverables
• Analyze, prioritize and translate functional requirements into technical design for SAP NetWeaver, and collaborate with teams and leads to ensure the requirements are met. Supporting test and cutover plans, and cutover execution
• Mapped the user requirements and produce gap analysis to identify alternate solutions specific to SAP Security requirements and provide technical recommendations on design and architecture framework and improvements
• Strong experience with Sarbanes-Oxley, IT risk assessments, develop reports & coordinate audit remediation activities IT auditing with a Big 4 audit firm. Manages Audit activities to identify IT risk and evaluate applicable IT controls
• Oversees the testing. Educates management teams about identified risks and designs controls to cover those risks.
• Proficient in working with onshore/offshore and leading teams in global environments with 24/7 system availability SAP HANA/ HANA/FIORI/BI/BW/BOBJ
• SAP HANA/BI Platform security experience with a great personality and able to lead and teach teams
• Strong background and hands on experience in SAP HANA security and has deployed SAP BOBJ with native HANA and suite on HANA with Teradata. Development and reporting experience with SAP Business Objects (BO) 4.0/4.1, HANA, BI, BW HANA, BOBJ, ECC, MDG & Analysis for Office full life cycle implementation from beginning to end
• Proficient with managing new security and modeling (calculation, analytic and attribute views) aspects of Suite on HANA - Studio, Cockpit, design time roles, change recording/lists, delivery units (DU), Application Lifecycle Manager (HALM), CTS+ transports, password policy, single sing on (SSO) authentication and support for end user
• Strong experience with Native HANA views/models, Business Objects (BO) on HANA, security & user management
• Designed authorizations for HANA objects & setup HANA privileges (system, object, analytic, packaged, application)
• Proficient with HANA user management, trace/troubleshoot and resolve issues, auditing, data volume encryption, SAP GRC 10.1 integration and automation with HANA and user management for HANA similar to other SAP systems
• Understand BW Security Models, mix-models and hybrid in SAP HANA and BW Analytics Authorization Assistant

SKILL:

SAP Systems: SAP R/3 4.7/ECC6.0,EHP7,Netweaver 2004/2007 (NW 640), Netweaver 2004s (NW 700), NW 7.0, 7.3, 7.3.1,7.4,7.5, SRM7.0,SCM7.0 EP, XI/PI, BW 3.1/3.5, Solution Manager 7.2/7.1/ 7.0/4.0 , S/4 HANA1511,1610

Project Domain: Implementation, Support, Integration &Team Leadership

Central System: Solution Manager 4.0/7.0/7.1/7.2

Operating System: Linux, AIX, Solaris, Windows, Korn shell and Perl scripting, HACMP

RDBMS: Oracle 9i/10g/11g, MS SQL Server 2005/2008/2012 , DB2 9.5/9.7& Sybase 15.7

PROFESSIONAL EXPERIENCE:

Confidential

Security/Single Sign on Architect

Responsibilities:

• Lead SDLC, planning, documentations, analyzes, hands-on solution design, build and administration.
• Constructed and implemented Kerberos authentication between HANA and Tableau Desktop
• Mapped and implemented SAML 2.0 SSO between HANA and XS, Ide, HALM
• Directed and implemented SAML 2.0 SSO between HANA and Tableau server
• Planned the Business Blue Print
• Implemented SAML 2.0 to access and publish the HANA live datasources in Tableau server
• Outlined the test scripts as part of system integration testing and user acceptance testing
• Patterened configuration design document to train the stakeholders
• Trained Tableau and BASIS teams as part of project cutover activities
• Provided excellent solutions for issues on HANA database, Tableau, XS, Ide
• Generated keys and SSL s in HANA database for SAML configuration
• Configured user specific traces as part of debugging process
• Provided optimal solutions to the utmost complicated scenarious
• Led on HANA Attribute, Analytic and Calculation views/models, and single sign-on (SSO) across HANA/BI/ Tableau etc.
• Technical lead expertise on design & solution. Researched new solution to meet current & future security needs
• Designed and implemented security for SAP BW on HANA migration with analysis authorization to analytical privileges and roles.
• Created roles / users / analytical privileges in SAP HANA studio and set up user security.
• Configured audit policy in SAP HANA studio for logging and keep tracking records. • Configured authorization trace and resolved day to day authorization issue in SAP HANA

