SUMMARY

• Around 8 plus years of experience in SAP ECC Security, SAP BI/BW Security, SAP HANA Security, BOBJ Security SAP GRC AC 5.3, 10.0 and 10.1, SAP Basis, SAP Solman ChaRM.
• Certified in ITIL foundation, ITSM (ISO 20000) and SAP system administration.
• Lead the ongoing rollout activities for multiple implementations while managed the operational activities associated with active users in SAP.
• Collaborate with Business Process Owner, the Steering Committee and auditor to resolve security issues.
• Ensured the SAP Security Administration team achieves target SLA's, Audit Compliance, management defined performance metrics, and provides input to all SAP Security related policies, procedures, control sets, and best practices.
• Worked on testing of all of the workflows in GRC 10.1 for Access provisioning to the user, Assigning FireFighter access to a user, User access review, uploading of roles into GRC.
• Experience in extracting the SoD reports from the GRC 10.1 and analyzing the root cause of the SoD’s.
• Worked on updating the SU24 Objects for the customized transaction as per the business requirement.
• Experience of working on User Access Provisioning Management using SiAM (Simplified Access Management) tool. SiAM is a third party tool compliance tool for user access provisioning same as GRC.
• Expertise in Writing SCAT/SECATT scripts for mass changes for Users/Roles.
• Experience on setting up of EAM workflows, Access provisioning to a user in SAP GRC 10.1.
• Hands - on experience in designing roles blue print/matrix for ERP systems.
• Experience in handling Sarbanes Oxley (SOX) compliant related requirements including Segregation of Duties (SOD), Critical Authorizations and SOD monitoring.
• Hands on experience in Configuring RAR, CUP and SPM in GRC 5.3 Access Control suite.
• Day to day experience in user administration, roles and authorization tasks, SOD monitoring in SAP GRC 5.3, 10.0 and 10.1.
• Involved in monitoring SOD’s on a daily basis and identifying the root cause of the SOD and Remediation of Segregation of Duties (SOD).
• Extensive knowledge in SAP R/3 Security troubleshooting.
• Experienced in R/3 profile generator (PG), gathered requirements about user activities and planned security procedures using PFCG and created/check maintain custom authorization objects using SU21, SU24 and SU25.
• Implementation experience in Central User Administration (CUA) in both single and multi system landscapes.
• Hands-on experience in implementing SAP Solman ChaRM functionality right from the Solman Configuration to the ChaRM configuration and designing the roles for ChaRM security.
• Experience in Project administration in SAP Solman.
• Experience in user administration and role assignment in CUA (Central User Administration).
• Experience in working with Transports Management Systems to transport roles and programs between SAP R/3 client systems in multi landscapes.
• Experience with helpdesk, resolving ticket issues and troubleshooting support problems which include problems like role and authorizations, SAP GUI, transport. Adequate knowledge in SAP Basis.
• Very good in documentation of security policies and security parameters.
• Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.

TECHNICAL SKILLS

SAP Skills: SAP Security R/3, BI, GRC, ChaRM, SAP Solman ChaRM, SAP GRC 5.3, 10.0 & 10.1.

SAP Version: SAP R/3 ECC 5, ECC 6, 4.7, 4.6C, 4.6B.

Databases: Oracle 9i,10g, SQL Server 2000

Languages: PL/SQL, C, C++.

Operating Systems: Linux, UNIX, Windows Server 2000, 2003.

Applications: Microsoft Visio, Microsoft; Access, Word, Excel, Power Point, MS Project, MS Outlook.

PROFESSIONAL EXPERIENCE

Confidential

SAP Security and GRC Lead

Responsibilities:

• Worked on Setting up the workflow for the SAP User Access Review in SAP GRC 10.1.
• Designed the process for the BDO (Business Data Owner) Yearly User Access Review for the Pharma and the Vaccine Systems.
• Trained the BDOs on the process for doing the Yearly User Access review.
• Worked on creating the Dashboards and creating the Yearly User Access Review files manually for the Vaccine Systems.
• Worked on the BRM functionality in SAP GRC 10.1 for setting up roles in the GRC system for the Pharma Systems and setting up role Owner and mitigation Owner and controller for the roles.
• Worked on setting up the new rule set, risks and mitigation controls for the roles in the Vaccine systems.
• Worked on creating access requests for the users in the GRC system.
• Extracting the SoD reports for the Pharma Systems and identifying the new SoD’s that came up and worked on the same for removing the SoD.
• Experience in creating access requests in GRC for the new users.
• Experience in creating/modifying the roles as per the GxP standards.
• Worked on implementing the E-Signature functionality in GRC workflow.
• Testing of the BDO Access review, E-Signature and Global SOD.

