Sap Security Lead Resume
Denver, CO
SUMMARY
- Decisive, action - oriented and result-focused professional with 9+ Years of experience as SAP NW Security &SAP GRC 10(Governance Risk & Compliance)in working for Full Life Cycle Implementation, Go-Live, Post Go-Live, and Production Support projects using strong communication, analytical, relationship management and co-ordination skills through project facilitation & trainings, process & audits.
- My focus in each environment has been to architect, Configuration, manage, support and provide business aligned security infrastructure, SOX compliance, internals, controls, processes and policies that meet the business requirements/needs across complex environments and international business units.
- Seeking a challenging Position as a SAP Security& SAP GRC 10.0 Consultant, where I can share my experience, knowledge & offer my analytical skills to achieve project goal.
- Having 9 years of SAP Security experience with strong understanding of information security practices.
- Experienced in working for Full Life Cycle Implementation, Go-Live, Post Go-Live, and Production Support projects.
- Experience on GRC AC Migration and Implementation.
- Extensive experience in Requirement gathering, Design, Development, Deployment and Maintenance of SAP applications security.
- Team Lead experience in resource management, Incident Management, Change Management and Defect management.
- Worked with functional teams and change management teams to understand the business requirements and gather application security requirements in alignment with the industry best practices.
- Extensive experience in User Management, Authorization Management, Role Management.
- Ability to interface with multiple levels of management and team members.
- Ability to plan and manage all aspects of testing including UAT.
- Familiar with ITSM and BMC Remedy Tools.
- Support controls systems and internal controls auditing processes to ensure they are operating effectively; incidents and routine work are completed within published SLA.
- SAP GRC Implementation, Configuration and Production support experience, with a good understanding ofbusiness processes.
- Remediation of Segregation of Duties (SOD) within SAP implementation for SOX (Sarbanes Oxley) Compliance using GRC tool.
- Strong experience in design and implementation of security for SAP R/3 Modules SD, MM, FI/CO, PP, HR, BW/BI7.0, BOBJ,BPC, SRM, CRM 7.0, XI/PI,HCM, NW Java 7.x, EP,Portal, Solution Manager access.
- Experience working with SAP NW 7.4 migration experience.
- Extensive experience in interacting with business/process team for data and information gathering, integration and UAT process and sign off process.
- As a Subject Matter Expert of SAP PI Security, provided solutions to clients, prepared Functional and Technical specifications by coordinating within the team of various modules.
- Trained team members and business users on different areas of security.
- Worked as an Onsite - Offshore coordinator/team lead and able to work independently and as well as in a team environment with multiple projects/tasks.
- Extensive knowledge of SAP compliant identity management security, implementation methodologies, IT governance, IT processes and procedures
- User administration - Creation and Modification of User Master Records for functional team and End/Business Users.
- Role administration - Good experience in Design,Configuration,Developing, Testing and Implementing SAP Security Roles, Profiles and Authorizations for various landscapes using PFCG (SAP Profile Generator Tool)
- Detailed knowledge of ABAP and Java based authorizations within SAP applications.
- Worked with business process owners to complete Role Specification Packages.
- Setting up the CUA to manage user creation, maintenance and migration.
- Experience using security tables such as AGR* and USR*.
- Generated security reports for critical transactions and objects using SUIM and standard tables.
- Fire Fighter - Good experience in creation and maintenance of Fire Fighter user IDs for Critical Authorizations for functional team and End Users.
- Change management - Good experience in modification of roles and authorization through a change request process.
- Effective use of SU53/ST01 for analyzing trace files and tracked missed authorizations for user access problems and assigning missing authorizations.
- Full trouble shooting support for the users authorization failures in all SAP applications and resolving the Security issues and support in integration testing of Roles/Profiles.
- Good experience in user administration in production support, quick turnaround for end user requests.
- Support for Deployment Activities and cut over.
- Skilled in Security Audit analysis.
