SUMMARY

• Seasoned IT Professional with10+ years of Experience as a SAP Consultant in various roles, this includes SAP - GRC(Virsa 4.0, 5.3, GRC10 and 10.1), Security & ABAP.
• Strong experience in SAP GRC applications and troubleshooting activities of Access Controls at the time of pre & post installations.
• Configurations Experience in Access Controls capabilities ARA, BRM, ARM & EAM and worked on reports.
• Defining Risks, Analyzing Risks, Creating Business Process, Rule creation, mitigation, Role Owner, Alerts, Analyzing management reports, Basic Configuration Settings in all AC capabilities.
• Workflow configurations, Creating New Accounts, Lock & Unlocking, Change & Delete accounts, HR Triggers, UAR, SOD Review, Maintaining approval stages, Fiori Access approver app configuration, Hana DB provisioning.
• Strong exposure on SAP Authorization Concept, Profile Generator, Single Role, Composite Role, Derived Role concept, User Creation and using SOD rules.
• Maintenance of User Master Records, Profiles, Authorizations and user administration in CUA.
• Implemented Role-based security administration, including design & testing.
• Experience of SAP ECC, CRM, BW/BI, PI, SRM, HANA, BPC and Portal Security configuration, design, development, testing, implementation and production support.
• Extensive work on PFCG, SU24, SU01, SU21, SUIM, SU53, ST01, & PFUD.
• Worked on SOX controls, maintenance processes and leading industry practices
• Work with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Worked on developing the over 250 plus controls for procure-to-pay, order-to-cash, Finance and Basis etc modules.
• Unique GRC integration with multiple ERP and 3rd party applications like IDM, Oracle, Jdedwards and Peoplesoft .

TECHNICAL SKILLS

Skill Set: SAP GRC & Security, ABAP/4, BAPI, BADI, ALE, IDOC, User Exit, XI, Web Services, ARA, ARM, EAM, BRM, Work flows, MSMP, BRF+, HR Triggers, UAR, SOD Review, Audit Management, HANA, BOBJ, BODS, Analytics, C and Java.

SAP System: ECC, CRM, BW/BI, PI, SRM and BPC.

Operating System: MS-DOS, Windows 98/Xp/ 2000/windows7.

Database: Oracle, DB2, Ms SQL and HANA.

Domain Knowledge: SAP GRC Virsa 4.0, 5.3 & 10.X, SAP Security,AAK(ABAP Add-on Tool Kit) and various Legacy Connectors for SAP GRC

PROFESSIONAL EXPERIENCE

Confidential, OK

SAP GRC & Security Consultant

Responsibilities:

• Performed AC10.1 AC complete configuration, Customize Rule-set, Master data gathering, ARM workflow configuration, De-Centralized EAM configuration and master data setup in AC10.1 system.
• Managing SOD conflicting issue, Defining Mitigation control.
• Created Initiator, Agent and Routing rules with in BRF+.
• Configured HANA data base provisioning in GRC AC for roles and analytic privileges and worked on HANA role design based on analytical privileges.
• Completed the UAR process for annual audit review and acted as point of contact for all kind of reports and validation from GRC.
• Worked closely with auditors to complete the annual audit review in a smooth way.
• Smooth Cut-over, Go-live and Hyper-care (No new issues reported during Hyper-care).
• Creation of users, lock/unlock of users, deletion of users & Mass User Maintenance Password resetting, Locking and changing the validity date for the expired users.
• Handling the tickets raised by users for access issues in multiple systems(ECC,CRM,BW,GRC,HANA & EP).
• Supporting basis team for system refresh.
• Conducted the workshops and trainings with various teams like internal resources, auditors and end users.
• Responsible and point of contact for all GRC related activities.

