Professional Skills

• Over 9 Years of extensive US experience as an ERP and GRC consultant providing both onsite and offsite support.
• Experience in implementation of preventative, mitigating and compensation controls, ensuring protection and adherence to the goals of organizational SAP Security GRC strategy:
• SAP R/3 security, Administration and Development in ERP: SAP R/3 4.0b/4.6c/4.7d/ECC6.0
• Installed, customized and administered SAP GRC Access Control Suite based client needs.
• Maintained security in FI, SD, MM, PP, PM, APO, SCM, BI, CRM and SRM Modules.
• Expert at using Profile Generator (PFGG) for designing Derived, Composite and Single Roles.
• Configured work flow settings to stream line business process in CUP.
• Designed and supported MII systems portal access.
• Helped rolling out Novel IDM for all landscape.
• Experience in working with FDA regulated environment
• Expert in in SOX Audits andIT Compliances, and implemented proper controls to protect the applications security.
• Worked with Basis on Disaster recovery exercises.
• Expert at installing, configuring and using the RAR tool for rules design, SOD, remediation, migration controls and maintaining complete lifecycle blueprint from go live to post go live for continuous compliance.
• Tailored standard Rule Setto meet client’s needsand identified and cleaned up false positives.
• Created and maintainedFireFighter Idfor individual business areas.
• Expert in SOD conflicts analysis and redesigning User/Role based on the results.
• Experience in implementing security for new features of BW/BI, CRM, SRM and Portal.
• Enabled Risk Terminator and Action Usage logs.
• Involved in Security upgradesfrom SAP 4.7C to ECC 6.0,BW 3.5 to BI 7.0 & Portal 6.0 from 7.0.
• Created Custom reports in BO using Security Usage reports for User/Role cleanup.
• On-going security support and administration for all SAP modules.
• Team player and strategic thinker, excellent problem-solving, analytical, technical and trouble-shooting skills.
• Exceptional communication & interpersonal skills.
• Worked closely with functional consultants for evaluation of requirements and defining, developing and testing the roles.
• Business risk review, control and mitigation:
• Installed, configured and administered Risk Analysis and Remediation (RAR) tool.
• Collaborated with Internal Audit and business units to meet Sarbanes-Oxley (SOX) Section 404 compliance.
• Reviewed and enhanced Global SOD Rule Set.
• Compliance and mitigating control review.
• Integrating GRC with BO and BI for RBE on action and permission usage.
• Offline analysison cloud computing for new enhancement tools.
• Ensured all roles and user profiles are SOX compliant for Internal and External Audit.
• Reviewing SAP critical transactions, tables and reports in compliance with SOX guidelines.
• Connected CUP with grouped LDAP for global user login for all logical systems.
• Grouped roles with detailed attributes for easier work flow.
• Configured Requestor Landing Page for CUP and worked on custom request types.

Work Experience

Confidential St. Louis, MO 6/2011 - now 
Senior SAP Security/ GRC Analyst

Sigma Project:

• Worked as a Security design and SOD expert and advised the project team about various role design methods/ recommendation based on the requirements.
• Worked as the Security lead for the project from blue printing to go live/ post go live support,
• Worked as the go to support for all issues related to Security during this process
• Helped client resolve multiple SOD issues in both role level and user level.
• Migrated and consolidated Roles and Users while keeping the user combined access SOD free.
• Helped BA’s with Role mapping and User mapping based on requirements
• Worked with audit in designing mitigating control to cover all required SOD violation to keep the system SOD free.
• Utilized SE16 to pull various reports in for analysis to support design needs.
• Helped mapped users to the roles with job function.
• Helped the team understand security process and answered all security questions.
• Extensively worked on CATT scripts for Role maintenance and User maintenance.
• Documented processes and procedures for the Security Team
• Designed go live procedures and assisted in user training and go live support.

