Profile:

• SAP Certified Netweaver Security Consultant with 7 years of experience in SAP Security and Authorization concepts.
• Experience in SAP ECC 6.0, 5.0 & R/3 4.7, 4.6C, BI 7.0, BW 3.X, APO/SCM 5.0, SRM 4.0 and CRM 4.0 as SAP Security Administrator.
• Strong security design and implementation experience with ECC, BI/BW, SRM, SCM/APO and Enterprise Portals.
• Experience in working with various SAP functional modules like MM, FI, CO, SD.
• Experience with SAP upgrades & troubleshooting, user & role management.
• Worked on Security roles in Web AS Java environment.
• Worked on Production Support for security issues.
• Hands-on experience and knowledge of Sarbanes-Oxley compliance (SOX), Segregation of Duties (SoD) within SAP implementation.
• Experience with GRC 5.1 tools.
• Worked with VIRSA systems Compliance Calibrator, Access Enforcer and Firefighter tools.
• Implemented Central User administration (CUA) in the landscape.
• Used Sap’s Profile Generator (PFCG) to create, generate and assign authorization profiles.
• Experience with ECATT & CATT scripts.
• Knowledge of Basis functions.
• Knowledge of Microsoft office suite (Word, Excel & PowerPoint)
• Experience in working under FDA regulated conditions for Pharma companies.

Certifications:
SAP Netweaver-SAP Security Certification.

Technical skills:
ERP: SAP ECC 6.0, 5.0, R/3 4.X, 3.X, BI 7.0, BW 3.X, CRM 4.0, SCM 5.0 & SRM 4.0

Other: Office XP (Word, Excel and MS Access)

Education:

Professional Experience:

Client: Confidential,NJ JULY 2009- DEC 2009

SAP Security Analyst

Responsibilities:

• Worked on the cleaning up of existing roles in accordance with the audit requirements.
• Reviewed the existing roles and identified the Segregation of Duties conflicts within the roles.
• Remediation of roles by removing the identified conflicts.

Environment:EP 7.0, ECC 6.0, BI 7.0 and APO/SCM 5.0

Client: Confidential,WI AUG 2008-JUNE 2009

SAP Security Analyst

Responsibilities:

• Worked on the eWarranty module implementation in SAP ECC 6.0 system.
• Extensively worked with business users in requirements gathering and designed roles to meet the business requirements.
• Designed and conducted security testing activities.
• Supported the Go-live activities and provided maintenance in the post go-live environment.
• Used ECATT scripts for loading user related data into the SAP system during go-live.
• Worked with Basis team in implementing the Central User Administration (CUA) system in the environment.
• Reorganized and redefined existing roles to meet audit requirements and remove Segregation of Duties issues.
• Worked with internal and external auditors in identifying audit related issues and provided solutions.
• Used GRC 5.1 Compliance Calibrator in identifying the SoD issues.
• Day to Day production support for security issues related to FI-GL, OTC, PTP, PME , and warranty areas in ECC 6.0 and BI 7.0

Environment: ECC 6.0, BI 7.0, Solman 4.0, GRC 5.1

Client: Confidential,NJ FEB 2008- JULY 2008

SAP Security Analyst

Responsibilities:

• Worked on the security role design and development for SCM 5.0 implementation.
• Worked with functional analysts in providing a technical solution to business requirements.
• SAP R/3 production support in all areas of security with modules like FI, MM, SD and BI 7.0
• Reviewed critical & sensitive authorizations, implemented improvements to meet audit requirements.
• Performed user management, role management and mapping using UME in portals.
• Designed Unit testing of the roles and resolved issues arising from testing.
• Used CUA to maintain users (creation, deletion, locking etc).
• Used ECATT scripts for user creations.
• Performed routine checks for security related issues and troubleshooting.
• Comprehensive knowledge exchange and documentation on different topics related to Security, Profile Generator (PFCG) and related functions.
• Provided detailed documentation of the standard operating procedures and related design & support documents.

Environment:EP 7.0, ECC 6.0, BI 7.0 and APO/SCM 5.0

Client: Confidential,CO JUNE 2007- JAN 2008

SAP Security Analyst

Responsibilities:

• Configured the GRC Compliance Calibrator and Access Enforcer 5.1 tool
• Worked with GRC- Access Control 5.1 and Compliance Calibrator 5.1 in providing access to end users and in identifying & dealing with Segregation of Duties (SoD) issues.
• SAP R/3 production support in all areas of security with modules like FI, MM, HR, SD, BW, SRM & Solution Manager.
• Experienced in the analysis authorization concepts of BI.
• Familiar with primary authorization objects provided by SAP for SAP BI security.
• Team member in a group of consultants that implemented and tested solution for SOD conflicts identified by Internal Audit partners.
• Worked with the functional area and IT team managers on validations of all SAP systems’ security requests.
• User administration for more than 18000 users.
• Creation of new roles in ECC and SRM systems as required by business.
• Familiarity with CATT scripts.
• Designed Unit testing of the roles and resolved issues arising from testing.
• Comprehensive knowledge exchange and documentation on different topics related to Security, Profile Generator (PFCG) and related functions.
• Provided detailed documentation of the work performed.