Confidential, CA

SAP GRC Consultant

Responsibilities:

• Responsible for preparing Virsa 4.0 Master data baseline document.
• Performed post installation configuration like activating BC sets, Applications and Services.
• Worked closely with Basis team to get AC 10.1plugIns(GRCPINW / GRCPIERP)installed on all target systems.
• Exported CC, FF data from Virsa4.0 to GRC AC 10.1.
• Imported CC and FF Data like Rule set data(Functions, Risks, Rule set, Mitigation control data) and FF data (Owner and Controllers and Reason code etc ).
• Performed Intra Migration activities like Creating connections, connection groups, performing Auth, Repository syncs, maintain configuration settings.
• Performed Post migration steps including activation of MSMP workflow, generation of rule, maintaining workflow stages.
• Worked on post migration data validation activities in SPRO and NWBC, configured the FIORI mobile app
• Created Initiator, Agent and Routing rules with in BRF+.
• Created and modified workflows, AC owners, Rules, Mitigation Controls to meet the business requirements.
• Responsible and point of contact for all GRC related activities.
• Conducted the workshops and trainings with various teams like internal resources, auditors and end users.

Confidential, NJ

SAP GRC Consultant

Responsibilities:

• Configured Pre-Post installation steps related to AC component.
• Completed end-to end implementation of GRC AC10.1 ARA, ARM and EAM modules.
• Created detailed task wise project plan and got on-boarded after client’s approval. Also created GRC AC10.1 Blueprint document, Test cases document and did workshops for requirement gathering.
• Performed AC10.1 AC complete configuration, Custom Rule-set changes, Master data gathering, ARM workflow configuration, Centralized EAM configuration and master data setup in AC10.1 system.
• User and Role management for GRC system (including Firefighter roles)
• Successful Unit testing and UAT/Regression Testing for Development & Production systems.
• Configure GRC Access control tool to avoid SOD conflicts to comply with Sarbanes-Oxley (SOX) regulation.
• Analyze SAP Segregation of Duties (SOD) conflicts and recommend corrective action.
• Implemented SOD conflicts administration strategies and managed remediation tasks to comply with SAP/SOD requirements.
• Design & Create Security Profiles based on functional and technical needs of all security roles and authorizations for all SAP modules (ECC 6.0, BW/BI, SRM, CRM, Portals, HR and HANA).
• Created HR Triggers for user position changes.
• Conducted the workshops and trainings with various teams like internal resources, auditors and end users.

Confidential, NJ

SAP Consultant

Responsibilities:

• Responsible for preparing GRC 5.3 Configuration and Master data baseline document.
• Performed post installation configuration like activating BC sets.
• Worked closely with Basis team to get AC 10 plugIns installed on all target systems and installation of Migration tool on GRC 5.3.
• Migrated Configuration, Master data and Transactional data from GRC 5.3 to GRC AC 10 for RAR, CUP, SPM and BRM.
• Performed Intra Migration activities like Creating connections, connection groups, performing Auth, Repository syncs, maintain configuration settings.
• Performed Post migration steps including activation of MSMP workflow BC sets, generation of rule, maintaining workflow stages.
• Supported post migration data validation activities in SPRO and NWBC.
• Created Initiator, Agent and Routing rules with in BRF+.
• Created and modified workflows, AC owners, Rules, Mitigation Controls to meet the business requirements.
• Scheduled background jobs for EAM, BRM,ARA and ARM.
• Conducted the workshops and trainings with various teams like internal resources, auditors and end users.
• Extended the GRC10 system to BW, CRM and BPC systems .

Confidential, NJ

SAP GRC & Security Consultant

Responsibilities:

• Implementation (AC10), which includes Blueprinting, Task-wise detailed Project Plan, Design & Strategy, GRC-IDM interface, Data
• Validation, Testing (Test case document), Cut-over, Technical documentation and Hyper-care. The project involved migration for ARA, ARM, EAM and BRM.
• Worked with LDAP team to get requirement details to integrate GRC with LDAP.
• Run the background jobs to sync Authorization data, User sync, Role Sync and Profile Sync.
• Customized rule set uploaded, Generated the Rule set.
• Created the Methodology process for Role management and also created role attributes.
• Imported the roles for provisioning and maintained the Mandatory fields for the Roles.
• Trouble shoot the Configuration issues like Role /User level risk analysis issue, Auto provisioning errors.