Confidential, St. Louis, MO 4/2007-6/2011 SAP GRC/Security Consultant

Implementation of GRC Access Control Suite 5.3

• Worked in migrating customized rules from SAFE to GRC compliance Calibrator.
• Configured SAP GRC components RAR, CUP and SPM.
• Lead cross-functional collaboration in designing client-specific global rule set.
• Installed and configured CUP with custom workflow.
• Streamlined core business process for automating request processing using CUP..
• Worked on SAP BO/BI reports to list the transactional usage data for user / role clean up.
• Used ST03N/ GRC report for deletion of unused transactions.
• Enabled the client to pass the external SOX audit without any comments for four years.
• Performed SOD user clean-up and conflict-free user mapping for 24,000 users.

SOD Cleanup and Audit Review

• Consulted client for identification and conflict remediation of custom transaction codes and programs with SOD impact.
• Analyze SOD conflicts, identify and assist in implementations of remediation and redesign methods.
• Review mitigating controls and design monitoring methods in collaboration with Audit.
• Performed a company wide mitigating control review and remediation.
• Configured and scheduled SOD compliancebatch jobsfor business-specific areas.
• Provided SOD reports for SOX audit and review.
• Designed custom rules for identifying violations and ensuring compliance with U.S. Federal Business Standards.
• Redesign and customize rules to correct false positives in new business development.
• Configured proper workflow in Access Enforcer for user creation.
• Utilized Debug function to fix configuration and server connectivity issues in access control.
• Installed eqSmart program for processing Risk Analysis and Remediation for external Audit
• Developed, documented and implemented security-related standard procedures for user, roles and profilegeneration and administration.
• Reported directly to Senior Management in mitigation/remediation of SOD conflicts.

Security Tasks –Project Rollout Implementation

• Worked on various projects to consolidate users from acquired companies into the client’s user base.
• Migrated User/ roles from other system while keeping the system SOD free.
• Advised project team about various role design methods and recommended best design for the current system
• Worked with audit in designing mitigating control to cover all required SOD violation to keep the system SOD free.
• Extensively worked on CATT scripts for mass user creation and assigning of single and composite roles
• Expert In Disaster recovery exercise.
• Utilized SUIM (User Information System) and SE16 to pull various reports
• Documented processes and procedures for the Security Team
• Designed go live procedures and assisted in user training and go live support.

Security Tasks –Daily production support

• Used Profile Generator for creating and modifying role changes for production support
• Created users and maintained user master
• Worked with Audit to establish new security policies and procedures.
• Designed new role naming convention
• Maintained role owner database.
• Worked and Maintained regulated system in the research sector.
• Executed daily reports in production to restrict create/change access for people who have configuration access in development.
• Performed daily security checks, monitored unsuccessful logons, inactive users and locked inactive users in Production system
• Managed transactional security (SU24)
• Performed mass changes to user master records using SU10, e-CATT scripts
• Simplified User Groups for easy administration & maintenance
• Supported users for the security issues in all functional modules
• Assisted IT help desk in resolving password/logon issues
• Worked directly with users, functional analysts, and developers to identify security requirements and translate requirements into Security Designs
• Mapped users to Portal roles
• Worked on Portal groups and roles and modified existing roles to integrate with the new Portal system

CRM - CIC Implementation

• Worked as an expert on Security aspect of the project and worked closely with business, IT and BASIS teams on a successful implementation
• Very good understanding of the new authorization concept on Web-based user interface (UI)
• Designed and developed security for CIC using the new WEBUI concepts
• Used CRMD_UI_ROLE_PREPARE report to create text files for defining PFCG role based on business role built by functional teams.
• Used CRMD_UI_ROLE_ASSIGN to assign roles to users
• Used CRMC_UI_PROFILE to assign PFCG role to business role.
• Used SAAB to troubleshoot access issues with navigation links.
• Worked with BASIS to resolve various single sign on problems.