Confidential

SAP Security and GRC Lead

Responsibilities:

• SAP Fire Fighter access provisioning through GRC.
• Worked on testing of all of the workflows in GRC 10.1 for Access provisioning to the user, Assigning FireFighter access to a user, User access review, uploading of roles into GRC using BRM functionality.
• User Access Provisioning Management using SiAM (Simplified Access Management) tool.
• Worked on testing the workflows after the SAP GRC 10.1 upgrade from SP04 to SP09 and also prepare the test script document with the results after the testing.
• Created New roles for the IT team in GRC as per the job function and tested them so that the roles are working fine as per the job function of the user.
• Done Pre & Post validation of GRC AC10.0 of functional & technical business scenario in ARM and EAM, with existed ECC systems.
• Customize Archer GRC / familiarity with change management and governance.
• Experience in extracting the SoD reports from the GRC 10.1 and analyzing the root cause of the SoD’s.
• Worked on the access cleanup for the users for providing the right access to the team as per the job function.
• Cleanup of the analysis authorization after the role re-naming in the BI systems.
• Experience of working on re-naming the roles across the landscape at a mass level using the SECATT scripts after comparing the old and New roles and fixing any of the missing authorizations.
• Troubleshooting BI Auth issues and finding the missing analysis authorization through RSECADMIN.
• Worked on updating the SU24 Objects for the customized transaction as per the business requirement.
• Worked on some of the mini Projects for updating the roles with the new Organization values and creating new roles as per the business requirement.
• Worked of SAP Netweaver Portal administration for creation of users and assigning groups to users.
• Creating of Analysis authorization and transporting them in the system landscape.
• Worked on Solman ChaRM for transports and also for fixing ChaRM authorization issues in Solman system.
• Used Transport Management for roles, custom transactions-objects& SU24 settings.
• Used SAP tables to collect information needed for authorization ticket analysis and also for security designing.
• Configured profile generator and performed transports and mass transports of roles and used CATT scripts for mass role re-naming and mass user creation and assigning roles
• Used SU24 to maintain Check Indicator Defaults and Field values, reduced the scope of Authorization checks.
• Expertise in Writing SCAT/SECATT scripts for mass changes for Users/Roles and re-naming the roles.
• Performed authorization tracing for different modules of SAP for issues resolutions.
• Creation of Users, resetting passwords, locking/unlocking users, Assigning/removing roles from users, copying users and deleting of users & registering Users with SAP.
• Handled tickets for fixing authorization issues and requesting New user access, creation of New users, Lock/Unlock and password reset for the users.

Environment: SAP ECC 5.0, SAP R/3 4.6C, FICO, SAP GRC 10.1.

Confidential

SAP Security, GRC Consultant

Responsibilities:

• Overall support including design and implementation for all Security needs on R/3, GRC 10.0 systems.
• Created Training and Documentation of SAP Security & GRC 10.0 related work.
• Used profile generator in Composite roles and Single roles build.
• Performed user administration including Central User Administration (CUA).
• Used Transport Management for roles, custom transactions-objects& SU24 settings.
• Creating of users and roles in SAP HANA Studio and assigning roles to the users.
• Hands-on experience in implementing SAP Solman ChaRM functionality right from the Solman Configuration to the ChaRM configuration and designing the roles for ChaRM security.
• Experience in Project administration in SAP Solman.
• Providing Firefighter access to the users through ERM in GRC 10.0.
• Analyzing SoD’s and documenting the SoD list in GRC 10.0.
• Used SU24 to maintain Check Indicator Defaults and Field values, reduced the scope of Authorization checks.
• Done Pre & Post validation of GRC AC10.0 of functional & technical business scenario in ARM and EAM, with existed ECC systems.
• Highlighted the configuration difference between systems and shared the best practice to replicate configuration to other systems.
• Trained new joiners & clients in different modules of SAP Security, Usage of SAP Solman ChaRM.

Environment: SAP ECC 6.0, SCM, C2C, GRC 10.0, SAP Solman ChaRM.

Confidential

SAP Security & GRC (Lead)

Responsibilities:

