EXPERIENCE SUMMARY:

• Having around 15 years of IT experience including 11 years of SAP Security with strong understanding of information security practices.
• Strong technical knowledge in working SAP Security Support Projects
• Handling Go - Live, Post Go-Live, and Production Support projects.
• Worked on Basis as well as SAP security and GRC 5.3 and GRC 10.0
• Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP applications security.
• Handled security for various modules BI / BW, APO, FI, CO, MM, SD, MDM, HR /Solution manager & Enterprise Portal (EP).
• SAP GRC Implementation and Production support experience, with a good understanding of business processes.
• Remediation of Segregation of Duties (SOD) within SAP implementation for SOX (Sarbanes Oxley) Compliance using GRC tool.
• Worked extensively on pre-SOX audits requirements and working with Auditors to comply the system.
• HANA Security - Configured Standard, Technical and Restricted Users. Worked on System, Object, Analytic and Package Privileges. Knowledge in SAP Studio
• Created the users and building the roles for SAP HANA database through HANA Studio
• Designing of the Object privilege, Package privilege, System Privilege and Analytical Privileges.
• Assigning the privileges for particular schemas, procedures and objects for to the users according the projects. Designing authorization for different business processes and their reports.
• Mapping end to end HANA security to BOBJ users in SAP system
• Managing the SAP HANA transports, creation of the delivery units. Exporting and importing SAP HANA models.
• Worked on the SERVICE NOW tool for Incident management and Change management.
• Worked on implementation of I AM PORTAL for Access management, roles management and Identity management from SAP Security.
• Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across the SAP landscape.
• Worked on the APPROVA One compliance Management tool and handling support activities for compliance and Risk management.
• Broad experience in maintaining single, composite, and derived roles using Profile Generator (PFCG).
• Experience in designing and implementing SAP HR Security using position based Security and ESS and MSS Modules.
• Very good knowledge of producing and analyzing reports in SAP using SUIM, and security related tables AGR*, USR* etc.
• Experience setting up users and security on Enterprise Portal and creating users/user groups through UME for SAP Netweaver.
• Extensive experience with resolving ticket issues and troubleshooting security authorization problems while adhering to Service Level Agreements (SLA).
• Experience on Audit projects and working as a liaison between the security team and auditors.
• Experienced in adhering to the Change Management Process for transporting roles and tables, security objects and maintaining the change documents.

TECHNICAL SKILLS:

ERP: SAP S4, HANA 2.0, ECC 6.0, SAP R/3 Enterprise 4.7/4.6C,BI 3.5/7.0,SCM 4.1/7.0 & EP 7.0

Modules: Basis/ Security/FI/CO, HR/HCM, MM, SD, BW/BI & BPC

Operating Systems: Windows 2000/NT/XP/AIX 5.3

Databases: Oracle 9i/8i, SQL Server, MS Access.

Security Audit Tools: SAP GRC Access Control (10 & 5.3)

PROFESSIONAL EXPERIENCE:

Confidential, Herndon, VA

Sr. SAP S4 HANA Security Analyst

Responsibilities:

• Working as SAP S4 HANA Security support analyst and specialist for SAP S4 HANA Security implementation from ECC 6.0 to SAP S4 with HANA 2.0.
• Worked on SAP S4 HANA Security Projects & Support User Provisioning, Password Management, Privileged User Management, Generic Accounts, Role Maintenance, Authorizations, Audit Logging, User Data Encryption, Policies and Procedures.
• Reviewing and analyzing the existing SAP ECC 6.0 roles and segregating the authorizations as per new SAP S4 implementation strategy.
• Creation and modification of the SAP S4 roles. Performing unit tests and integrations tests in SAP S4 system landscape.
• Creating change requests for Non-production and production transports in SAP S4 systems landscape
• Create ECATT scripts to create test users and assign the remediated roles for testing
• Import the roles to test clients using the transaction code SCC1. Transported the generated roles and profiles in SAP S4 system.
• Designing NATIVE HANA 2.0 database roles with Object privilege, Package privilege, System Privilege and Analytical Privileges in the HANA Studio.
• Creation of Restricted and Standard users as per the business process requirements.
• Getting requirement from the HANA Developers and Basis team for assigning the privileges to the newly designed roles and HANA objects.
• Supporting the HANA access maintenance data is controlled by CATALOG READ Privileges and privilege to the DBA COCKPIT role.
• Worked on the S4 and HANA database User Unification for the DBMS user which was created in HANA DB
• Maintained Audit Logging, Parameters to prevent changes in Production.
• Worked on the table Logging, Specification, Authorization, and Tracking of Change Requests, Approval of Change Requests. Worked on SAP S4 HANA Batch Scheduling and Processing and Backup and Problem Management. Created the users and building the roles for SAP S4 HANA database through HANA Studio 2.0
• Working on the Service Now tickets for assigning the privileges for particular schemas, procedures and objects for to the users according the projects. Designing authorization for different business processes and their reports. Configured and documented RFC's between S4 HANA, replication server
• Managing the SAP S4 HANA transports, creation of the delivery units. Exporting and importing SAP S4 HANA models.
• Performing Task specific customization and maintain connector and connection type.
• Implemented company policies, technical procedures and standards for preserving the integrity and security of data, reports and access. Streamlined and enhanced the corporate accounting and operations system.
• Developed and implemented security policy to adhere to business and auditing guidelines. Shared gap analysis with management and developed plan for offshore team to implement.
• Worked on the implementing ‘Single Sign On’ (SSO) with SAML configurations.
• Working POC SSO configuration with Infrastructure team to set up SAML Metadata and certificates.
• Configuration of General service provider with SAML 2.0, uploading of the metadata and POC (proof of Concept).
• Facilitated multiple training sessions on SAP S4 HANA N+ systems technology and administration to our global basis team. Advanced knowledge on SAP S4 HANA and in-memory technology across or global.
• Worked on the suppoort FIORI security issues for the roles SAP UI2 USER 700 for setting up the ODATA services like UI2/PAGE BUILDER PERS, /UI2/INTEROP & /UI2/LAUNCHPAD.
• Worked on the FIORI for setting up Auth. Object S RFCACL for trusted systems with fields RFC SYSID, RFC CLIENT, RFC USER.
• Creation of the FIORI Catalogs and groups, Target mapping - semantic object, action. Adding Catalogs and groups to the PFFCG roles.
• Worked on the creation of FIORI Tiles (Dynamic, New tiles & KPI tiles) and assigning those to the FIORI users.
