SUMMARY

• SAP Certified Technology Associate - SAP HANA 2.0 SPS05 and SAP Certified Application Associate - SAP Access Control 12.0 with more than 13 years of experience in SAP Security and GRC, SAP Basis and Business Object with new Sap technologies.
• Playing a key role as an SAP Security & GRC Onsite Team Lead.
• Experienced in working for Full Life Cycle Implementations, Go-Live, Post Go-Live, and Production Support projects.
• Involved in Full Life cycle implementation of GRC 10.0 /12 Access Control.
• Performed S/4 HANA full lifecycle implementation encompassing design, build, test and cutover activities pertaining to security implementation.
• Various Project methodology was used to perform security implementation that leverages Agile / Waterfall methodology in delivering Plan, Design, Build and Test phases of the project.
• In depth understanding of SOD issues, mitigation & remediation processes, business needs, technical applications, and solutions to meet the challenges.
• Extensive and Hands on Experience in GRC Implementation, Automation, upgrade experience with, GRC 5.3/ 10.0/ 10.1/12 Access Control tools such as RAR/ARA, SPM/EAM, CUP/ARM, ERM/BRM components.
• Hands on experience in Rule Set Customizations, Configuring Mitigation Controllers, Approvers, Monitors in ARA.
• Adept in using Quality Center and apply security best practices for requirements management, test planning, defect reporting, defect tracking and ensuring quality standards.
• Experience in documenting monthly audit reports, audit logs, policies, procedures, and other tracking documents to monitor health of the system and project.
• As an Experienced SAP Security Consultant worked on SAC, HANA DB, IBP, IDM, GRC 12.9, S/4 HANA, SAP R/3 ECC 6.0, BW/BI, CRM, SCM, SRM, Solution Manager, NetWeaver MDM Portal, BW, SRM, CRM, APO, PI, GTS, and FIORI.
• Extensive experience in using ChaRM in Solution Manager (SolMan) for Change Requests and performing retrofits between dual landscapes along with security changes and configuration validations.
• Hands on experience in using Service Market place for opening OSS connections, KBA’s search, SNOTE search for corrections and Security enhancements provided by SAP.
• Extensive work experience in SAP HR SECURITY.
• Certified in DB2 workshop, Change and Release management & Incident, Request, Problem Management.
• Experience in onsite - offshore engagement model, team lead offshore team for project activities and provided training and mentoring the team.
• Experience working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.
• Ability to work under pressure and perform multiple tasks simultaneously.
• Appreciating management and troubleshooting skills.
• Received Awards & Appreciation for Best Performance in Providing Ontime delivery for SAP role development and support projects.
• Previously Worked as an SAP Basis and Security Associate Consultant with Tech Mahindra.

TECHNICAL SKILLS

ERP: S/4 HANA, SAP Fiori, IBP, SAC, NetWeaver 7.*, SAP ECC 5.0/6.0, SAP BW 3.5/BI 7.0/7.4, VIRSA 4.0, GRC AC 5.3/10.0/10.1 ,12.9 SAP CRM, SAP PI Java, SAP SRM, SAP SCM, APO, Enterprise Portal, SAP SSO 3.0, Solution Manager 7.1/7.2

Operating Systems: HP-UX, Windows (Server Edition, Enterprise Edition), LINUX, UNIX

Databases: HANA, ORACLE, DB2, MS SQL Server 2008

Tools: & Ticketing systems: Service Manager, HPQC, Role Pacc, Remedy, GRS, CyberArk, Service now IBM Tivoli with Lotus Notes.

PROFESSIONAL EXPERIENCE

SAP Security Consultant

Confidential

Responsibilities:

