SUMMARY:

• Experience of 7+ years in SAP Security Authorization and Internal Auditor.
• Proficiency in CUA, R3, HR, BI, IDM, GRC for user administration and authorization management.
• Exceptional analytical, troubleshooting, organizational, communication, prioritization, problem solving and leadership skills and ability and past experience to sustain high work pressure.
• A systematic, organized, hardworking and dedicated team player with an analytical bent of mind determined to become part of growth - oriented organization.
• Experienced in working forFullLife-cycleImplementation,Go-Live,Post Go-Live, andProduction Supportproject.
• Extensive experience inRequirement gathering,Design,Development, andMaintenance ofSAP applications security.
• Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across the entireSAP landscape.
• Prepared the manual on IT change management, project risk assessment, software testing and validation, as well as quality management services.
• Very good knowledge of producing and analyzing reports in SAP usingSUIM, and security related tables (AGR*, USR*).
• Evaluated the effectiveness of controls in the computerized and related manual processes environment.
• Ability to manage multiple tasks ofproduction support and implementationprojects.
• Experienced in adhering to theChange ManagementProcess for transporting roles and tables, security objects and maintaining the change documents.
• Extensive experience with resolving ticket issues andtroubleshooting security authorization problems while adhering toService Level Agreements(SLA).

SKILL:

• IT Auditing
• Compliance management
• Risk management processes and analysis
• Process implementation
• Service Delivery management
• Vendor management
• Client assessment and analysis
• Team leadership
• Strong verbalcommunication
• Self motivated
• Project management
• Team liaison

PROFESSIONAL EXPERIENCE:

SAP Security Consultant

Confidential

Responsibilities:

• Working with Confidential as a SAP Security Consultant, involved in managing BAU activities such as User ID Management, Authorization Management and Compliance etc. Roles included Team Management, Process Improvement, Coordination, Client Interaction, Architecture and Management related tasks.
• Working closing with the External Auditor ( Confidential ) and providing the required data and working on the issue.
• Working on Risk and control using Saviynt tool. Having a good knowledge of SOD compliance.
• Supporting SAP Security BAU daily activates.
• Handling Fiori application and Vistex project.
• Basics of HANA

Confidential

Environment: SAP Security and GRC Consultant

Responsibilities:

• Security Architect - Working on Security Solution designing and built the same from Blueprinting phase till Implementation on various project for e.g. - Trading Division in Manufacturing Unit of Confidential .
• Working on Risk and Control by using tools like GRC 10.0. Solid working knowledge of ARA, ARM, EAM,Process Controls & Risk Management Expert Knowledge of SOD Compliance, SAP R/3 Security, Roles and authorization.
• Lead in the development and maintenance of IT Governance, Risk, and Compliance Management strategy.
• Coordinate the testing and timely delivery (met four milestone targets) of SOX requirements for financial and operational reporting purposes.
• Improve IT operations efficiency and ITServicedelivery through the use of industry control standards and frameworks COSO, COBIT, and ITIL.
• BAU Support Activities in Security:
• Analyzed the Authorization issues by Activating the Trace and SU53 Dump and resolved user access issues.
• Fixing Roles and authorization keeping Risk and Control in mind. Do the risk analysis via GRC 10.0 and deploying the changes via fixing the role in Dev and transporting till Prod
• ME/MI Portal support which include Remediation work also.
• Tools - Remedy, E-tracker, SolMan - CHARM, CUA, GRC 10.0, SPM/SNC
• Being part of Production Cutover and Hyper-care resource in Security.
• Having an experience of working with other vendors of JLR as IBM, Accenture and TTL. Getting Design and Signed off Blueprint for Authorization & Role matrix from other third party vendors of JLR. Jointly working with them to understand the design during Transition phase and working as a Build Factory Security resource which includes:
• Building Security roles
• Defining Permissions (maintaining SU24 for Z custom TCode)
• Unit testing
• SIT
• Regression testing
• Deploy the changes to production
• Supporting Cutover & Hyper care activities
• Ensure accuracy and segregationof duties
• Providing access to users in CUA system and check the access in child system through SCUL, SM58 TCode, which included creation of new role in CUA.
• Creating and maintain analysis authorization using Transaction RSECADMIN in BI system
• Implement and configureSuper user Privilege Managementformerly Firefighter:
• Maintaining Firefighter IDs to manage privileged and emergency access, define Owner, Controller and User in GRC system.
• Worked extensively with SPM in creating and assigning of FIREFIGHTER IDs.
• Part of cutover and hyper activity, need to define the access accordingly.
• Assigned firefighter controller to the firefighter ID.
• Distributing Fire Fighter logs to owners.
• Assigning temporary ID to super users allowing emergency access and reporting for audit purposes.
• Working in ME/MII system which include below activity: -
• Designing the new user group in ME system based on project requirement and defining the permission accordingly.
• Designing the MI user group with portal roles.
• Involved in configuration of the environments for testing, processing defects in test environments and End to End follow up of security changes to support production environment. Resolved security defects created by Tester in HPQC and periodically used HPQC progress report to monitor defects.
• Interacted closely with the Data Owners of various vendors to determineappropriate security roles to assign users.
• Support Basis team for user master export and import, lock mass user during systems maintenance.
• Direct interaction with client on Onsite Location to-gathered the information and to work on that for new project requirement.
• Managing Team from Onsite location.
• Supporting Third Party - Vendor requirement.
• Assure both quality and customer service while leading and driving advanced/complex design tasks and projects to successful completion. Prepare documentation for design plan (blue printing), review specification for modifications and UAT.
• Ensuring that project dates are met and with high quality deliverable.