Confidential

GRC/ HANA Security Consultant

Responsibilities:

• Gathered security and report requirements, designed HANA analytic privileges and design-time roles
• Designed BW on HANA and Native HANA modeling and security for Hybrid/mixed model’s scenarios of a large global implementation.
• Designed BW Security Models in SAP HANA and BW Analytics Authorization
• Assistant, and the creation of security schema for generated HANA Views in BW on HANA
• Led on HANA Attribute, Analytic and Calculation views/models, and single sign-on (SSO) across HANA/BI/ BOBJ/Tableau/Webi etc.
• Defined SAP HANA Security Architecture, Authentication, Authorization, SSO, Encryption Options, Audit Logging, etc. in the customer system landscape and worked on reporting & analytics and Implemented Authentication Methods for SAP HANA.
• Provided impact analysis and solutions for projects related to SAP HANA and User Access Management
• Defined process of running program RSEC MIGRATION and the 3 Analysis authorization concept migration Strategies recommended by SAP.
• Defined and managed Privileges/roles/authorizations for enterprise BI, Implemented and designed stored procedures,
• Worked with database administrator, business, modeling and security teams, and provided expertise on HANA Studio, BW on HANA and BOBJ (Business Objects reporting) Security/views configuration and maintenance of User Administration in HANA DB.
• Technical lead expertise on design & solution. Researched new solution to meet current & future security needs
• Designed and implemented security for SAP BW on HANA migration with analysis authorization to analytical privileges and roles.
• Created roles / users / analytical privileges in SAP HANA studio and set up user security.
• Configured audit policy in SAP HANA studio for logging and keep tracking records. • Configured authorization trace and resolved day to day authorization issue in SAP HANA
• Created mass users/roles using eCATT / SU01 / SU10 / PFCG and role assignment, user/roles deletion, password reset, mass parameters set up
• Worked with business and functional team to set up meetings for project requirement gathering for BW, HANA and GRC, BOBJ.
• Designed access to assign users to BO LDAP group, and assign folder access in BO and role in HANA Studio and created SAP HANA Technical, Project specific users.
• Provided understanding of Authentication and Single Sign-On (encryption options and use cases) and Implemented Password Policies and Parameters
• Implemented and configured Analytical Authorizations
• Designed and implemented Dynamic Analytical privilege authorizations
• Designed and Maintained Roles in HANA.
• Implemented Transport Mechanism
• Implemented Security Design for Analysis for Office
• Implemented Security Design for groups in Ariba
• Implemented Test Scripts as part of Regression Testing
• Defined the process for creation/change of BW users in HANA
• Implemented User Access Review as part of reviewing and eliminating the Roles for unauthorized users
• Implemented Segragation of Duties Review for initial and long-term strategy to review and affirm previous mitigation assignments

Confidential

GRC/ HANA Security Consultant

Responsibilities:

• Designed, Implemented and configured GRC10.1 landscape for DEV, QA, PRD, environment for access control components ARA, BRM, ARM and EAM.
• Created RFC connections / customized connectors / connector groups for GRC Access Control, Risk Terminator, Process Control and Enterprise Risk Management (ERM)
• Configured application in client, Activated Business configuration Set (BC Sets), SICF services
• Managed access control table and organizational hierarchy for mitigation and process control.
• Downloaded / uploaded SAP standard rule set and created/maintained/synchronized / generated customized rule set.
• Created new functions/rule set and access risks, SoD rule set and mitigation controls
• Configured MSMP WF for access request and approvals.
• Scheduled background jobs for authorization sync and repository sync
• Created roles based on the SoD risks to remove the SoD violations.
• Created Customized BRF+ rule and configured in MSMP for access request.
• Designed and implemented security for SAP BW on HANA migration with analysis authorization to analytical privileges and roles.
• Created roles / users / analytical privileges in SAP HANA studio and set up user security
• Configured audit policy in SAP HANA studio for logging and keep tracking records
• Configured authorization trace and resolved day to day authorization issue in SAP HANA
• Created mass users/roles using eCATT / SU01 / SU10 / PFCG and role assignment, user/roles deletion, password reset, mass parameters set up.
• Worked with business and functional team to set up meetings for project requirement gathering for BW, HANA and GRC, BOBJ.
• Conducted scrum meetings with business, functional and technical team to set up cutover activities for roles, catalog, groups in S 4/ HANA, Gateway and Fiori
• Worked with project management team to set up the security green lights to meet the dead project deadlines
• Analyzed and traced system to resolve user issues using SU53 / ST01 / rsecadmin /
• Created / updated Master/Derived and composite roles. • Worked with solution manager for incident management.
• Set up BOBJ security and authorization concept at folder level and group and group inheritance
• Set up authorization / security at info cube / info objects and creating new analysis authorizations
• Created users/groups/sub groups with different access levels including group and folder inheritance
• Created analysis authorization with RSECADMIN
• Provided user in sap security and user, roles management, mapping and tracing
• Created eCATT for the creation of users/ maintenance of users /role assignment in Central User Administration (CUA)
• Developed Audit and password policy in SAP HANA Studio / HANA Cockpit
• Created analytical privileges and created roles in HANA Cockpit / studio with analytical privileges and objects.
• .Created portal users and roles in user management
• Set up users / roles for HR position based security
• Analyzed the existing system and cleanup all the roles and user access based on the internal and external auditor checklist. Analyzed and set up all the SAP system parameters / IT controls and SOX related reports.
• Worked very closely with internal and external auditors
• Prepared documentation for user and SOX compliance for audit.
• Provided production support to resolve the user issues.
• Helped BW and BOBJ developers to create info objects, folders and setting up security in BW and BOBJ.
• Analyzed SAP system to clean up roles and transaction code not required in the roles, using AGR tables, SUIM and ST03N

Confidential

Solution Architect

Responsibilities:

• Responsible for IdM 7.2, SAP HANA Security, GRC EAM 10.0, Risk Management, Process controls Implementation
• Lead successful Go Live of IDM 7.2
• Performed SAP IDM Implementation & Production Support as a part of the project, with 20+ SAP & Non SAP Applications to perform Centralized provisioning.
• Amended the Java scripts for the tasks and jobs as per client & Build repositories and troubleshoot connection problems.
• Build complex Approval workflows.
• Handled complex reporting structures using SAP NetWeaver Jobs or sequence of tasks in the Identity Center.
• Creation of connector
• Configured GRC for Emergency Access Management (EAM).
• Activating the Business component sets delivered by SAP in GRC 10.0
• Configuration of SOD Rule sets in Access Risk Analysis in DEV environment and Transported to Quality and Production systems
• Conducted Meetings and workshops for Business to design the approval workflow.
• Prepared configuration design document for Emergency Access Management
• Prepared EAM Manuals for IT point of contacts
• Configured Master Data in PC
• Configured PC Framework
• Configured Enterprise Risks
• Responsible for blueprint of complete SAP HANA security for logical and physical design in a fully integrated Enterprise environment. Leads and establishes SAP/HANA security design, build, deployment and audits with hands-on in HANA Studio, ECC, GRC, BO, CTS+, Analysis for Office
• Tests security roles, resolves defects, creates users, assigns roles and supporting global rollouts and post go-live
• Able to map out the required SAP Fiori Apps, SAP transaction codes, and SAP WebDynpro applications on the frontend and to create and generate SAP Backend authorizations for a SAP /HANA 1610 system based on SAP Fiori 2.0 Frontend Server Tile Catalog. Able to create/modify users in HANA, /HANA and Fiori
• Working with the application team to define analytical privileges on business data for each application and configuring the system for Design-time roles and Analytic Privileges, and carry out unit tests and transports
• Identifies the necessary SAP HANA privileges (system, object/SQL, analytic, package, application) required for each user (developer/admin/functional/Business Users etc.) and add them to the roles/user profile
• Works on end to end implementation on HANA Security (HANA Database and Analytics) and MDG on HANA
• Participates and leads focus groups. Partner with internal and external audit teams for establishing controls and Work with project teams in testing them during UAT and cutover activities. Help remediate security as required
• Worked with reporting & analytics teams, multiple business process teams, internal/SAP security, audit teams and database administrators on various activities. Ensure proper controls are in place for SAP/HANA/BI roles and authorizations and that ongoing governance is in place and occurring for the SAP NetWeaver applications role approval workflow and streamline end to end processes to reduce human error and improve audit process
• Supports detailed test plans (integration, regression, UAT) for SAP HANA and facilitates planning/ execution
• Supports modeling of Calculation views and creation of test cases/scenarios to exercise functionality (including system interfaces), and provides security access to perform tests, and confirm/document results
• Contributes to cutover plan and participate on cutover executions. Provides go-live and post production support
• Watches for and identify emerging business/technical risks. Develops and recommends risk mitigation plans
• Project includes implementation, configuration, admin and support of SAP GRC 10.1 ARA, ARM, EAM & BRM
• Plans, coordinates & executes administration of user provisioning, de-provisioning and password management
• Accountable for support activities that include HANA Studio security, changes and CTS+ transport migrations
• Utilizes the Service Now application to support incident and service request tracking and reporting
• Monitors Queue and Provides Support as defined in Service Level Agreements (SLA)
• Works closely with both SAP technical and functional teams to ensure the success of the overall SAP NetWeaver Solution Supports the periodic Security reviews and document the review completion evidence For all role enhancement/defect works, ensure all target dates are met, roles are moved in a compliant state
• Traces & develops solutions to HANA security issues in production, QA, testing & ; development environments

