SAP SECURITY / GRC LEAD

Detail oriented professional with 14 years of IT experience, of which 9 years as SAP Security specialist with extensive hands on experience in GRC modules.

Insightful, results driven SAP Security professional with notable success directing a broad range of SAP Security initiatives while participating in planning, analyzing, and implementing solutions in support of business objectives. Excel at providing comprehensive SAP Security/GRC design, systems analysis, and full life cycle project management. Hands-on experience leading all stages of SAP Security/GRC development efforts, including requirements definition, design, architecture, and support.

Areas of Expertise:

• Team or Project Leadership.
• Security in ECC 6.0, BI 7.0, EP 7.0,PI 7.0, HR, CRM, PLM, and Solution Manager 4.0
• Extensive hands on experience on portal security using permission editor, zone security and java based roles.
• Hands on experience with structural authorizations in HR
• All modules in GRC 5.x
• Upgrade experience in ECC, BI and GRC
• Hands on experience in Analysis Authorizations
• Full life cycle implementations in SAP, EP, BI, SolMan, and GRC
• Policy planning and implementation
• Security Management
• Compliance Management
• Technical Documentation
• Audit support experience with KPMG, Deloitte & Touche, E & Y, PWC auditors

Professional Summary

• 9 years of strong SAP Security experience
• Role Based Access Control (RBAC) - Design and implement single, composite, and derived roles to restrict system access for authorized users in SAP R/3 - 4.0B, 4.6C, 4.7, ECC5.0, ECC 6.0, BI 7.0, EP 7.0, Solution Manager 4.0, HR, CRM, and PI/XI 7.0
• Multiple implementations experience in GRC 5.x and upgrade experience from 5.2 to 5.3
• Enterprise portal security experience to control access to portal content and iViews such as Java Roles and Groups, permission editor, zone security.
• Configured Single Sign On(SSO) in the portal environment
• Very strong BW/BI security experience including upgrade experience along with HR.
• Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy
• Excellent problem solving skills, team player with good communication skills.
• Performed SAP Security related task such as Security Audits, SOX (Sarbanes Oxley) Compliance, User maintenance, Activity group/Role maintenance using profile generator (PFCG), Upgrade from various versions, Production support.
• Configure and implement GRC tools such as Risk Analysis and Remediation (RAR/CC), Superuser Privilege Management (SPM/Fire Fighter), Compliant User Provisioning (CUP/AE) and Enterprise Role Management (ERM/Role Expert) applications.
• Implemented CUA (Central User Administration)

Technical Proficiencies:
Data Base: Oracle, SQL Server and MS Access
Languages: C, C++, VB, HTML
Platforms: Windows 9x/NT/2000/2003/XP/VISTA, MS Outlook and Lotus Notes
SAP: ECC 6.0/5.0, 4.7, 4.x, GRC(4.x, 5.1, 5.2 and 5.3), BI (3.x and 7.0), CRM, XI/PI(7.0), Solution Manager(4.0), Portal(6.x, 7.x),

Education: Masters in Computer Science

Certifications: SAP certified professional in BW 3.0B.

Professional Experience Summary:

Confidential, June'09 - Oct'09
Sr. Security Analyst

• Upgrade the GRC Complaint User Provisioning (Access Enforcer) and Risk Analysis and Remediation (Compliance Calibrator) tools to 5.3 from 5.2
• Support ECC 6.0, HR, EP7.0 and BI 7.0 security.

Confidential, Jan '08 - Apr'09
Security Lead

• Lead the security team to implement the security roles in IS Media including part of CRM solutions
• Full life cycle implementation of NW 2004s Security starting from blueprint phase in IS Media
• Lead SAP GRC 5.2 tool implementation including Risk Analysis and Remediation(Compliance Calibrator), Superuser Privilege Management(Fire Fighter) , Compliant User Provisioning (Access Enforcer) and Risk Terminator.
• Design and implement role based security in ECC 6.0, MAMC 3.0, Solution Manager 4.0 (SolMan), PI 7.0, EP 7.0, HR and BI 7.0
• Define policies and procedures (SOPs)
• Configured single sing on (SSO)
• Configured the permissions as per the client's requirements using permission editor.
• Defined SOX policies and SOD conflicting matrix.

Confidential, Sept '07 - Dec'07
Sr. Security Administrator

• Lead BW security upgrade from BW 3.5 to BI 7.0 in HR environment
• Analyze the existing BW 3.5 security and provided the scope of changes
• Migrated the data level security to Analysis Authorizations (BI 7.0)
• Cleanup the existing roles with unnecessary authorizations.
• Production support of ECC 6.0, HR, BI, PLM, and CRM
• SAP Enterprise Portal 7.0 role design
• Implemented POC (proof of concept) to reduce the maintenance to access BI reports in portal
• Configured the permissions as per the client's requirements using permission editor.

Confidential, Oct '06 - Aug '07
Security Lead

• Involved in full life cycle implementation of NW 2004s Security starting from blueprint phase
• Lead the security team to implement the security roles in IS Media including part of CRM solutions
• Design and implement security roles in ECC 6.0, MAMC 3.0, Solution Manager 4.0 (SolMan), PI 7.0, EP 7.0, HR and BI 7.0
• Configured the permissions as per the client's requirements using permission editor.
• Define policies and procedures (SOPs)
• Configured SolMan service desk
• Defined SOX policies and SOD conflicting matrix.
• Worked closely with internal audit and SOX team to define the SOD conflicts
• Worked on project proposals and effort estimation on SAP security

Confidential, April '06 - Sept '06
Bridgewater, NJ
Security Lead in SAP R/3 4.7, BW 3.X/7.0, EP, HR, and Virsa/GRC tools

• Upgraded BW security from BW3.x to the BI 7.0.
• Design and implement BI security using custom authorization objects to restrict the users at info object level.
• Design and implement BW and Enterprise Portal roles
• Configure Compliance Calibrator tool by Virsa including setting up the rules, functions, risks and mitigating controls.
• Remediate roles as per the SOX requirements to make the roles free from SOD conflicts.
• Design and implement Access Enforcer tool by Virsa as a user provisioning tool.
• Involved in the business workshops to resolve the SOD conflicts in the current existing roles.
• Design and implement etime project by OpenHR for compensation benefits etc
• Create new transaction codes for programmers and maintain check indicators as necessary using SU24.
• Design, prepare and participate in various Integration tests including the initial unit and PILOT tests by coordinating with the BASIS team in the areas of security transports to other clients and systems including the user master copy whenever there is a client refresh or new client creations.