• Creation of the FIORI different FIORI roles like UI2 FIORI CATALOGS READ, SAP UI2 FIORI CATALOGS READ, Z: FIORI ADMIN, Z:IT FIORI END USER, ZFIORI CATALOGS GROUPS and Z:TEST ROLE FIN FIORI APP.
• Worked on the /UI2/TRANSPORT- Used by SAP Fiori Launchpad designer to read and assign transport request.
• Worked on the FIORI Security in SAP Net weaver Gateway, ODATA, Web Dispatcher and Load balancer. Deep understanding of security structure for external and internal users.
• Worked on setting up SAP BPC Security and Audit settings to ensure user entitlements and access rights.
• Working on Creation of users, tasks, Task Profile, Data Access Profile, Team. Handling user authorizations for BPC environment
• Worked on the User administration and authentication with CMS and Active Directory domain considerations for User setup & Team setup
• Worked on the Task profile set up for roles System Admin, Primary Admin & Secondary Admin
• Worked on the Creating and modifying Member Access Profiles, also worked on the resolving Member access profile conflicts.
• Worked as Core team member for GRC 10.1 integration with S4 HANA
• GRC Access Controls 12.0 and Process Control (Finance) post installation Support administration.
• Worked on the Access Risk Analysis (ARA) for Segregation of Duties and Sensitive Transaction rule set. Creation of the New risks and mitigation controls as per business processes. Worked on SAP Fiori Apps in SAP S/4HANA
• Worked on Risk Assessment Workflow, Automated Aggregation improvements and Activity Validation Workflow.
• Worked on Business Role Management (BRM) Role Management Solution for importing roles with in Access control.
• Worked on Access Request Management (ARM) User Provisioning Solution.
• Setting up Multi Stage Multi Path or simply (MSMP) is a workflow engine which can be used to accommodate various scenarios of a company’s approval and provisioning processes. Worked on the Workflow Configurations deciding on specific conditions that should trigger a workflow. Worked on creating ‘Contingency plans’ if approvers do not respond within the specified time limit (email reminders, escalation)
• Worked on Emergency Access Management (EAM) Super user Access Solution.
• Worked on creating Firefighter Ids, Owner, controllers the user who requires emergency access. Worked on using the GRC system as the centralized console through which Firefighters can logon to different system for firefighting.
• Decentralized Firefighting to logon to the plug-in systems for firefighting; using the GRC system only for maintaining emergency access assignments and reporting.
• Creating EAM roles in the GRC 12.0 Access control systems.
• Worked on the Configuring EAM Log Notifications.
• Handled Electronically Maintain the Audit Universe. Performed Risk-Based Scoping. Establish Audit and Work Paper Templates. Centrally Managed Findings, Remediation, and Supporting Documents.
• Risk Analytics helps to prioritize enterprise-wide compliance issues. Compliance reports and dashboards turn information into intelligence, Worked on the Compliance Management tool for SOD compliances.
• Consolidate Risks from various silos into a Risk Register to support a universal risk taxonomy
• Centrally manage the entire policy lifecycle. Create policy structures to mirror their existing policy strategy.
• Worked on implementation of I AM PORTAL for Access management, roles management and Identity management from SAP Security.
• Worked on the implementation of SERVICE NOW tool for Incident management and Change management. Segregating roles according to their business processes and aligning them in the SERVICE NOW tools. Designed CHANGE MANAGEMENT process for the transportation of the roles.
• Designed INCIDENT MANAGEMENT for SAP Support team and configured SLA MANAGEMENT for the same.
• Worked closely with SERVICE NOW team for creation of workflows for Approval management. Designed Reports for the business as well as IT for betterments of business process.

