SUMMARY

• Having around 8 years of SAP R/3 4.7, ECC 6.0, SAP CRM, SAP HR, SAP BI, SAP BOBJ, Central User Administration CUA, SOLMAN, SAP Portal Security experience and Experience in GRC AC 10.0 & 5.3 components.
• Hands on experience in SAP Security Implementation of ECC modules. Successfully completed 2 full life cycle implementations including analysis, conceptual design and worked on teh upgrade projects.
• Have performed all SAP authorization related activities wif well - equipped noledge of User administration, Profile maintenance, Transport management, Trouble shooting and wif an excellent understanding of Sarbanes-Oxley Act and SOD compliance.
• Worked in all phases of full life cycle implementation interacting wif teh customer at client location including analysis, design development, blue print phase, configuration, Cut-over phase, Testing, Training, GO-Live and Post implementation support.
• Supporting Project (creation of bulk user, Support and test ID’s, roles. Adding T codes, custom T codes, Authorizations) Updating teh Specification for any change wif teh proper approvals from central role owners.
• Proficient in analyzing and translating business requirements to technical requirements in SAP.
• Supported SAP Security application for Gas, Pharma, Chemical, Food and Manufacturing industries.
• Termination of user SAP ID’s on weekly basis, based on termination report from HR and managing Roles and Profiles which are not in use.
• Superior Communication skills, strong decision making skills, Organizational skills, and customer service oriented, comfortable working in a fast-paced, hands-on, growth oriented environment.
• Hands on experience in SAP Security Implementation of ECC modules like MM, SD, FICO, PS, QM, SM, PLM, VMS, WM, Java stack of SAP ME, MII.
• Experience in support of SAP CRM and ECC systems for Profile Maintenance and User administration involving creation/deletion/locking/modifying users.
• Experience in redesigning of teh SAP roles based on teh SOD violations.
• Creating, modifying and assigning roles, Restrict access at field level, T-code level and Authorizations level using Profile Generator Tool (PFCG).
• Troubleshooting user missing authorizations using SU53 and ST01. Assigning missing authorizations as per teh user’s requirement.
• Designing of Authorizations based on teh Industry Business Hierarchy.
• Creating Analysis authorizations in SAP BI and assigning to specified roles. Support for teh BI authorization issues.
• Experience in creating and assigning roles and groups as part of Identity management IDM in SAP Netweaver portal.
• Monitoring teh critical transaction codes and ensuring that they are assigned to teh concerned users only.
• Generate security reports for Critical transactions and Objects and for users who never logged on.
• Creating Fire Fighter (FF) ID’s, tagging users ID to FFID’s. Daily monitoring usages of FF and reviewing teh respective approval mails from controller of FF ID’s. Working on Trace (ST01) resolving query, if any.
• Transporting teh generated roles and profiles using STMS and CHARM.
• Worked wif User Information System, creating and changing users and assigning roles to users.
• Created users and maintained user master and established security policies and procedures.
• Configured Central User Administration (CUA).
• Used CUA to maintain users (Creation, deletion, locking etc).
• Assigning firefighter access to users and Generating Log report for Firefighter Ids in Production systems.
• Maintaining SAP Check Indicator Defaults and Field values thus reduced teh scope of SU24.
• Good working noledge of AGR* tables. Maintained table security using authorization groups.
• Experienced in using CATT/eCATT scripts, LSMW during security implementations.
• Experience wif Portal Security, User Management, Development of Portal Roles, Single Sign On (SSO), Identity Management (IDM) and Security Weaver.
• Worked closely wif teh audit teams and resolved production system deficiencies.
• Worked on ticketing tool to resolve teh issues & problems in different kinds of Sap Security modules.
• Collaborate wif other team members and business representatives to ensure that security roles, authorizations, activity levels and settings meet teh Client requirements.
• SAP GRC tool - Firefighter: Assign firefighter Id’s to support users in order to resolve provisionally broad issue. SAP ARA: SPRO Configuration: BC Set activation, configuration parameters, background job syncs, SOD Rule generation, batch risk analysis, Alerts.
• SAP EAM: BC Set Activation; Connectors; MSMP Workflow; creation of access owners; creation of FF Id, Assign owners / controllers / fire fighters to FF Id, monitoring of FF logs, consolidated Log Report.
• Under Risk Analysis and Remediation, performed User & Role analysis to identify existing SoD violations (Risk).
• Using ARA produced Analytical Reports on User, User Groups, Roles and Profiles. Analysis reports provide real-time data and Management reports retain an offline history of SoD status.
• Performed remediation and mitigation against various risks associated wif roles and users. ARA TEMPhas Simulation features to allow you to assess teh impact of potential remediation activities on teh reported conflicts prior to making teh actual change.
• Make use of Role Creation Role Change Request form in order create a new role or make changes to an existing role; Change Request Board approvals mandatory for transports. Simulate teh role using GRC before moving teh changes to quality environment.
• SAP GRC tool - RAR module: Simulate users before actual assignment in SAP. SOD violations found need to be mitigated by using Mitigation Control Document.
• Approving request as a security admin and also approve teh request on behalf of approvers in different stages as a CUP admin.
• Creating user access request through GRC CUP up on teh request.
• Created UME role for users, approvers, admin and IT team in GRC.
• Importing Roles in to GRC CUP wif respective to Functional area.
• Analyzing teh issues in SAP GRC systems for RFC connections, Background jobs.
• Created Business process, functions, risk, rules and generating rules sets.
• Creating and uploading roles, uploading authorizations in SAP GRC, Creating RFCs for adding teh child systems to CUA and integration of teh other systems wif SAP GRC for teh new Deployments.
• Configuration of teh request type, user defaults.
• Designing and defining teh workflows in SAP GRC.