- Good experience in Security Administration for various Business Applications in SD, MM, QM, PP, HR and PM modules.
- Good experience in developing Security authorization roles as defined by application managers for the end users using Profile Generator (PFCG) tool.
- SAP Netweaver Portal System Administration.
- Strong experience in implementing and working with security with SAP HR module including Structural Authorizations, ESS & MSS and Position Based Security and Context Sensitive authorizations.
- Worked on HR Security and Structural based security.
- Expert in HR Position Based Security and Structural Authorizations
- Assignment of Roles to Positions / organizations and troubleshooting issues.
- Good Understanding of Position based security.
- Expertise with the BI Analysis Authorization (RSECADMIN) to maintain security for reporting users and troubleshooting the reporting problems.
- Creation/ Maintenance of Analysis Authorization
- Direct/Indirect user assignment of Analysis Authorizations
- Troubleshooting issues in Analysis Authorizations.
- Worked on BOBJ Security and administration.
- Pilot implementation of SAP GRC 10(configuration and usage of AC 10).
- Configuration and setup up of Access control components like ARA, ARM, EAM and BRM through SPRO and NWBC.
- Configuration of common settings for GRC AC 10. (Connectors, Plug-ins etc).
- Experience with Testing, risk and issue management.
- Participate in Annual user access reviews to adhere to SOX regulatory requirements.
- Risk identification, Build Rule sets, create controls and mitigate risks.
- Scheduling sync jobs for management reports.
- Creation of MSMP work flow for all process id’s involved.
- Creation of Initiator, Routing, Agent and Notification rules using BRF+ framework.
- Running Simulation for Segregation of Duty conflicts.
- Creation of workflow paths based on custom conditions.
- Creation of Owner, Controller, Firefighter and firefighter id’s.
- Assignment of firefighters to firefighter ids.
- Trouble shooting fire fighter log issues.
- Creation, scheduling and maintenance of background jobs for AC 10.
- Prepared end user training documents.
- Involved in test script creation, testing and UAT.
TECHNICAL SKILLS
ERP: SAP R/3 ECC 6.0.BI 7.0
Tool: GRC AC 5.3, GRC 10.0, Super Privilege Management (SPM), Risk Analysis and Remediation (RAR),SAP Netweaver 7.4, Enterprise Portal 6.0, 7.0
Operating Systems: Windows NT, 2000, 2003 Server.
Database: ORACLE 9i.
PROFESSIONAL EXPERIENCE
Confidential, Denver, CO
SAP Security Lead
Environment: SAP ECC 6.0, BW 7.0, Windows 2003 and Unix.
Responsibilities:
- The scope of the project was to implement and support the security in different SAP modules such as ECC6.0, GRC 10, BOBJ, BI 7.0, SolMan,NW 7.4.
- Configuration and setup up of Access control components like ARA, ARM, EAM and BRM through SPRO and NWBC.
- Worked on Connector configurations of common settings for GRC AC 10. (Connectors, Plug-ins etc).
- Worked with functional teams and change management teams to understand the business requirements and gather application security requirements in alignment with the industry best practices.
- Expert in implementation, support and governance of authorizations for all ECC modules.
- Experienced in implementing SAP application security per Audit requirements.
- Development of positive and negative test cases to user role testing.
- Extensive experience in User Management, Authorization Management, Role Management-single, composite roles .
- Define processes for security team related to IDM and SAP GRC risk management.
- Plan and execute client engagements focusing SAP security, and audits of SAP environments.
- Ability to interface with multiple levels of management and team members.
- Assess technical architecture, systems, SAP Security infrastructure and users with Segregation of Duties violations.
- Evaluate the design and effectiveness of SAP controls throughout the business cycle.
- Work with clients to identify opportunities for improvement in the areas of SAP GRC, SAP security, and SAP controls
- Help coach and train team members to grow the SAP knowledgebase of the team.