Confidential, Richmond

Technical Lead - SAP Security

Responsibilities:

• Discussion with client about requirements and communicating to team members.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what ECC transaction codes each job role will require.
• Analyzed and understand existing SAP security environment and design, business requirements to upgrade from SAP R/3 4.7 to ECC 6.0 EHP6
• Creation of OSS ID and Involved in Security tasks for the Net Weaver portal upgrade from 7.0 to 7.3
• Creation and assignment of firefighter ids and roles.
• Assigning firefighter ids through I AM Portal and /VIRSA/VFAT
• Creating and maintain batch jobs for firefighter
• Creation and modification of the SAP roles. Performing unit tests and integrations tests.
• Creating change requests for Non-production and production transports.
• Create ECATT scripts to create test users and assign the remediated roles for testing
• Import the roles to test clients using the transaction code SCC1. Transported the generated roles and profiles using tcode SE09/SE10
• Create custom roles for Basis team for net weaver portal upgrade
• Extensively used tables like AGR USERS, AGR TCODES, AGR 1251, AGR DEFINE etc.
• Created ECATT scripts for creating mass users, deleting mass users, assigning roles to users, locking and unlocking mass users etc. in a CUA system, also used SU10 for other mass user related tasks. Experience with using Audit Information Systems (AIS) logs (SM19, SM20 and SM18)
• Documentation in various security processes, procedures, auditing; knowledge transfer and an active team player
• Worked on critical authorization Objects like S TABU DIS, S DEVELOP, S RZL ADM, S ADMI FCD and S TRANSPRT
• Built Analysis Authorizations using the transaction RSECADMIN
• Build and tested BPC roles and provide Security appropriate authorizations to the team. Setup security at the Info objects level (field-level security)
• Created Custom Reporting Authorization Objects using transaction RSSM, Linked the Custom Authorization Object to the Info provider.
• Assigned the Analysis Authorizations to the role using the object S RS AUTH
• Troubleshoot authorizations related problems using RSECADMIN. Created User Groups by using transaction code SUGR. Transport Roles using the change request method and also the Download/Upload method for transporting the roles to systems not in the transport landscape. Managed and maintained USOBT C and USOBX C tables by using SU24 /SU25
• HANA Security SAP HANA User Provisioning, Password Management, Privileged User Management, Generic Accounts, Role Maintenance, Authorizations, Audit Logging, User Data Encryption, Policies and Procedures, Audit Logging, Parameters to prevent changes in Production, Table Logging, Specification, Authorization, and Tracking of Change Requests, Approval of Change Requests, Worked on SAP HANA Batch Scheduling and Processing and Backup and Problem Management.
• Configured Standard, Technical and Restricted Users. Worked on System, Object, Analytic and Package Privileges. Knowledge in SAP Studio
• Created the users and building the roles for SAP HANA database through HANA Studio
• Designing of the Object privilege, Package privilege, System Privilege and Analytical Privileges.
• Assigning the privileges for particular schemas, procedures and objects for to the users according the projects. Designing authorization for different business processes and their reports.
• Worked on the critical authorizations and access policies for them.
• Worked on the SOX controls decision making and its implementations.
• Worked as Core team member for GRC 10.0 implementation team
• GRC Access Controls 10.0 post installation administration.
• Activation of BC sets and common workflows in GRC 10.0
• Performing Task specific customization and maintain connector and connection type.
• Handled Electronically Maintain the Audit Universe. Performed Risk-Based Scoping. Establish Audit and Work paper Templates. Centrally Managed Findings, Remediation, and Supporting Documents.
• Risk Analytics helps to prioritize enterprise-wide compliance issues. Compliance reports and dashboards turn information into intelligence, Worked on the APPROVA One compliance Management tool for SOD compliances.
• Consolidate Risks from various silos into a Risk Register to support a universal risk taxonomy
• Centrally manage the entire policy lifecycle. Create policy structures to mirror their existing policy strategy.
• Worked on implementation of I AM PORTAL for Access management, roles management and Identity management from SAP Security.
• Worked on the implementation of SERVICE NOW tool for Incident management and Change management. Segregating roles according to their business processes and aligning them in the SERVICE NOW tools. Designed CHANGE MANAGEMENT process for the transportation of the roles.
• Designed INCIDENT MANAGEMENT for SAP Support team and configured SLA MANAGEMENT for the same.
• Worked closely with SERVICE NOW team for creation of workflows for Approval management. Designed Reports for the business as well as IT for betterments of business process.

Confidential, Philadelphia

Technical Lead - SAP Security

Responsibilities:

• Worked as SAP Security Architect and specialist for SAP Security implementation ECC 6.0 SAP HR upgrade projects . . (SAP Security Support)
• Coordinating with Confidential IT and business teams to find the requirements of the business. Created Role Strategy Document for better understanding of the business and IT roles for ECC 6.0 and SAP HR for more than 900 roles.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require.
• Adopted composite and single roles strategy in the place of old strategies in ECC 6.0. Designed business roles with Task Based approach for some of the operations to avoid multiple roles changes.
• Implemented a strong Security strategy with policy adherence is requisite to manage compliance, minimize risks and to setup a secure and efficient authorization concept with process efficiency and adoption which can be based on organizational structures; business processes and Role based Authorization Concept.
• Reviewed the implementation scope and user role report to determine the necessary project team to manage end-user role and authorization profile creation and design
• Produced an enterprise-wide role matrix, a document that describes authorizations, detailing roles and their assignments to transactions, reports, menu paths, and organizational levels
• Drafted a technical design document of user roles and authorizations, providing the development details for the implementation of the roles
• Generated a user authorization strategy and management procedures, detailing the responsibilities and procedures employed for user and authorization administration
• Defined the role implementation framework prototype, which is a preliminary implementation of the user role and authorization concept
• Designed, developed, and maintained roles for HR / HCM (Organizational Management, Personnel Administration, Succession Planning, Compensation Management, and Performance Management), BI / BW, ESS, MSS, and Portal for Global SAP Implementation.
• Maintenance of HR organizational structure to administer and control user access, including time-delimited access.
• Involved in Implementing Structural Authorization and Extensively used the following T-Codes:
• Made the BI Security Roles as granular and optimum so that the Info Objects can be utilized as much as possible
• Creating Analysis Authorizations based on the business requirements.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used the roles as the medium to assign the analysis authorization objects rather than direct assignment.
• Created roles using PFCG and Analysis Authorizations using RSECADMIN.
• Used SAP best practices like setting the following InfoObjects as “authorization-relevant” and using them in Analysis Authorizations 0TCAACTVT, 0TCAIPROV, 0TCAVALID.
• Resolved BI Authorization issues using RSECADMIN logs and worked with BI developers to modify the reports as per the business requirements and including the authorization variables in the reports.
• Researched and applied OSS Notes (SNOTE) to resolve hierarchy node security, and RSECAUTH / RSECADMIN performance issues.
• Maintained authorization fields (SU20) for the authorization object R PM NAME (Planning Folder) in BI.