TECHNICAL SKILLS

ERP: SAP ECC 6.0, SAP R/3 4.7, BI 7.0, SCM, CRM, HR, GRC 5.3, GRC 10, SOLMAN.

Operating Systems: Windows NT/98/2000/XP/7, WINDOWS SERVER 2K/2K3 AIX 6.1, 7.1, LINUX 7.2, UNIX

Programming Software: C, C++, Core JavaTools: GRC 5.3, 10.0, QTP, Remedy, HP Quality Center, Hornbill, Front Page and MS-OFFICE

Scripting: CATT, ECATT, LSMW, QTP, UNIX SHELL SCRIPT, Java

Databases: ORACLE 9i/10g/11g, My SQL, MS-Access.

PROFESSIONAL EXPERIENCE

Confidential, St. Louis, MO

SAP SECURITY AND GRC CONSULTANT

ENVIRONMENT: ECC 6.0, GRC 10.0, 5.3.

RESPONSIBILITIES:

• Using ARA produced Analytical Reports on User, User Groups, Roles and Profiles. Analysis reports provide real-time data and Management reports retain an offline history of SoD status.
• Implemented and Configured SAP GRC AC Compliance Applications versions GRC 10.0. Involved in Upgradation of GRC 5.3 to GRC10.0.
• Performed remediation and mitigation against various risks associated wif roles and users. ARA TEMPhas Simulation features to allow you to assess teh impact of potential remediation activities on teh reported conflicts prior to making teh actual change.
• Make use of Role Creation Role Change Request form in order create a new role or make changes to an existing role; Change Request Board approvals mandatory for transports. Simulate teh role using GRC before moving teh changes to quality environment.
• Gatheird Information and Customized CUP Workflows leveraging clients existing user creation process.
• Suggested alternatives for SOD remediation during and after teh Go Live for naming conventions, role swaps for users wif conflicts and configuration changes to keep track of project progress.
• Restrict teh table access using TableSecurityAuthorization Objects like S TABU DIS and S TABU CLI.
• Defined critical transactions to be used for SUPM where in they would be assigned to super users as applicable.
• Configured system audit reporting/ audit log which would provide teh report data for Audit purposes.
• Experienced wif Net weaver for handling user maintenance through UME, User Management Engine.
• Provided technical Security support users on modules FI/CO, MM, PP, MDM, SRM, SCM, APO, SD, BI
• Handled all Security issues related to authorizations and remediation around support and upgrades.
• Implemented Single Sign On, SSO, in Netweaver. dis involved working wif teh Enterprise Directory (ED) administration team in identifying teh Key components of SSO/LDAP technology.
• Restricted access to reports in BI by using objects S RS COMP, S RS COMP1 and S RS AUTH.
• Maintained multi system, multiple environment landscape through CUA configured on Solution Manager for easier user provisioning and administration.
• Work wif Maintenance & Engineering and IT Security management regarding potential access violations per US Security standards and best practices.
• Contribute to daily Security monitoring of all SAP application environments and respond to Service Center tickets for user administration in SAP production and non-production environments wifin designated SLA’s.
• Provide an insight on process improvement to junior team members and groom internal FTE’s, Full Time Equivalents to perform and understand Security challenges.