Confidential, Nov '04 - March '06
Columbia, MD
Security Administrator in SAP R/3 version 4.0B and 4.6C, BW, PLM and EP

• Design and implement BW security for two different groups of audiences (Reporting users and the developers/admins). This includes define custom authorization objects to restrict the security at different levels depend on the business needs.
• Implemented Access Enforcer tool by Virsa.
• Configuration of Compliance Calibrator (Virsa) tool using Rule architect.
• Configured the Fire Fighter tool
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
• Work with profile generator (PFCG) in creating roles/activity groups, profiles, composite roles, derived roles and global roles.
• Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of Significant Processes and controls
• Migrate manual profiles to the PFCG profile/roles
• Performed transports and mass transports of roles.
• User maintenance (User creation/deletion/lockdown/activation/Password management).
• Daily issue resolution and end user support (Production Support issues)

Confidential, NJ, April '04-Oct 04
Security Administrator in SAP R/3 version 4.7, BW 3.1

• Work with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles.
• Created Transaction codes for the programs and ran the transactions.
• Configured Profile Generator and transported settings to all clients, setup security for the developers
• Created users and maintained user master and established security policies and procedures.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
• Performed transports and mass transports of roles.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes
• Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of Significant Processes and controls
• User maintenance (User creation/deletion/lockdown/activation/Password management).
• Used Derived roles to create new roles and to transfer transaction codes from old ones to new ones.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
• Using CATT script for mass generation of roles and User assignments.
• Tracing missed profiles and authorizations for users access problems and inserted missing authorizations manually
• Daily issue resolution and end user support (Production Support issues)
• Worked on analyzing the authorization problems using Trace (ST01) and SU53 transactions
• Check SOD conflicts using Compliance Calibrator (Virsa) tool and apply mitigating controls to make users SOD free.
• Worked on Central User Administration (CUA).

Confidential, Jan 03 - Mar 04
Seattle, WA
Security Administrator in SAP R/3 version 4.0B & 4.6B

• Used STMS system to transport the objects from Development to QA and then to Production in SAP R/3.
• Supported Internal and External security audits in the production system every month.
• Ran security reports for critical transactions and objects and for users who never logged on
• Secured activity groups by Company Code, Plant, Cost Center, Profit Center, and Purchasing Organization etc.
• Analyzed all customer programs and transaction codes for authority checks.
• Analyzed all business roles and mapped them to transaction code according to business processes.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Continuously improved security configuration to reflect best practices and to prepare for system audits.
• Configured Profile Generator and transported settings to all clients, setup security for the developers.
• Established security testing procedures and tools
• User maintenance (User creation/deletion/lockdown/activation/Password management).
• Worked on id administration for over 1200 SAP users in Development, Quality, and Training and Production instances and provided developers key and reset the passwords.
• Provided knowledge transfer for SAP R/3 security environment.
• Documented the procedure for all SAP tasks process and controls.
• Performed trouble shooting on R/3 security problems by using system traces.

Confidential, Feb '02 - Dec '02
Detroit, MI.
Security Administrator in SAP R/3

• Created users, activity groups and assigned required privileges for the database access.
• Generated authorizations using Profile Generator and assigned to activity groups. Activity groups are assigned to user master.
• Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones.
• Effectively analyzed trace files and tracked missed authorizations for users access problems and inserted missing authorizations manually.
• Transported the generated activity groups using SAP transport management system.
• Created users and maintained user master and established security policies and procedures.
• Knowledge transfer to team members, provided ongoing security related support for all security milestones during different phases
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Data passing in client landscape from one client to another client by using Transportation method
• Continuously improved security configuration to reflect best practices and to prepare for system audits.
• Assisted in transports and mass transports of activity groups.
• Educated client personnel in R/3 Security and general Basis knowledge.
• Configured Profile Generator and transported settings to all clients, setup security for the developers.

Confidential, Feb '01 - Jan '02
Atlanta, GA.
Security Administrator in SAP R/3

• Created new profiles and transfer transaction codes from old ones to new ones.
• Extensively used Automatic Profile Generator (PFCG) to create profiles for various modules such as HR, MM, FM, GL, CO, AP, AR etc.
• Created, generated profiles, Authorizations, object classes, objects and assigned to user master.
• Transported profiles between clients within R/3 system and between R/3 systems.
• Performed transports and mass transports of profiles.
• Manual generation and modification of profiles.
• Created Transaction codes for the programs and ran the transactions.
• Created users and maintained user master and established security policies and procedures.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
• Performed transports and mass transports of profiles and Used CATT scripts for mass users and assigning profiles.
• Continuously improved security configuration to reflect best practices and to prepare for system audits.
• Educated client personnel in R/3 Security and general Basis knowledge.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.

Confidential, Jan 1996 - Jan 2001
Software Engineer/ Project Lead
Worked as a software engineer / project lead in Microsoft technologies including VB, ASP, HTML, C, C++, VB Script, SQL Server, Oracle. Have an extensive offshore model experience in working with offshore team in India.