SUMMARY

• Over 9 years of extensive experience in IT as SAP BASIS/Security Administrator.
• Worked extensively as Basis/Security Administrator, Database Administrator, System Administrator and Network Administrator/
• Experience in Administration, Implementation and Supporting SAP R/3 Systems (ECC 5.0, 6.0, 4.7, 4.6, Solution Manager, BW and GRC 5.3)
• Worked on three SAP full life cycles implementations. Extensive experience as a SAP Security & GRC RAR 5.3 administration.
• Knowledge of New Dimensions like SAP Portal, BW Administration, GRC Implementation 10.1
• Project responsibilities included designing and implementing Security for new environments to ensure that an experienced SAP companies Security policies adhered to concerns identified during internal audits (SOX) and general controls reviews.
• GRC (Virsa) security risk analysis for user access
• GRC security risk analysis for role creation and modifications
• Proven experience in ability to adapt quickly and work in teams, a can - do ability to take charge when necessary and drive the work to completion.
• Excellent communication skills, strong analytical and interpersonal skills.
• Performed reviews for program change control, application Security, and process integrity. Conducted unit testing and functional integration testing of Security profiles. Reviewed and assessed controls surrounding SAP R/3 administration Security.
• Strong experience in analyzing business and systems processes to assess current controls designed and administered new control guidelines and procedures.
• Implementing Security Policies as per Audit Reports
• Proficiency in Client administration including Import, Export & Transport of clients.
• Configuration and Maintenance of the Change & Transport Management system.
• Configuration of Compaq and Dell servers on Windows 2000 & Win 2003 operating system by defining optimal NT Disk layout, OS tuning, performance improvements and troubleshooting.
• Worked as in System Administration/Network Administration, configuring TCP/IP, DNS, DHCP.
• Team player with strong trouble shooting skills.
• Excellent communication & interpersonal skills.
• Actively direct employee performance through planning, establishing expectations, encouraging, promoting quality and ensuring continuous improvement
• Lead team members through the Performance Management Process by identifying goals and measures, providing feedback to team members, and overall rating recommendation to manager
• Act as a role model and source for direction, and guidance (mentoring) for less experienced staff
• Develop team members by ensuring cross- and support flexibility
• Ensure staffing plan and forecast is maintained on a regular basis using integrated planning and capacity management process
• Ensure the completion of work and solutions to the most complex projects or tasks
• Lead team in developing and delivering superior support processes (best practices)
• Establish operational SLA’s and lead team to meet them.

TECHNICAL SKILLS

ERP: ECC 5.0, 6.0, SAP R/3 4.7 & 4.6, SAP GRC 5.3, 10.1

Operating Systems: Windows 95/98/NT/ 2000/2003/XP, Novell 4.10, Linux, UNIX

Databases: MS - SQL 7.0-8.0, Oracle 8.0-8.1.7,Oracle 9i

Networking: System Administration Windows NT,2000,Novell 4.10, Linux Knowledge of LAN & WAN Setup Knowledge of networking protocols Net-BEUI, TCP/IP, IPX/SPXHardware skills Worked on various kinds of servers like Compaq 1850 R, Compaq RA4100 Storage works, Dell Power Edge 2500.Worked on various kinds of desktops and laptops.

Applications: VISIO, MS project & Remedy ticketing system.

PROFESSIONAL EXPERIENCE

Confidential - NJ

SAP Security Administrator

Responsibilities:

• SAP Security Admin in COMET Security group in COMET SAP Global Implementation project.
• Design, Implementation and testing of security requirements for Merck business processes in various work streams OTC, STS, SCM, FBM and HTR to translate security requirements into technical roles for business end users.
• Security architect for End User authentication and Provisioning using GRC CUP and COMET Portal for variety of SAP applications including ECC, SRM, GTS, BI, SCM, XI, xMAM,MDM and HR and SAP Solution manager including configuration and support.
• Security Support for COMET project implementation team (CORE/Data/COE) and Business users in Sandbox, Development, Quality, Production environments including large scale user creation/scripting for both ABAP and Portal environments.
• Supporting security build steps, Developing and Maintenance of technical roles based on SCR/TIR’s and develop and executing test scripts in Mercury test director, supporting IT, OQ and UAT testing environments, Resolving authorization and authentication technical issues that arise during testing, transporting using Remedy change requests and deployment during cutover/regular production support maintenance.
• End user production support and Hypercare addressing and resolving the highly complex technical and business authorization issues through Mercury test director and case tools.
• Creating and Assigning portal groups to LDAP user accounts in COMET Portals.
• Review and implement the Merck SOP's and Security policies and other regulatory requirements and streamline security processes to decrease SLA's and support audits
• Follow-up with business to get the security requirements, evaluate the requirements as per the project plan and distribute the work to the team members.
• Create, Review and Present the project plan to the management for better integration of security in the project.
• Monthly Review of project status within security team and entire implementation team
• Support a phased roll-out; support end users and project team in live environment, while supporting on-going implementation and cut-over activities
• Maintenance of HR organizational structure to administer and control user access, including time-delimited access (e.g. temporary assignments to positions). Working on HCM Position Based Security with Structural Authorization for ESS & MSS.
• Working with Internal and External Auditors to fix IC-CAT issues.
• Ensure role-building follows business guidelines, and adhere to the controls requirement set forth by the internal audit/Risk & Controls teams.
• Working with the business/development teams to design technical security including table, report, and program for the production environments.
• Troubleshoot existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets, put users in appropriate groups and resolve any issues in production system.
• Periodically analyze user master records and develop strategies to reduce any risks to the business from an authorization perspective
• Assist users with access problems and questions using SUIM and SU53
• Extensively used ST01 to trace and maintained failure Objects and values in SU24 at the time of various testing levels
• Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management
• Develop and provide knowledge transfer to client personnel on security authorization concept and security design/implementation.
• Develop team members by ensuring cross- and support flexibility
• Supporting all testing like Integration, stress and UAT.
• Participating in all types of cut-overs (Dry Run, Technical and Business)

Confidential, Newark, NJ

SAP GRC/Security Administrator

Responsibilities:

• Role based Simulation of SOD at Transaction Code Level, Authorization object Level, critical roles level & Mitigation Level
• User based Simulation of a new Tcodes at Role level, Profile level.
• Mitigation of users, Roles & Profiles
• Define& Assigning Business Owner & Approvals
• Creation of a new mitigation Control
• Analysis & Remediation of SOD violations against the various risk in SAP GRC 5.3
• Updating/Modifying the rule sets as per request.
• Creating of risk id’s & assigning appropriate approvers & monitors for the risk.
• Submitting various audit reports.
• Perform Simulation for proactive analysis of SOD violations.
• Creation of appropriate function, risk & rules.
• Mitigate the user id against a particular risk to reduce or minimize the SOD violations.
• Schedule the various background jobs to perform the risk analysis based on business unit.
• Defining Monitors and approvals, business unit
• Defining Mitigation Control Monitors, Mitigation control - Roles
• Uploading &downloading using utilities
• Reviewing the Functional specification and technical specification for customized tcodes
• Customized tcodes as report (generally report, Does not conflict with other functions) maps to standard tcode (Custom transaction code derived from standard code), new utility (New function to be created)
• Identify risk of combining two or more functions in business process chain
• If risk is identified, create rule in SAP GRC
• Created new customized roles and modified existing roles based on the approved requests from the business and functional people
• Creating and maintaining authorization objects for Transactions
• Restriction of Org and Non-org authorization values in Master and derived roles
• Restriction of critical authorization object at activities level in various designations
• Maintained authorization groups for all the required tables in the table TDDAT
• Understanding the role design document and identifying the client requirements.
• Creation of FIREFIGHTER IDs, assigning FIREFIGHTER ID to FIREFIGHTER ID owners, assigning FIREFIGHTER ID to Controllers.
• Audited Roles and Profiles as per Sarbanes-Oxley (SOX) compliance requirements like Segregation of Duties (SOD) and analyzing Risk Assessment using VIRSA / VRAT.
• Distributing fire fighter logs to owners.
• Worked with fire fighter in compliance with control and administration for emergency access and reporting for auditors by assigning temporary ID to super users.
• Created and maintained security roles for development landscape using the SAP profile generator.
• Worked with Business Analyst and Techno Functional Team members to design technical security solutions including table, report, program, and interface security for the production environment.
• Responsible for the developed roles, Composite Roles using the Profile Generator (PFCG) as per client’s security requirements.
• Worked withVIRSAsystemsVRATtool in identifying conflicts single roles and composite roles.
• Manually modifying profiles and roles to remove theSODconflicts present in the roles.
• Analyzed business processes and assisted with security related design decisions.
• Performed annual reviews of Job Roles and Security access.
• User administration viaSU01, and SU10
• Used System trace to record authorization checks in different sessions.
• Assisted users with access problems and questions usingSUIM and SU53.
• Performed regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report findings to management.
• Generated periodic reports on user logs andcritical transactionusage.
• Developed and transferred knowledge to client personnel on security authorization concept and security design/implementation.