Environment:ECC 5.0, BI 7.0, BW3.5, SRM 4.0, Solman4.0, EP 6.0 and GRC 5.1

Client: Confidential,NJ JAN 2006- MAY 2007

SAP Security Analyst

Responsibilities:

• SAP R/3 production support in all areas of security with modules like FI, MM, HR, SD, BW, CRM and Solution Manager.
• Worked in collaboration with application managers to clean up the Security Roles to eliminate segregation of duties (SOD) conflicts.
• Worked with internal audit team in implementing proper security controls.
• Worked on role development for R/3, CRM & BW as per the business needs.
• Worked on procedures and applications of dual-maintenance of security changes.
• Built roles and created BW security strategy documentation.
• Used CUA to maintain users (creation, deletion, locking etc).
• Analyzed the existing business process for existing profiles and implemented the same in the current environment.
• Transported the generated roles and profiles using SAP transport management system.
• Maintained Authorization Periods for users for limited time use.

Environment:R/3 4.6C, BW3.5, CRM4.0, VIRSA tools.

Client: Confidential,OH JULY 2005- DEC 2005

SAP Security Analyst.

Responsibilities:

• Provided Security Support for SAP 4.6 C.
• Resolve all security-related issues in the post Go-Live environment.
• Worked closely with Audit team for user-role conflict removal.
• Supported audit for Sarbanes-Oxley (SOX) Compliance requirements and remediation of security roles for SoD conflicts.
• Created and modified single roles, composite roles and derived roles.
• Worked with process experts on Segregation of Duties (SoD) issues.
• Reviewed critical & sensitive authorizations, implemented improvements to meet audit requirements.
• Effectively analyzed trace files and tracked missed authorizations for user access problems.
• Used VIRSA’s VRAT tool extensively for analyzing SoD conflicts and T-code assignment to roles.
• Extensively used MS-Access and MS-Excel for creating user master reports.

Environment: R/3 4.6C, VIRSA Tools.

Client: Confidential,MA APR 2004- JUNE 2005

SAP Security Analyst

Responsibilities:

• Involved in the upgrade of SAP 4.6C to SAP 4.7 system..
• Gathered information for new SAP user accounts or changes to existing user accounts for all regions.
• Created users, roles and assigned required privileges for the database access.
• Analyzed manually created old profiles and compared them with newer roles.
• Generated authorizations using Profile Generator and assigned the roles to user master.
• Created users and maintained user master and established security policies and procedures.
• User master maintenance through Central user Administration (CUA).
• Used CATT scripts for mass user creation.
• Transported the generated roles and profiles using SAP transport management system.
• Worked on SAP Check Indicator defaults and field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.

Environment:R/3 4.6C, 4.7, VIRSA Tools.

Client: Confidential,MI JULY 2003- MAR 2004

SAP Security Analyst

Responsibilities:

• Provided support for SAP 4.6C systems.
• User administration for more than 15,000 users.
• Used Central User Administration (CUA) to handle and distribute users and profiles.
• Created roles using Automatic Profile Generator (PFCG).
• Created new roles as per Segregation of Duties (SoD) requirements.
• Supported users for the security issues in all functional modules.
• Created and maintained user authorizations, roles and profiles for SAP R/3, SAP BW.
• Created BW Reporting authorizations using RSSM transaction.
• Secured BW queries over Info Providers like Info Cubes, ODS objects and Info Objects.
• Used Transport Management System (TMS) for transporting of roles.
• Performed routine check for security related issues and trouble shooting.

Environment: R/3 4.6C, BW 3.1

Client: Confidential,PA OCT 2002- JUNE 2003

SAP Security Analyst.

Responsibilities:

• Involved in the implementation of SAP R/3 4.6C system.
• Worked with functional team leads to define new transactions.
• Analyzed all business roles and mapped them to transaction codes according to business processes.
• Analyzed all customer programs and transaction codes for authority checks.
• Worked with Business specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts.
• Ran security reports for critical transactions and objects and for users who never logged on.
• Continuously improved security configuration to reflect best practices and to prepare for system audits.

Environment: R/3 4.6C