Confidential

GRC Lead Consultant

Responsibilities:

• Lead in successful Go Live in SAP GRC 10.1
• Creation of connectors
• Configuration GRC for Access Risk Analysis (ARA), Access Request Management (ARM) and Emergency Access Management (EAM).
• Activating the Business component sets delivered by SAP in GRC 10.1
• Configuration of SOD Rule sets in Access Risk Analysis in DEV environment and Transported to Quality and Production systems
• Conducted Meetings and workshops for Business to design the approval workflow.
• Prepared configuration design document for Access Risk Analysis, Access Request Management and Emergency Access Management Modules.
• Lead in successful Go Live in SAP GRC 5.3.
• Configuration of GRC RAR, CUP, SPM and ERM.
• Configurations and Integrations done for GRC CUP with Non SAP Applications and Approval Workflow Process
• Support for GRC Audit for more than 12000 users.
• Configured Role remediation request workflow in CUP through Green light Laser Focus application.
• Defined SOD Rule sets to perform Risk Analysis for Non SAP systems

Confidential

SAP Security Analyst

Responsibilities:

• Lead in successful Go Live in Configuration and Implementation for Compliance Calibrator and Fire Fighter Modules.
• Identified the roles needed for GRC implementation and built the role matrix.
• Performed unit testing for all the transactions required for the functional roles and captured the authorizations required.
• Conducted various workshops with business and functional team and gathered the requirements needed for the identified functional roles.
• Assisted in building the SOD matrix.
• Created custom authorization objects for additional security as per business requirements.
• Maintained the check indicators for all standard transactions in SU24.
• Involved in Unit/Transaction testing, Field level testing, Functional Role testing, Integration testing.
• Completed the cutover activities from security end.
• Involved in multiple go lives for the GRC project and supported the project post go-lives.
• Developed various BI roles for end-users and power users.
• Support for more than 10000 users.
• Resolved Daily Production Support Issues.
• Implemented GRC tools Compliance Calibrator and Firefighter for SOD Analysis such as User level, Role level, Authorization object level etc.
• Working knowledge of Segregation of Duties
• Creation of users in BI.
• Implemented Analysis Authorizations
• Creation of Users / Roles in the Portal system solving reporting authorization problems
• Ran trace from the RSECADMIN and resolved authorization Issues
• Creating of single user, mass users and groups as per the request approval process
• Creating and Maintaining single Roles, Composite and Derived
• Assigning Roles And profiles to users on the service request approval
• Configuring authorization objects, fields and generating profiles
• Assigning authorization objects to transaction codes
• Analyzed SU53, ST01 screen shots to debug Authorization problems.