Environment: SAP ECC 7.0, SAP GRC 5.3, Oracle 7.3, 8.0.5, BW 7.0

Confidential

SAP Security Consultant

Responsibilities:

• Full scale Security Implementation: roles Definition, Mapped User to roles, Analysis of Users to roles & with Transactions and End-users, SOD Identification & Resolution, Organization and Field Level Value Selection, Non-Organization and Field Level Value Selection, Address Critical, TMA & High Risk Transactions, Build, Test, & Cutover & Support.
• Designed and implemented Security strategies, methods and procedures in compliance with corporate policy. Also developed & implemented Security profile cleanup process.
• Using the Profile Generator (PFCG) created functional templates, simple/composite activity roles, and authorizations for systems SAP R/3 4.6C, APO 3.0A, and BW 3.0B
• Used the derived role concept for production roles setting the correct Organizational Levels to the specific plant, warehouse, company code, division, etc. required for each site.
• Analyzed/resolved Security questions from staff, contractors, and end users by creating new roles, adding transactions to roles, and reviewing/correcting authorization objects. Tested the activity roles to ensure correct results.
• SAP trouble-shooting tools (transactions SU53, ST01, SUIM) were used in determining problems.
• Developed roles and profiles for developers, basis, Security, regional user administrators and other teams.
• Resolved audit issues of removing critical authorizations, profiles from users, restrict sensitive table display/update access in production, remove debug access from production, and restrict access to business or system sensitive transactions.
• Locking/Unlocking end users and transactions and End User Administration.
• Involved in analyzing the requests coming to the Security mailbox, validating the users, and initializing the change management tickets.
• Continuous monitoring of user roles, profiles, and access to sensitive transactions.
• Performance related queries support.

Environment: SAP R/3 5.0, Windows NT, Oracle 7.3, 8.0.5, BW 3.0b.

Confidential, NC

SAP Security Consultant

Responsibilities:

• Elected to travel to US, for KT on the complete SAP Security to offshore.
• Implement standards for custom authorization objects.
• Restriction of SAP Basis Security and Administration Knowledge in designing and implementing of security and authorization in Sap R/3/4.6/4.7/BW/APO/SRM systems
• Created Roles and Company Specific Roles based upon request
• Analyzing missing authorizations based on screen shot sent by the user
• Designed several utilities to support SAP R/3 security reporting needs. Reports of user usage profiles and authorizations, comparison reports in different R/3 system Optimizing the authorization checks by utilizing the SU53 and system traces (ST01)
• Configured Profile Generator and transported settings to all clients, setup security for the developers.
• Performed full analysis of client’s existing security solution, documented and implemented detailed remediation steps.
• Experience in implementing SAP security, including activity groups, profile generator, central user administration and structural authorizations
• Documented security landscape, procedures, and notes for turn-over to client
• User Administrating, including Creating and Managing Users, performing User Authorizations.
• Knowledge Transfer and Technical Mentoring.