Confidential, Voorhees, NJ

SAP Security and GRC Consultant

ENVIRONMENT: ECC 6.0 FULL LIFE CYCLE IMPLEMENTATION

RESPONSIBILITIES:

• Requirement gathering, Design, Development, and Maintenance of SAP application security and SAP roles.
• Created customized roles to meet business requirements wif Organizational level value restrictions.
• Make use of report PFCG ORGFIELD CREATE and convert auth field to org level; modify teh effected roles wif proper values in teh org field.
• OSS Operations Support System Management for project requirements including OSS ID administration, issuing developer keys.
• Worked on SAP check indicator defaults and field values using transactions SU24 and maintained check indicators for Transaction code during testing. Worked closely wif ABAP team for Authority Check Statement maintenance.
• Orientation and noledge transfer to new hires and building new client support teams.
• Worked on role remediation wif Business teams and involved in removing teh transaction codes from teh roles and restricting teh objects at teh authorization object level.
• Through noledge of SOX compliance and best practices in SOD remediation. Streamlined teh User Access Request process by clearly defining teh appropriate access for each functional team.
• Performed reconciliation of user master record and roles using PFUD and SUPC.
• Performed user comparison using PFCG, PFUD and also by running PFCG TIME DEPENDENCY job.
• Designed, configured & cutover of GRC Access Control 5.3 - CUP, SUPM & RAR.
• Creating and uploading roles, uploading authorizations in SAP GRC, Creating RFCs for adding teh child systems to CUA and integration of teh other systems wif SAP GRC for teh new Deployments.
• Supported existing installations VIRSA 5.3 - Workflows, mitigating on behalf of control owners/internal audit, GRC upgrade, IDM-GRC CUP web services integrations etc
• Evaluated various implementation approaches including using RSEC MIGRATE, Automatic Generation and manually creating new authorization objects
• Used RSECADMIN extensively to develop authorizations based on teh characteristics and hierarchies identified during analysis.
• Formulated complex mapping documents to establish relationships between teh Info Objects, Analysis Authorizations and their respective roles.
• Manually assigned Analysis Authorizations to users in RSECADMIN as well as in PFCG roles to ensure a lean user assignment approach that eliminates redundancies.
• RFC administration - Setup and Maintain RFC destinations.
• Client administration - Client Creation, export, Remote & local Client Copy, Client Deletion. Securing Clients and Assigning Logical System to client.
• Designed, Developed and Tested ESS/MSS roles in conjunction wif Enterprise Portal.

Confidential, Gardena, CA

SAP Security and GRC Consultant

ENVIRONMENT: SAP ECC 6.00, SAP ME, SAP GRC 5.3

RESPONSIBILITIES:

• Implementing Access Control 5.3: configuring, testing and training of teh SAP GRC suite on a four-landscape environment consisting of Sandbox, Dev, QA and Production.
• Design and development of SAP ME system on Java stack wif teh inputs from client.
• Work wif HR to build AC 5.3 triggers for auto de-provisioning and position changes wifin teh org
• Working wif key stakeholders on requirement gathering and identification of business processes and approvals steps to determine workflow requirements.
• Training and assisting business process owners and approvers understand GRC and its benefits
• Develop courseware for end users, approvers, and internal audit for product familiarization
• Configuring teh Super User Privileged Management (Fire Fighter) in SAP ECC system, Fire Fighter Unit testing.
• Preparing Fire Fighter Pre-work Questionnaire, ID template, Blue Print.
• Integrated IGS Internet Graphic server on every SAP web AS and unit testing to make sure teh graphs are generated accurately.
• Uploading UME roles to enable RAR configuration and handling entire post installation configuration for Risk Analysis & Remediation.
• Setting up teh background jobs in RAR to sync wif teh backend ECC system User, Role, Profile data so as to generate teh management based reports
• Creating rules using Rule Upload SoD matrix mapping to teh SAP standard Risk Ids.
• Uploading Functions & Risks into RAR and Creation of New Functions & Risk Ids.
• Assessing teh Risk levels and impact and accordingly Mitigate or Remediating teh Risk.
• Configuring and running jobs for: Rule Set generation; User Analysis; Role Analysis; Remediation (preparing remediation strategies); Mitigation (preparing mitigation controls at user levels); Risk Terminator (Configuration & Activation).
• Using RAR to alert teh appropriate monitor when conflicting or critical transactions are used or a control is assigned to mitigate a risk.