Confidential

SAP GRC Consultant

Responsibilities:

• Responsible for preparing GRC 5.3 Configuration and Master data baseline document.
• Performed post installation configuration like activating BC sets and applications.
• Worked closely with Basis team to get AC 10 plugIns installed on all target systems and installation of Migration tool on GRC 5.3.
• Migrated Configuration, Master data and Transactional data from GRC 5.3 to GRC AC 10 for RAR, CUP, SPM and BRM.
• Performed Intra Migration activities like Creating connections, connection groups, performing Auth, Repository syncs, maintain configuration settings.
• Performed Post migration steps including activation of MSMP workflow BC sets, generation of rule, maintaining workflow stages.
• Worked on post migration data validation activities in SPRO and NWBC and user trainings.
• Created Initiator, Agent and Routing rules with in BRF+.

Confidential

SAP GRC & Security Consultant

Responsibilities:

• Configured Pre-Post installation steps related to AC component.
• Implemented GRC 5.3 Access control which includes RAR,CUP,EAM component
• Configured RAR(include Custom ruleset) EAM and Workflows(Access request, Mitigation maintenance, Risk Maintenance, SOD review and UAR review etc)
• Successful Unit testing and UAT/Regression Testing for Development & Production systems.
• Knowledge Transfer and created “How to Do” document on 23 Topics for future support.
• Worked closely with Basis team to get AC 10 plugIns installed on all target systems and installation of Migration tool on GRC 5.3.
• Migrated Configuration, Master data and Transactional data from GRC 5.3 to GRC AC 10 for RAR, CUP and SPM .
• Performed Intra Migration activities like Creating connections, connection groups, performing Auth, Repository syncs, maintain configuration settings.
• Configured MSMP workflow and trouble shoot the Configuration issues like Email notification error, MSMP workflow trigger errors, Role /User level risk analysis issue, Auto provisioning errors.
• Creation of BRF plus rules based on client requirement for MSMP workflow.
• Develop (FireFighter) roles and workflow approval process in GRC 10.
• Conducted workshops & trainings for approvers, role owners, business users, internal teams and end users.

Confidential

SAP Security Consultant

Responsibilities:

• Creation of users, lock/unlock of users, deletion of users & Mass User Maintenance Password resetting, Locking and changing the validity date for the expired users
• Worked with security tables such as AGR* & USR*, etc
• Analyzing the User Access Problems using SU53 and Providing Authorization reports through User Information System SUIM.
• Experience in setting up Central User Administration (CUA) and maintenance
• Role modifications, creations, according to the business needs with proper documentation.
• Involved creating mass users, deleting mass users, locking and unlocking mass users.

Confidential

SAP Security Consultant

Responsibilities:

• Transport between Development, Quality /Test and Production systems of R/3 using STMS.
• Role modifications, creations, according to the business needs with proper documentation.
• Accessed User info system (New user, Roles, Authorizations, User, T-Codes etc.) through SUIM regularly.
• Involved creating mass users, deleting mass users, locking and unlocking mass users.
• Troubleshoot R/3 security problem by using different scenario such as system trace.
• Responsible for day to day technical support and resolution of security issues.
• Resolve user’s daily problems (lock, unlock, and reinitialize passwords, no access to a transaction).
• Assist users with access problems and questions using SUIM and SU53.
• Monitoring the online background jobs and resolved the issues if any background job failed.

Confidential

ABAP Consultant

Responsibilities:

• Handling the Change and HD tickets as per the client requirements and Preparing Transport Approval Request Forms
• Understanding the functional specifications designed by the functional team for the new requirements.
• Designing the Technical Specifications from the functional specifications.
• Developing the code as per the technical specifications.
• Review the technical specifications and code as per the specifications.
• Optimizing and analyzing existing ABAP programs and modify as per the client requirement.
• Interacting with the client & onsite team on a regular basis to gather user requirements