- Generation of reports and rule set updates as required.
- Work with Sox Compliance Team, SAP Basis, SAP Consultants, Project Managers, and Director of Infrastructure, Center of Excellence and SAP Support Staff.
- Creation, Deletion, Administration and monitoring of users, creating and assigning of user
- Groups, creating queries and mass user administration.
- Central user administration (CUA) - User creation and maintenance.
- Good experience in working with the SUIM reporting tool for analysis of users, roles, profiles and change documents.
- Extensively used SU53 and ST01 to assign missing authorization to users.
- Experience in designing, developing and maintaining roles (single, composite and derived ) for different modules(FICO,MM,SD,HR,ABAP) using the profile Generator (PFCG) to meet business requirements by making sure that users do not get more authorizations than needed to perform their tasks.
- Involved in coordinating with the functional team for testing of the changes and releasing of the changes to production system after successful UAT.
- SAP User administration - Create new users, Lock & unlock users and password reset.
- Worked on SUIM reports and sharing them with the Auditors.
- Worked on BOBJ User administration.
- Worked as a SAP Security tester and well experienced in preparing UAT.
- Worked with ITSM /Remedy ticketing systems.
- Provided support for internal/external audits.
- Worked with ITSM and Remedy ticketing tools.
- Support controls systems and internal auditing processes to ensure they are operating effectively; incidents and routine work are completed within published SLA.
Confidential, Hickory, NC
SAP Security Lead
Environment: SAP ECC6.0,GRC 10, Windows 2003 and Unix.
Responsibilities:
- Handled the implementation of GRC Access Control 10 including the configuration of components (Access Request Management, Access Risk Analysis and Emergency Access Management) and automated monitoring of backend processes.
- Work with technical and business teams to design and implement the SAP security architecture and support the SAP Global Rollouts.
- Work with SOX Compliance team to create new controls for SOD’s within Virsa
- Work with business users to define and implement the SAP authorization/security architecture in a manner that responds to business needs and aligns with established processes & procedures designed to limit the risks associated with Segregation of Duties.
- Work with IT Managers, SOX 404, Governance to address and remediate SAP risks cases.
- Utilize ST01 and SU53tcodes to effectively analyze trace files and tracked missing authorizations for users, and inserted missing authorization.
- Extensive experience in User Management, Authorization Management, Role Management.
- Fully responsible for the technical design, development, testing, implementation, support, and documentation of Security roles and objects for European countries and Redesign for US.
- Worked closely with Internal Audit & External Audit teams during GRC 10 suit Implementation
- Assisted with design specifications and configuration by establishing role profiles using profile generator, PFCG.
- Created user ids for the technical and functional consultants and provided the required access in non-production and production systems.
- Maintained User Master Records by creating User Ids, assigning Roles, copying, and renaming, reset password using SU01.
- Mass User maintenance using SU10
- Processing User termination and Reactivation requests.
- Analyzing and troubleshooting Missing authorizations using SU53, ST01 and assign to the users.
- Worked and configured Central User Administration (CUA) for single point of access control.
- Maintaining the user accounts through CUA.
- Implementation of ECC and HR Security with Structural authorizations
- Expert in HR Position Based Security and Structural Authorizations
- Expert in implementation, support and governance of authorizations for all ECC modules
- Experienced in implementing SAP application security per Audit requirements
- Development of positive and negative test cases to user role testing
- Restricted table access using S TABU DIS.
- Locking and unlocking of users and user groups on specified systems.
- Used t-code SE16 and analyzed security tables such as AGR* and USR*.
- Tracing BI Authorizations.
- Creating Analysis authorizations.
- Securing INFOAREA folder to Users.
- Assigning Analysis authorizations to Users through RSU01.
- Assign Structural authorizations profile to User ID manually.
- Finding the Position number.
- Running RHRPROFL0 report on daily basis.
- Used GRC component Firefighter to create super user ids for emergency access and assigned them the FF roles depending on their job.