• Overall support including design and implementation for all Security needs on R/3, BI, and GRC 5.3, 10.0, 10.1 systems.
• Created Training and Documentation of SAP Security & GRC 10.0 related work.
• Used profile generator in Composite roles and Single roles build.
• Worked on the fixing issues in SAP BW upgrade from 5.3 to 7.0. Customize Archer GRC / familiarity with change management and governance.
• Experience in configuration of Archer GRC
• Troubleshooting BI Authorization issues and finding the missing analysis authorization through RSECADMIN.
• Creating of Analysis authorization and transporting them in the system landscape.
• Performed user administration including Central User Administration (CUA).
• Used Transport Management for roles, custom transactions-objects& SU24 settings.
• Performed authorization tracing for different modules of SAP for issues resolutions.
• Provided authorization based on the Info Cube level, queries, ODS objects.
• Highlighted the configuration difference between systems and shared the best practice to replicate configuration to other systems.
• Support for GRC 5.3 and GRC 10.0 SoD monitoring, mitigation and Role Maintenance.
• Updating transactions via SU24 (managing authorization objects).
• Maintain transactions selection and authorization objects in activity groups.
• Develop profiles/roles which including complex design restrictions.
• Support during Implementation go-lives.
• Handled security rollouts for multiple applications involving large user base and go-live support for different Implementations.
• Handled tickets using Unicenter tool SOLV and hands on experience on SOLV tool
• Managed multiple teams of more than 20 members with different project deliveries.
• Fixed the post upgrade issues for EAM & ARM business scenarios.
• Trained new joiners & clients in different modules of SAP Security.

Environment: SAP ECC 6.0, BI 7.0, SD, SRM, HR, Portal, CRM, GRC 5.3, 10.0 10.1.

Confidential

SAP Security and Basis Consultant

Responsibilities:

• SAP system monitoring on a daily basis.
• Used profile generator in Composite roles and Single roles build.
• Performed user administration including Central User Administration (CUA).
• Used Transport Management for roles, custom transactions-objects& SU24 settings.
• Used SAP tables to collect information needed for authorization ticket analysis and also for security designing.
• Used SU24 to maintain Check Indicator Defaults and Field values, reduced the scope of Authorization checks.
• Performed SAP basis daily monitoring activities using SAP basis monitoring T-codes and perform the necessary corrective action.
• Extensive knowledge in SAP R/3 Security troubleshooting.
• Expertise in Writing SCAT/SECATT scripts for mass changes for Users/Roles.
• Performed daily administrative activities such as Alert monitoring, Scheduling periodic jobs, Background processing, User management, R/3 Buffer monitoring (CCMS), database monitoring, Verification, troubleshooting of Short Dumps, system logs etc.
• Performed authorization tracing for different modules of SAP for issues resolutions.
• Creation of Users, resetting passwords, locking/unlocking users, Assigning/removing roles from users, copying users and deleting of users & registering Users with SAP.
• Handled tickets using Remedy tool and hands on experience on remedy tool and red wood explorer.

Environment: SAP ECC 5.0, SAP R/3 4.6C, FICO.

Confidential

AP Basis Associate Consultant

Responsibilities:

• Experience in performing Installations, Configuration and 24/7 Production Support for SAP software products SAP R3, ECC 5.0/6.0 on Windows, UNIX and Linux platforms with databases ORACLE, and MSSQL.
• Experience in configuring/executing SAP change control functions including transport management system (TMS) for the system landscape using STMS/Tp. Setting up Transport Routes, Configure Transport Domain Controller & customize Workbench Organizer. Performed daily administrative activities such as Alert monitoring, scheduling periodic jobs, Background processing, User management, R/3 Buffer monitoring (CCMS), database monitoring, Verification, troubleshooting of Short Dumps, system logs etc.
• Provide mission critical Basis technical support of several ongoing SAP Global Implementations.
• SAP R/3 System Performance Monitoring & Fine tuning through Instance Profile parameters.
• Operational Modes configuration for load balancing.
• Systems required Background jobs.
• Short Dump & Update Termination Analysis.
• SAP Client Administration and Transport administration.
• Provided Basis technical support to ABAP developers, functional teams, DBA, Help desk support personnel, and other support groups to resolve system issues.
• Performed Add-on Plug-In installation using SAINT tool to latest version. Performed Kernel and support patches upgradation.
• Responsible for applying support patches in all environments as per client requirement and Perform kernel upgrades.
• Carried out post-upgrade activities including kernel upgrade, applying support packs and SGEN.

Environment: SAP R/3 ECC 6.0, SAP Netweaver PORTAL

Confidential

Junior SAP Basis Consultant

Responsibilities:

• Experience in performing Installation of ECC 6.0 EHP2, NW 700, ESS/MSS functionality and ORACLE database.
• SAP Client Administration and Transport administration.
• Provided Basis technical support to ABAP developers, functional teams, DBA, Help desk support personnel, and other support groups to resolve system issues.
• Performed Add-on Plug-In installation using SAINT tool to latest version. Performed Kernel and support patches upgradation.
• Responsible for applying support patches in all environments as per client requirement and Perform kernel upgrades.
• Carried out post-upgrade activities including kernel upgrade, applying support packs and SGEN.
• Creation of Users, resetting passwords, locking/unlocking users, Assigning/removing roles from users, copying users and deleting of users & registering Users with SAP.