• Extensively worked on Viatris project during the merging of Mylan and Upjohn.
• End to end implementation of APO security for Viatris project.
• Gateway role design to include Catalogs, Groups and ODATA. Backend role design to include Tcode, ODATA services, Webdynpro with Authorizations. Trace error log analysis for missing Services and Backend authorizations.
• Experience in various aspects of SAP Security and Authorizations including design of Authorization Profiles/Roles using Profile Generator (PFCG), Testing, User Administration and Transport management, Troubleshooting Authorization issues and analysis. Business Analysis to translate Functional requirements into Technical design of Security roles in S/4 Hana system.
• Designing roles for Fiori apps by adding Catalogs and Groups to S/4 HANA roles.
• Activating services for the Fiori apps in /IWFND/MAINT SERVICE.
• Configuration of complex security roles for SAP IBP System using permission filters and restrictions. configuring security and performing administration tasks such as defining users and teams and assigning roles and privileges for SAP Analytic Clouds.
• Provided critical support for Covid project during Vaccine manufacturing and distribution.
• Worked with other functional teams within IT and the Business to identify opportunities for process improvement and assists in the implementation of those agreed.
• Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP applications security.
• SAP GRC12 upgrade and Production support experience, with a good understanding of business processes.
• Created Repositories Types in SAP IDM Developer Studio, Created Respective Repositories using SAP IDM ADMIN UI then imported identities (Initial Load) from SAP IDM UI from various systems to SAP Identity Center and managed the users from one central place.
• Integrated Identity Management with SAP GRC Access Controls and embedded the risk Analysis and mitigation into each user access request.
• Identify and trouble shoot access request error or job failure in IDM.
• Assist other functional teams within IT and the Business in identifying and analyzing security risks.
• Document the procedures and present for end user training.
• Perform SAP GRC configuration and use SAP GRC to analyze access and provide emergency access to authorized individuals.
• Role design, configuration, testing (HPQC), and deployment methodology within SAP application.
• Perform user audits for customer systems and reviewed role and profile using the GRC to identify and mitigate against potential security risks
• Troubleshooting of Various Components of GRC 10.1 Risk Analysis and Remediation, User Access Management, Business Role Management and Emergency Access Management.
• Configuring GRC Components shared settings and access control specific settings.
• Risk analysis activities: Building rule set, testing, remediate risks, mitigate risks and creating rules using BRF+ environments and performing risk analysis. Building and maintaining MSMP workflows.
• User provisioning by configuring access request form, maintaining EUP and requesting access through Fiori.
• Emergency access management (EAM): Configuring Centralized and Decentralized FFID, Assigning owner and mapping controller. Maintain reason codes. Execute audit reports quarterly and make necessary changes based on the requirements.
• Perform SAP Security functional unit testing for enhancements and test the system by performing thorough integration and system integration testing.
• Created the users and building the roles for SAP HANA database through SAP Web IDE.
• Designing of the Object privilege, Package privilege, System Privilege and Analytical Privileges.
• Assigning the privileges for schemas, procedures, and objects for to the users according the projects. Designing authorization for different business processes and their reports.
• Managing the SAP HANA transports, creation of the delivery units. Exporting and importing SAP HANA models.

Confidential

Senior SAP Security and GRC Analyst

Responsibilities:

• Working with Functional Architect or Process Owner for understanding of requirement as per business needs.
• Gathering requirements and documenting S/4 HANA Security Strategy and framework.
• Documenting and implementing cut-over tasks for the S/4 HANA go-live. Troubleshooting and Identifying the missing OData Services and authorization issues in /IWFND/ERROR LOG and notifying the Basis and Development team to activate them.
• Working with business users to identify the issues with Fiori apps and resolving the auth issues.
• Manages SOD conflicts within GRC and provides support to the business to analyze and resolve potential risk.
• Comply with industry best practices around change management, user provisioning, and privileged access. Commitment to upholding corporate security guidelines including Segregation of Duties (SOD), Sarbanes-Oxley (SOX) requirements during role design and modification.
• Assist other functional teams within IT and the Business in identifying and analyzing security risks.
• Works with customers and functional team to help identify correct user access and role for systems in the SAP system landscape.
• Work with internal/ external audit, segregation of duties analysis and SOX compliance.
• Apply knowledge of risk management principles to develop timely analytical reports that include tables, graphs, figures, and written interpretation of findings.
• Customize the SOD ruleset for custom transactions, application, and consulting business units in reducing the SOD violations.
• Design and assess SAP GRC Access Control suite of programs, including user provisioning, segregation of duty management, emergency access, and role management.
• Performed root cause analysis for security role stacking SOD issues, made recommendations for role removal, and follow up with business users to remove unnecessary role assignments.
• Ran the Risk analysis and Performed Remediation & Mitigation control by leveraging ARA.
• Identifying SOD issues before assigning new roles to the user.
• Business role management (BRM): Configuring role management, create singe, composite and Business roles based on Position and position table mapping for the roles to available in Fiori to request.
• Responsible for GRC 10.1, ACR request, FF id set up and role set up.
• FIORI Table mapping with GRC Business roles after each production go live.
• Mapping/Changing of Owner/Controller Set up for the FF IDs/SPM Ids.
• Work closely with functional consultants for evaluation of requirements and defining, developing and testing the roles.
• Role Development (Master roles, Template roles, Derived, Composite and Business roles) using PFCG for all the process areas including OTC, RTR, MFG, QM, SCE and LOG.
• Transport Management using CHARM and Service NOW.
• Worked on SAP Check Indicator and reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Designing and building roles for S/4 HANA and Fiori Gateway Systems. Building roles for GRC 10.1, HANA DB and various other systems.
• User administration like Creating, modifying, locking/unlocking, Deleting and password resetting based on the request.
• Authorization management and investigations, Transport of roles.
• Updating Process Design Document (PDD), Configuration Design Document (CDD), Security Design Document (SDD) in Solman.
• OSS ID set up and connection open.
• Maintained the RFC connections between different SAP systems using SM59.
• Role maintenance and development in ECC, BI/BW, CRM, SRM, PI/PO, Solution manager & Fiori authorization issue.
• Involve in creating BI 7.0 analysis custom authorization objects & roles through RSECADMIN as per Business users, Key users, and BW developer requests.
• Perform User Master Reconciliation using (PFUD and SUPC).
• Worked on SAP Security and Authorizations, User Tracing, and Troubleshooting.
• Worked on authorization groups and tables trace from applications technical data and SE16 as per business requirement providing table and program access.
• Analyzing and solving the missing authorizations and day-to-day security issues that are being raised by the users.
• Experience in working with FDA regulated environment.
• Worked with Basis on Disaster recovery exercises.
• Providing On call support during go live and cut over activities.
• Actively participated in client discussion and meetings, managed engagements, prepare project documentation, balance the occurrence of unanticipated issues, and lead workshops on security topics as needed.
• Status updates to project managers, global process leads and forecast the estimations and performance of the project from time to time.