- Creating FF ID’s and assigning FF ID to Owner and controllers, and maintaining configuration table.
- Defining Background job for the log reports.
- Scheduling background jobs in RAR.
- Producing SOD Analytical Reports (both Summary and Detail) against Users, Roles and Profiles using GRC Compliance Calibrator.
- Configuration of common settings for GRC AC 10. (Connectors, Plug-ins etc).
- Risk identification, Build Rule sets, create controls and mitigate risks.
- Run risk analysis, analyze SOD’s and trouble shoot false positive issues.
- Schedule back ground jobs for management reports.
- Creation of MSMP work flow for all process id’s involved.
- Creation of Initiator, Routing, Agent and Notification rules using BRF+ framework.
- Creation of workflow paths based on custom conditions.
- Manage Single Sign-On for all SAP Systems and SAP Netweaver Portals.
- Monitoring RFC connections.
Confidential
Sap security Lead
Environment: ECC 6.0, Windows 2003 and Unix.
Responsibilities:
- Expert in implementation, support and governance of authorizations for all ECC modules.
- Experienced in implementing SAP application security per Audit requirements.
- Development of positive and negative test cases to user role testing.
- Involved in implementation of SAP R/3 including CUA configuration.
- Security Administration and creating users, creating roles, generating profiles, assigning roles, assigning authorization objects to roles .
- Created roles and generated profiles (single roles, parent roles, derived roles, composite roles) using PFCG.
- Extensive experience in User Management, Authorization Management, Role Management.
- Provided the Missing Authorizations after analyzing the SU53 dump.
- Running the system trace (ST01) for authorization checks.
- Experienced with troubleshooting the authorization problems using ST01 and SU53.
- Worked with Central User Administration (CUA) for single point of control to user and profiles.
- Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes as recommended by SAP best practices.
- Maintained the authorization checks in SU24 for the customized transaction codes.
- Creating and maintaining RFC destinations using SM59.
- Monitored and scheduled background Jobs.
- Worked with profile parameters and changed the RZ10 parameters.
- Worked with transportation of roles between Development, QA and Production R/3 systems.
- Applying SAP license via service market place and sLicense Transaction.
Confidential
Sap security consultant
Environment: ECC 6.0, Windows 2003 and Unix.
Responsibilities:
- Provided the Missing Authorizations after analyzing the SU53 dump.
- Running the system trace (ST01) for authorization checks.
- Experienced with troubleshooting the authorization problems using ST01 and SU53.
- Worked with Central User Administration (CUA) for single point of control to user and profiles.
- Security Administration and creating users, creating roles, generating profiles, assigning roles, assigning authorization objects to roles .
- Created roles and generated profiles (single roles, parent roles, derived roles, composite roles) using PFCG.
- Setting up and maintaining the operation modes.
- Maintained the authorization checks in SU24 for the customized transaction codes.
- Creating and maintaining RFC destinations using SM59.
- Monitored and scheduled background Jobs.
- Worked with profile parameters and changed the RZ10 parameters.
- Worked with transportation of roles between Development, QA and Production R/3 systems.
Confidential
Sap security consultant
Environment: ECC 6.0, Windows 2003 and Unix.
Responsibilities:
- Performing daily administrative activities such as system health checks.
- Analysing and troubleshooting of logs, dumps, cancelled jobs, failed updates and database related issues.
- Performed the SAP GUI Installation.
- Maintained User Master Records by creating User Ids, assigning Roles, copying, renaming, reset password, etc, using SU01. Mass User maintenance using SU10.
- Extensive experience in User Management, Authorization Management, Role Management.
- Analyzing and troubleshooting Missing authorizations using SU53, ST01 and assign to the users.
- Worked with Profile Generator (PFCG) in creating Roles, Profiles, CompositeRoles and Derived Roles.
- User administration like creating users, creating of mass users, locking and unlocking users, deleting users.