Confidential

Environment: SAP Security and Authorization

Responsibilities:

• User administration: creating, changing, deleting, locking/unlocking and password resetting of users, creating different types of users.
• Worked on HR Security like adding roles to position using PO13 and creating Info type using PA30
• Worked in Portal environment like creating, changing, deleting, locking/unlocking, password resetting of users and assigning roles to users.
• Worked on SAP GRC like performing SOD checks and assigning Fire Fighter access to the users.
• Managed and created new users, groups and profiles.
• User Management, User Tracing and Troubleshooting.
• Resolving missing authorization issues (SU53).
• Performing audit using SM20 and RSUSR200.

Confidential

Environment: SAP Security and Authorization

Responsibilities:

• Played a key role in the Migration Phase of project from IBM to Confidential .
• Reduced overall cost by 35% on SOX testing and compliance requirements by eliminating redundancies, and rendering real*time assistance to external auditors.
• Attended KT, Secondary and Primary support, Process Document preparation, SOP preparation, User ID creation in bulk and extracting RCM data were few job responsibilities during migration phase.
• Performing daily tasks of User ID management and authorization management of SAP R3, HR, BI, EP, and SRM.
• Creation, Deletion, Administration and monitoring of users, creating and assigning user groups, and mass user administration.
• Creating single, Composite and derived roles, maintain and generate authorization profiles.
• Supporting Month end business activities.
• Created new roles for ECC 6 systems:FI, CO, HR, MM, PP, QM, and SDmodules, based on concepts of task roles.
• Maintaining Segregation of Duties by providing authorizations as per SOD matrix, resolution of SOD conflicts at transaction and authorization object level.
• Worked on VIRSA tool for compliance calibration
• Worked with SOX team for resolving SOD conflicts.
• Maintaining Firefighter roles.
• Handled Firefighter Admin responsibilities.
• Incidents, Service request, SLA, and escalation management.
• Resource planning.
• Defined and implemented ITIL processes for the project operations.
• Taking care of Compliance & external audit being held quarterly. This includes facilitating the auditors with RFIs, artifacts, RCM Data, sampling etc.
• RFP preparations for new projects.
• Analyzing Service Request reports and planning resource accordingly.
• Process improvement & stabilization.
• Planning and implementing technical improvement possible in TML environment.
• Encourage the use of best practices.
• Interaction with client, taking feedback, on service delivery, and discussing improvement plans.
• Able to lead others in high demand-situations.
• Coaching, guiding or tracking.
• Delegating tasks and responsibilities.
• Demonstrated leadership.
• Evaluating performance, programs, process and events.
• Handled challenges with proven history of increased productivity.
• Prioritized tasks and operate proactively.
• Analyzing situations or data.
• Compiling data or facts.
• Record keeping.
• Updating information or records.

Master Data Management

Confidential

Environment: SAP Security & Authorization

Responsibilities:

• Provided necessary artifacts/data for excess authorization cleanup to data requests made by Functional Team.
• Discussed tweaks required in the role structure and implementation strategy, with Dy. CISO and team.
• Mass role changes were made and successfully implemented after receiving confirmation from business/SOX Team.
• New objects were introduced as an additional control in Material creation/change. Designed new role which were assigned to users all across TML.
• Approx. 12000 authorization changes were made in 3 months.
• Documented changes and additional controls. Designed process for additional controls and transaction of the same was done to SAP Security team Members.
• Received appreciation from Project Tea, SOX Team, and CISO for significant work done & project completion within time line.

Confidential

Environment: SAP Cloning & Copying

Responsibilities:

• Upgrade activities especially Trex, Live cache, MaxDB and XI components.
• Performed daily tasks of User ID management and Authorization Management of SAP R/3.
• Performing as Onsite Coordinator for various activities assigned to offshore.
• Encouraged use of best practices.
• Interaction with client, taking feedback, on service delivery, and discussing improvement plans.
• Able to lead others in high demand-situations.
• Coaching, guiding or tracking.
• Delegating tasks and responsibilities.
• Demonstrated leadership.
• Evaluating performance, programs, process and events.
• Handled challenges with proven history of increased productivity.
• Prioritized tasks and operated proactively.