Confidential

Senior Consultant

Responsibilities:

• Worked as SAP Senior Consultant, ensured on time and high-quality deliverables also zero client escalation.
• Extensive hands-on experience migration of GRC 5.3 to GRC 10.
• Configured the MSMP Firefighter log report workflow for getting the logs to firefighter controllers.
• Successfully implemented various MSMP Mitigation control workflows like mitigation control setup and assignment.
• Configured various BRF+ rule kinds like Initiator rule, Agent rule, Routing rule and Notification and variable rule.
• Defined customized rule set to expose the violations within the organization.
• Documented best practice processes and controls to ensure that security changes do not introduce new SOD conflicts.
• Review critical & sensitive authorizations, implement improvements to meet audit requirements.
• Contributed towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
• Develop solid working relationships with business and clients as the single point of contact for GRC solutions.
• Closely worked with external audit teams and client management to execute the audit plan.
• Worked with the Internal Audit teams closely for continuous improvement of Security, authorization and controls/compliance areas to apply the best recommended practices.
• Monitored Background jobs in ARA and ensure that they are running successfully.
• Connected CUP with grouped LDAP for global user login for all logical systems.
• Extensive hands-on experience of configuration of EAM Module.
• Activating BC sets for GRC Components.
• Created FF ID’s, Owner and Controller ID’s to facilitate the users to perform the emergency access.
• Audited Invalid FF, Owner and Controller IDs on a quarterly basis.
• Planned and supported monthly production and non-production outages.
• Coordinated with functional teams of respective business areas and setup test user id’s and tracked the project UAT phase.
• Extensively worked on CATT scripts for mass user creation and assigning of single and composite roles.
• User Administration - Creating, deleting, locking, modifying user ID/Temp ID, resetting user password, checking missing authorization, giving additional authorization to user.
• Extension of validity dates for Temp IDs. Updating of user data.
• Authorization management and investigations, Transport of roles.
• FF ID log reports sending to owners in weekly basis,
• Creating OSS ids, S-User ids, Developer keys, Maintain credentials in Secure area at SAP Market Place.
• Worked in BW, CRM, SRM, APO authorization issue.
• Worked on BW analysis authorization issues via RSECADMIN.
• Performed User Master Reconciliation using (PFUD and SUPC).
• Created X id during cutover activities
• Handled portal related authorization issue.
• Created CUP request and approving it in training and security stage.
• Reviewed and analyzed SU53 authorization check report from the customers having problem for validation of errors.
• Experience in cyber security tools CyberArk.
• Worked on IBM Rolepacc tool.
• Experience with Training tool like SABA for the training procedure
• Provided on call support during cut over activities.
• Coordinated with the offshore team and monitored the progress of the tasks and lead the team on the SAP GRC 10 upgrade.

Confidential

Senior Consultant

Responsibilities:

• Creating, deleting, locking, modifying user ID/Temp ID, resetting user password, checking missing authorization, giving additional authorization to user.
• Providing detail reporting on Segregation of Duties (SOD) and critical access violations at both user level and role level.
• Implemented security strategy during a business divestment and developed roles, coordinated with business and testing teams to resolve, or mitigate any technical issues during the build, testing and UAT phases.
• Extension of validity dates for Temp IDs. Updating of user data.
• Authorization management and investigations, Transport of roles.
• Fire fighter ID Set up, and FFID assignment to users
• OSS id set up and OSS connection open
• Handled BW, CRM, SRM authorization issue.
• Handled portal related authorization issue.
• Created CUP request and approved it in training and security stage.
• SUIM, SU53 conflicts using transactions and ST01
• Creating X id during cutover activities.
• Provided On call support during cut over activities
• Working BW analysis authorization issues via RSECADMIN
• Perform User Master Reconciliation using (PFUD and SUPC)
• Creating & modifying system & Communication
• Installation and post installation activities for BO4.0 server.
• Service pack and Fix packs upgrades on Linux and Windows for BO XI3.1 and BOE4.0.
• Audit configuration on Windows.
• Performance monitoring (High CPU utilization)
• BO Client Tool Set Support
• Reports/objects transports using import wizard
• Log4 settings enabling / disabling on Linux
• War files deployment
• Profile parameter modifications in CMC
• MS Native client installation
• BO servers monitoring configuration
• Additional SIA configuration