Confidential

Technical Lead - SAP Security

Responsibilities:

• Discussion with client about requirements and communicating to team members for creating the SAP implementation plan.
• Technical discussions with the client and core team members about the upgrade activities and the functional. Gathering requirements of the client. Working on the specifications with different business processes.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require.
• Implementation of New SAP security design for ECC 6.0 and BI 7.0 for more than 1000 roles in the SAP ECC 6.0 and BI 7.0
• Creation of new roles, authorization objects in ECC 6.0. Segregating the roles according to their business processes and functions.
• Developing new methodologies for BI 7.0 roles design. Included Analysis Authorization strategy for business reporting roles.
• Creation User maintained policy and dashboard for the User Management. Worked on the users access management for FIREFIGHTER access and their approval processes.
• Created policies for the SAP systems i.e. Password policy, User Access firefighter policy, Critical system access policy.
• Worked on (User Acceptance Testing) UAT queries from the SAP Security prospective. UAT involves lot of testing scenarios to be created and resolving the queries of the client. Successfully completed UAT and approved by client.
• Designed Workflow for the approval process in the change management process and taken care for the transports of the changes done in DEV to QA and Production
• Finalizing the plan and start working on the task list for the consultants.
• Created Checklist for the SUPPORT DESK and started training Support consultants on the newly designed processes.
• Worked on implementation of APPROVA compliance Management tool.
• Setting up policies for the APPROVA compliance management.
• Worked on the APPROVA Audit Management to enable an integrated approach to governance, risk, and compliance (GRC) and allows organizations to effectively leverage from information from other areas of the organization (e.g. policy, compliance, vulnerability data) expedites the data collection and documentation process significantly. Integration capabilities
• APPROVA Compliance Management for SOX to enable organizations to automate and streamline burdensome compliance management process to save time, money, and resources associated with ongoing compliance. With APPROVA, businesses can consistently identify compliance gaps, help justify risk acceptance, prioritize remediation, and react quickly to evolving regulations and overlapping compliance standards.
• APPROVA Enterprise Risk Management to provide an integrated approach to managing a broad spectrum of risks across the enterprise. With APPROVA ERM organized to create a central repository for all risks, controls, and remediation.

Confidential, Texas

Technical Lead - SAP Security

Responsibilities:

• Designed new SAP Security strategy for SAP ECC 6.0 and SAP HR for more than 700 roles and solution providing for the technical and functional specifications
• Decision making for the roles strategy in the ECC as well as in the SAP HR.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require. .
• Created Role Strategy Document for the business and IT roles for ECC 6.0 and SAP HR for more than 700 roles.
• Designed composite and single roles strategy in the place of old strategies in ECC 6.0 . Designed business roles with Task Based approach for some of the operations to avoid multiple roles changes.
• Implemented a strong Security strategy with policy adherence is requisite to manage compliance, minimize risks and to setup a secure and efficient authorization concept with process efficiency and adoption which can be based on organizational structures; business processes and Role based Authorization Concept.
• Reviewed the implementation scope and user role report to determine the necessary project team to manage end-user role and authorization profile creation and design
• Produced an enterprise-wide role matrix, a document that describes authorizations, detailing roles and their assignments to transactions, reports, menu paths, and organizational levels
• Drafted a technical design document of user roles and authorizations, providing the development details for the implementation of the roles
• Implemented new strategies for SAP HR environment. Creation of new roles and structural authorizations for the business accesses.
• Designed the Reporting Strategy for the HR Business Function.
• Designed new HR Security Processes such as assigning of roles to positions, handling issues in portal.
• Created HR structural authorizations design to streamline maintenance and user access issues.
• Designed, developed, and maintained structural authorizations and standard/derived roles for position-based HR security strategy, driven by complex span-of-control requirements.
• Implemented Personnel Administration and Organizational Management (PA and OM) modules of HCM.
• Made the HR Security Roles as appropriate and optimum so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used the roles as the medium to assign the analysis authorization objects rather than direct assignment.
• Worked in all risk control processes including IT general controls, testing plans, testing execution in an integration testing environment and control remediation.
• Extensively worked on management view, risk analysis, audit reports, security reports and background jobs for analyzing the risks in role level.

Confidential, Philadelphia

Technical Lead - SAP Security

Responsibilities:

• Coordinating with clients business and IT for requirements gathering and discussing the best strategies for SAP Security designs.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require.
• Identify General Information Access and Service Usage. Discuss organizational information that will be common to all security roles like company codes, purchasing groups, etc. and have then decide what standard values will be used. Conduct Authorization Interview with Data Owner.
• ECC 6.0 and BI 7.0 Global Delivery Considerations
• Defining documentation standards, the global delivery team can deliver the process/strategy for changing/enhancing the authorization concept and following user management tasks. The team can do these using predefined templates, such as the following:
• User creation
• Role assignment
• Granting/revoking of authorizations
• Role enhancements
• Completely designed and implemented methodology for controlling end user access to plants, fund centers, cost centers, etc. Applied to both R/3 and BW environments. Designed security solution for FI (AR, AP, SD, FA), CO, FM, MM, QM, PM, PS, HR (Time Entry, Travel) modules.
• Designed process for OSS ID’S, Providing Developer Key’s, Providing Authorizations to OSS ID’S and Object Registration on the SAP MARKET PLACE.
• Newly designed BI Security Roles as competitive and effective so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Optimized the Roles and Analysis Authorization for maintenance purposes.
• Used SAP best practices like setting the following Info Objects as “authorization-relevant” and using them in Analysis Authorizations 0TCAACTVT, 0TCAIPROV, 0TCAVALID.
• Maintaining the Users and Authorizations in SAP XI systems.
• Maintained Assignment of Authorization Objects (SU24).
• Maintained program authorization groups (Report RSCSAUTH) and table authorization groups (SE54) to protect access to programs and tables.

Confidential

Technical Lead - SAP Security

Responsibilities:

• Worked on the SAP ECC 6.0 EHP2, SAP BI 7.0 and SAP GRC 5.3 implementation project. (2 Implementations)
• Coordinating with clients business and IT for requirements gathering and discussing the best strategies for SAP Security designs.
• Conduct security Kick-off Meeting and meet with the functional Business Process Owners (BPO) to discuss the SAP authorization concept and explain that security implementation is a cross-application responsibility functional people will know what R/3 transaction codes each job role will require.
• Identify General Information Access and Service Usage. Discuss organizational information that will be common to all security roles like company codes, purchasing groups, etc. and have then decide what standard values will be used. Conduct Authorization Interview with Data Owner.
• Creation of the New roles design document for more than 500 roles in the SAP ECC and SAP BI systems.
• Designed the ECC and BI roles and new strategies for different business processes.
• New role implementation framework prototype is a preliminary implementation of the user role and authorization concept. The prototype does not contain organization-level restrictions and serves as a verification of the technical design. The prototype allows for early recognition and correction of mistakes in the design of the user role and authorization concept.
• Completely designed and implemented methodology for controlling end user access to plants, fund centers, cost centers, etc. Applied to both R/3 and BW environments. Designed security solution for FI (AR, AP, SD, FA), CO, FM, MM, QM, PM, PS, HR (Time Entry, Travel) modules.
• Designed process for OSS ID’S, Providing Developer Key’s, Providing Authorizations to OSS ID’S and Object Registration on the SAP MARKET PLACE.
• Newly designed BI Security Roles as competitive and effective so that the Info Objects can be utilized as much as possible without creating too many Analysis Authorizations.
• Worked on implementation of GRC 5.3 compliance Management tool.
• Setting up policies for the GRC 5.3 compliance management.
• Worked on the GRC 5.3 Audit Management to enable an integrated approach to governance, risk, and compliance (GRC) and allows organizations to effectively leverage from information from other areas of the organization (e.g. policy, compliance, vulnerability data) expedites the data collection and documentation process significantly. Integration capabilities with other enterprise systems (e.g. HR systems, active directory, financial systems) help to shorten the audit cycle dramatically.
• GRC 5.3 Compliance Management for SOX to enable organizations to automate and streamline burdensome compliance management process to save time, money, and resources associated with ongoing compliance. With GRC 5.3, businesses can consistently identify compliance gaps, help justify risk acceptance, prioritize remediation, and react quickly to evolving regulations and overlapping compliance standards.
• GRC 5.3 Enterprise Risk Management to provide an integrated approach to managing a broad spectrum of risks across the enterprise. With GRC 5.3 ERM organized to create a central repository for all risks, controls, and remediation activities across the enterprise wide. Organizations are able to establish common risk taxonomy, allowing them to aggregate, normalize, and centralize risk across Operations, IT, Legal, Human Resources, and other business units for a truly consolidated view of enterprise risk.
• Risk Analytics helps to prioritize enterprise-wide compliance issues. Compliance reports and dashboards turn information into intelligence, allowing you to take action before a compliance breach occurs

Confidential

Technical Lead - SAP Security

Responsibilities:

• As a SAP senior most experienced member Successful SAP Implementation activities of SAP in Confidential Pharmaceuticals of SAP ECC 6.0 and GRC 5.2. (2 Implementations)
• Core team member of Implementation of GRC 5.2 Access Controller with KPIT
• Major role in configuration of all GRC Modules AE, RE, CC and FF with ECC 6.0
• Working on BW security. Maintaining Roles on the basis of ODS, Data cubes. Connecting BIW system to GRC 5.3
• Successful Upgrade for GRC 5.2 To 5.3 and implementation of new GRC functionalities ie. CUP, ERM, SUP, Compliance Calibrator
• Working on Risk Analysis and Remedies (RAR) Reports SOD Violations, Critical Actions, Critical Roles by Risk, Critical Roles by Risk, Mitigating Controls by User.
• Working on Super User Privilege (Firefighter) Transaction Usage Report, SOD Violations Report, Log Report
• Working on User Identity Management (UME) for users administrations
• Security Administration and creating users, creating roles, assigning profiles, assigning roles, assigning authorization objects to roles across landscape
• Scheduling Backups and Checking the Backup of GRC
• Scheduling Background job administration and monitoring in GRC
• Setting up and maintenance of the Profile Parameters(Start/Default/Instance) worked with IT / Internal Audit Department to achieve Sarbanes-Oxley Compliance to overcome SOD issued in SAP ERP System.
• Configured Approval process for User and Role creation as per Organizational requirement in GRC server
• Strong knowledge of JSPM, SDM, Config tool Visual Admin
• Scheduled Managing Report on weekly basis in GRC server
• Prepared and maintain Basis related SOPs
• Good Experience in handling GRC considering SOD and SOX compliance
• Managing Incidence reports
• Created SAP Roles, and users in standalone training environment for 19,000 named user base covering R/3 & BW.
• Trouble-shoot authorization problems using Repository Information System and tracing authorizations using SU53, SU24 and ST01.