BI Security Administration

• Designed, developed and administered roles for SAP BI 7.0 & BW 3.5 security authorizations & BI Analysis authorization concepts.
• Analyzed the authorization object values for BI end user reporting roles.
• Involved in creating BI 7.0 analysis custom authorization objects & roles through RSECADMIN as per Business users, Key users and BW developer requests.
• Security setup INFOAREA, INFOCUBE, ODS/ DSO, INFOOBJECT & QUERY level as well limiting the query access within the BEx Analyzer by new (BI) Net Weaver 2004S concepts.
• Performed unit testing for all BI Admin roles & BI query end user reporting roles.

Portal Security Administration

• Migrated roles from R/3, BI & SRM into Enterprise Portal.
• Involved in development of services and role tree in Portal Content Directory (PCD).
• Administrating and maintaining password and authorizations in Portal.
• Grouping users according to Activity, Work set and Roles.
• Administered user and system access for Portal Systems using UME.
• Created new users and user groups in Enterprise Portal

Confidential Fremont, CA 01/2006-03/2007
SAP GRC Project Manager

• Managed SOX Compliance Remediation tasks to comply with SOX/SOD requirements.
• Configured and designed customized rule sets to meet client requirements.
• Configured SAP GRC components RAR, CUP and SPM.
• Upgraded Compliance Calibrator 4.0 upgrade to 5.2.
• Verified and validated Access Enforcer 5.2 – automated user request, approval, and compliance provisioning solution
• Performed risk analysis and identification; created users/roles utilizing Compliance Calibrator 5.2 and Access Enforcer
• Implemented Risk Terminator for automated SOD analysis
• Managed and prevented user-access and authorization risk enterprise-wide
• Analyzed and evaluated technical security requirements for SAP R/3 Security
• Advices on Redesigning security roles to resolve audit holes and Segregation of Duties issues
• Worked with BPOs and reported directly to Senior Management in mitigation/remediation of SOD conflicts.

Confidential Torrance, CA 04/2004 -01/2006 
Senior SAP R/3 Security Administrator

• Senior Consultant in building and maintenance of security – managed security for all business areas and business units worldwide.
• Redesigned security roles to resolve audit holes and Segregation of Duties issues
• Worked with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles.
• Extensively worked on Authorization objects, fields, authorizations, authorization profiles
• Created users using (CUA, SU01) and maintained user master and established security policies and procedures
• Involved in role simplification and user clean up.
• Worked on transports and mass transports of roles using STMS and SCC1.
• Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of significant processes and controls
• Maintained rule sets and exception tables
• Worked on user maintenance (creation/deletion/lockdown/activation/Password).
• Tracing missed files and authorizations for users access problems and inserted missing authorizations manually
• Work with Business specialists to help them understand SAP authorization objects, authorization conflicts and options available in mitigating the conflicts
• Worked with functional team leads to define the new transactions.
• Analyzed all customer programs and transaction codes for authority checks.
• Analyzed all business roles and mapped them to transaction code according to business processes requirements.
• Continuously improved security configuration using best practices to prepare for system audits.
• Worked on ID administration for over 1200 SAP users in Development, Quality, and Training and Production instances and provided developers key and reset the passwords.
• Performed knowledge transfer on SAP R/3 security environment.
• Documented the procedures for all SAP task process and controls.

Confidential Irvine, CA 1/2003-02/2004
SAP Security Analyst

• Created and assigned role and user profiles, utilizing PFCG
• Develop profiles/roles which including complex design restrictions
• Performed User Administration and Password Management – expiration of users and profiles(SU01)
• Analyzed programs and transaction codes for authority checks
• Set up security roles and user accounts for new project role out and integration testing.
• Managed transfers and termination of user accounts and license counts.
• Maintained user master and established security policies and procedures.
• Worked with functional leads to define and document new transactions
• Updated transactions via SU24 (managing authorization objects)
• Maintained transactions selection and authorization objects in activity groups
• Designed and created business roles per client requirement.
• Managing mass transport with PFCG and STMS, SE01, SE10
• Created monthly audit reports using SUIM.
• Involved in troubleshooting various problems using SU53 and ST01.
• Documented key SAP security processes.

Education
Bachelor of Science, Electrical Engineering