Confidential, Columbus, OH

SAP Security and GRC Consultant

ENVIRONMENT: ECC 6.0 FULL LIFE CYCLE IMPLEMENTATION

RESPONSIBILITIES:

• Work wif stakeholders, system owners and end users to define business / operations requirements.
• Collaboration in planning, design, development and deployment of new features.
• Liaise wif various business groups to facilitate implementation of new / enhanced business process.
• Extensively involved in Unit testing and Integration testing and coordinated all teh testers in all teh testing life cycles.
• Set up Central User Administration (CUA) to manage systems/clients.
• Configured Super user Provisioning and to give emergency access to functional, technical and audit team members.
• Responsible for Post Installation activities of RAR like upload UME roles, create administrator user and assigned roles, analysis Daemon manager, JCO RFC, etc..,
• Generate rules in RAR for easily create, maintain and manage risks.
• Created monitors and approvers and mapped them to mitigation control.
• Define teh workflows used by teh requestors and approvers.
• Determine teh approvers, roles and teh permissions associated wif each role.

Confidential, Morristown, NJ

SAP SECURITY CONSULTANT

ENVIRONMENT: SAP ECC 6.0

RESPONSIBILITIES:

• Requirement gathering, Design, Development, and Maintenance of SAP application security and SAP roles.
• Created SAP customized roles in PFCG and assigning them to users.
• Created users (Dialog, System, Service, Communication, Reference users) using SU01, SU10.
• Created customized authorization objects and fields to have full control on user data access.
• Provided solutions to complex authorization problems.
• Used both general and structural authorizations to meet business requirements.
• Worked on SAP Check Indicator Defaults and Field values, reduced teh scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
• Creating users, maintaining passwords and authorizations in EP. Grouping users according to Activity, Work set, and Role.
• Created BW roles, Analysis authorizations.
• Ran SOD risk analysis (at Auth object level and Tcode level) whenever their is Role creation, role change or role assignment to a user.
• Creation and Maintenance of documentation for role updating.
• Resolving daily user issues using SU53 and ST01 and working on daily tickets.
• Defined rules in SoD matrix. Ran management report. Ran SOD report to monitor teh associated risks in teh system.
• Defined risks, critical Tcodes and powerful authorization objects.
• Set up audit logs in SM19 and SM 20.
• Submission of reports to auditors from SUIM, AGR 1251, AGR users, and AGR roles, SU24 tables etc.

Confidential, Miami, FL

SAP Security and GRC Consultant

ENVIRONMENT: ECC 6.0

RESPONSIBILITIES:

• Work wif stakeholders, system owners and end users to define business / operations requirements.
• Extensively involved in Unit testing and Integration testing and coordinated all teh testers in all teh testing life cycles.
• Set up Central User Administration (CUA) to manage systems/clients.
• Configured Super user Provisioning and to give emergency access to functional, technical and audit team members.
• Responsible for Post Installation activities of RAR like upload UME roles, create administrator user and assigned roles.
• Generate rules in RAR for easily create, maintain and manage risks.
• Created monitors and approvers and mapped them to mitigation control.
• Define teh workflows used by teh requestors and approvers.
• Determine teh approvers, roles and teh permissions associated wif each role.

Confidential

SAP Security Consultant

ENVIRONMENT: SAP R/3 4.7

RESPONSIBILITIES:

• Redesigning and implementing SAP R/3 Security in a 4.7 upgrade environment remotely through Virsa Systems.
• Defining new Roles redesigning teh existing Definitions and building smaller meaningful Roles based on concentration of job duties.
• Extensively worked wif teh PLOG, P ABAP, P PERNR, P ORGIN and P ORGINCON objects in designing teh HCM Roles.
• Using SOD Matrix and third party tools to determine conflicts and Segregation of Duties issues in Role Definitions before building Roles.
• Creation of Roles based on teh inputs from teh above Matrix and testing in respect to failure or missing authorizations.
• Setting up a New User/ Deleting an existing user, locking/ unlocking a user, resetting password, maintaining a user and work on profile according to need(s).
• Experience on SUIM for various reports, user information, transaction codes, role assessment, troubleshooting etc.
• Check indicators using SU24 transaction code.
• Analyzed and updated security tables in R/3. Working on USR*, AGR* tables.
• Troubleshooting (SU53, SM19/20 and ST01).
• Responsible for creation of monthly audit report using (SUIM).
• Managing SAP user access and password expirations.