Confidential

Active Team Member

Responsibilities:

• Creating and maintaining authorization objects for Transactions
• Restriction of Org and Non-org authorization values in Master and derived roles
• Restriction of critical authorization object at activities level in various designations
• Maintained authorization groups for all the required tables in the table TDDAT
• Working with SAP application security development and administration in R/3 environment for different modules: HCM, FICO, MM & SD
• Thorough usage of HR Switches P LOG, P ORGINCON(HR master data with context), P PERNR, P ABAP and various other Authorization objects and extensive knowledge on HR security table
• Strong experience on backend Structural Authorization, security aspects, authorization profiles and profile generation.
• Implemented Structural Authorizations for restricting managers to access HR Master Data of other org. units.
• Experienced in using LSMW, eCATT Scripts for user creation and maintenance
• Implemented access control on security related tables (AGR *, USR *) and sensitive authorizations objects (S TABU DIS, S PROGRAM etc)
• Implemented EWA Report Recommendation for Critical T-Codes and Objects
• Transferring / Clearing of IDoc’s in CUA & child systems
• Working on the issues raised by the customer on a day-to-day basis
• Communicating and documenting the issues for future
• Defining the Background jobs and monitoring the jobs time to time
• Leading offshore team

Environment: Windows 2000, Oracle 8, SAP 3.1H, 4.5B

Confidential

Subject Matter Expert (SAP SUPPORT)

Responsibilities:

• Led a 5 member Transition Team to Ireland (Dublin) to transition day-to-day operations to the HP facility in Bangalore
• Completely involved in handling clients (ADM’s) Implemented ILC and Problem Management concepts.
• Created Technical Documentation and Presentations on NetWeaver System Administration and Integration. Worked with the Development teams in Software Logistics, ABAP, and Systems Integration to create code corrections for notes & new releases.
• Worked closely with Security audit teams during Security audits.
• Handled Customer complaints, Mission critical problems and Escalations professionally.
• Transports from DEV to QAS to PRE-PROD and to PRD Systems
• Worked on Securities & Authorizations (PFCG)
• Maintenance Optimizer Configuration in SOLMAN
• CUA configuration from SOLMAN to ECC system
• ABAP Dumps Analysis
• SSO Implementation
• Users Creation according to the requirement SPAM/SAINT updates
• Notes Implementation
• Java configurations
• Manual configuration & transportation of SAP Notes
• TREX Index creations
• EWA Configuration
• Background Jobs Scheduling
• Workflow setup in CRM Systems
• Monitoring of Table Spaces
• Handled Day to Day Technical Problems

Environment: Windows 2000, Oracle 8, SAP 3.1H, 4.5B

Confidential

Senior technical support Eng Support

Responsibilities:

• User Administration of Employees which includes creation, maintenance and modification of the authorizations of Whirlpool in 53 region, ASIA and EUROPE.
• Transportation of newly created roles for users from development to quality and then to production (For Europe region only).
• Background Job scheduling and monitoring (For Europe and Asia region only).
• For user administration, worked on 5 clients for North America, 3 clients for Asia and 3 clients for Europe.
• Assigning activity groups user roles to users, creating new users according to respective function modules like SD, MM, PP, FICO, BW, PSP and assigning roles and adding user to particular user group, interacting with other sap support groups of whirlpool and whirlpool managers for approvals.
• Following SOD Segregation of Duties and doing BizRights Roles Analysis for Role assignment to users and Ensuring there is no SOD conflicts while assigning roles to the users and with proper approvals from respective managers.
• Role Assignment to users with respect to Functional T-Codes,
• Following SOX AUDIT COMPLIANCE GUIDELINES set by Whirlpool for Quality Assurance, analyzing and resolving the user problems and dispatching the request to Next level revolver groups for resolution.
• Installation and maintenance of 4.7EE, Netweaver 04’s, SAP Solution Manager 3.2 on HPUX-11 and Windows 2003 Platforms(On Systems only).

Environment: Windows 2000, Oracle 8, SAP 3.1H, 4.5B

Confidential

System Administrator

Responsibilities:

• Installing and Configuring Windows Servers
• DHCP & NS Configuration, Troubleshooting & Maintenance
• Handling System Administration part for Local LAN Environment
• TCP/IP protocols configuration and Troubleshooting
• Involved in Hardware installation, configuration & maintenances.