SUMMARY:

• Overall 7+ Administrator on SAP R/3 4.6, ECC 5.0 and ECC 6.0.
• Experienced in GRC Access years experience in IT industry and over 5+ years experience in SAP as SAP Security Control 4.0/5.1/5.2; Compliance Calibrator, Access Enforcer, and Firefighter.
• Upgraded GRC Access Control (Compliance Calibrator, Access Enforcer and Firefighter) from 4.0 to 5.2.
• Implemented Compliance Calibrator, creating function ID/Risk ID, Generating rule, analyzing SoD violations, Mitigation, Alert monitoring, reporting to management and correcting measures.
• Implemented Firefighter, creating Firefighter User, Designing and assigning FF roles, FF logs activities, critical operation alerts.
• Implemented Access Enforcer workflow, Initiator, Approvers, Provisioning with SoD Analysis, Created CC Risk/mitigation change workflow.
• Performed SAP Security related task and Implemented Security policies and procedures.
• Experience in SAP Security Maintenance (PFCG), maintained the roles for all the instance (DEV, QA, PRD and Training Environments) profiles in development and production systems.
• Provided support for User Maintenance, Roles/Profile Maintenance using Profile generator.
• Experienced in setting up Central User Administration (CUA) and maintenance.
• Experienced Netweaver Basic of User maintenance Thru User Management Engine (UME).
• Experienced in SAP Security related task such as Sarbanes Oxley (SOX) Compliance.
• Remediation of Segregation of Duties (SoD) within SAP implementation, VIRSA Systems VRAT tool, Profile Generator (PFCG), Role Creations and modifications, User Administration.
• Experience in working with Transports in transporting roles between DEV, QA and PRD R/3 systems and users.
• Excellent Presentation and Communication skills.

SKILLS:

Software:

Microsoft Office (Access, Excel, Word, PowerPoint)

SAP Architecture/Software/Methodologies:

R/3, 4.6C, 4.7, ECC 5.0, ECC 6.0, SAP BW 3.5, BI 7.0, Netweaver 2004s, Virsa/GRC (Compliance Calibrator, Access Enforcer, FireFighter 4.0, 5.2) CUA, SSO, Segregation of Duties (SoD).

PROFESSIONAL EXPERIENCE:

Confidential,AZ, April 2008 – Present
SAP Security Administrator

• Provided Knowledge transfer to ACCENTURE, due to outsourcing
• Provided training to the Business Users on SAP on daily basis
• Defined Risks according to Henkel Security Policy and made changes with approvals from Management/Key Users
• Coordinated with WesterEurope (Spain/Germany) on Authorization/Basis changes in SAP
• Supported Internal and External (KPMG) Audit
• Extensive work with Profile Generator , and trouble shooting users problems
• Extensive work with Management/Key Users and SAP Auth. Team to provide a better solution for modifications
• Supported Firefighter and created Roles according to Henkel Security Policy
• Supported Internal and External Audit
• Supported upgrade 4.6C to ECC 6.0 SAP
• Supported implementation of NSC

Confidential,CA, December 2007- April 2008
SAP Security Administrator

• Ensure Segregation of Duties (SoD) exist in the SAP systems using the GRC tools (Compliance Calibrator, FireFighter, and Access Enforcer).
• Involved in the upgrade of Compliance Calibrator /Access enforcer/Firefighter from 4.0 to 5.2.
• Migrate data from CC 4.0 to 5.2 and update rule sets.
• Helped in defining Risks and Rule set for the company.
• Created Org rule to eliminate false positive on organizational level.
• Schedule background job for time to time data synchronizations, Rule generation and Alert log generation.
• Created Mitigation controls and assigned it to users as part of company procedures.
• Provided solutions for company specific requirements.
• Understand the business process for company approval system and designed workflow accordingly.
• Risk analysis while approving request through Access Enforcer.
• Provided Access Enforcer Workflow for CC Risk, Mitigation changes.
• Configured Risk terminator for SoD analysis at a time of role creation (PFCG) in back end SAP system.
• Collaborated with Business Process Owners and Senior Management on mitigation/remediation of SoD conflicts.
• Define risks through Compliance Calibrator in Access Enforcer.
• Assigned FireFighter roles to users (Role bases FF reporting).
• Mapped FireFighter ID’s to owners and fire fighters.
• Defined and scheduled background jobs in Fire Fighter.
• Created Test data and tested GRC applications as a part of integration testing.
• Prepared training documents for end user and management.

Confidential,WA, August 2006 – November 2007
SAP Security Administrator

• Created users and maintained user master and established security policies and procedures.
• Extensively interacted with the FUNCTIONAL teams in the process of creation of roles matrices for SD, MM modules.
• Secured roles by COMPANY CODE, PLANT, COST CENTER, PROFIT CENTER and PURCHASING ORGANIZATIONS.
• Major responsibilities included reviewing of existing Security in SAP R/3.
• Transported roles within the clients.
• Designed various kinds or roles SINGLE, DERIVED, AND COMPOSITE using Profile Generator.
• Effectively analyzed trace files and tracked missing authorizations for users access and inserted missing authorizations.
• Constructed job roles in accordance with departmental standards.
• Reconciled users and profiles using Transaction code SUPC and PFUD.
• Protected security related TABLES using SE54.
• Tested structural construction of roles, assignment of authorizations to technical team users in the non-production clients.
• Performed segregation of duty analysis of existing and new roles.
• Extensively used Central User Administration (CUA) for distribution and management of users and roles.
• Remediation of Segregation of Duties SOD using VIRSA Compliance Calibrator.
• Worked with lead for SOD tools and security changes based on SOX violations at Transaction code and object level.
• Ran security reports for critical transactions, objects and for users who never logged on.
• Developing roles to end users, to secure queries, workbooks and Web Templates.
• Worked with FUNCTIONAL Team to define new transactions.
• Ensure that security authorization procedures are adhered to and that users do not receive authorizations that are outside of company guidelines.
• Created CATT scripts for mass users creations also used SU10.
• Maintained authorizations for Hierarchies.
• Worked on solving production support tickets by using RSECADMIN.
• Created new roles as for the requirements with the help of BI team.
• Developed and maintained SAP security roles and positions as requested.
• Involved in post live support.

Environment: Windows XP, SAP ECC 6.0, BW 3.5, BI 7.0, Virsa 5.2

Confidential,MN, April 2005 – July 2006
SAP Security Administrator

• Discussed security recommendation with management team.
• Created and modified SINGLE, COMPOSITE, and DERIVED roles.
• Extensive knowledge on troubleshooting security related problems SU53, and ST01.
• Created and maintained user master records.
• Performed SAP BW security activities related to authorizations issues or system trace.
• Created mass users using CATT script and SU10.
• Worked on SAP check indicator defaults and field values using transactions SU24 and maintained check indicators for Transaction code during testing.
• Identified SOD issues and redesigned roles.
• Transported roles using the change request method and also Download/Upload method for transporting the roles to systems not in landscape.
• Extensive knowledge of troubleshooting R/3 security problems using different scenarios such as (system trace, parameter change, user buffer reset, SU53).
• Studied the Organization structure, jobs, roles and SEGREGATION of DUTIES (SOD) matrix for security developed in SAP and handled SOD conflicts for SARBANES-OXLEY Compliance.
• Supported integration testing of roles/profiles.
• Performed USER ADMINISTATION activates such as setting up user logon ID’s and assigning and resetting passwords, locking and unlocking users.

Environment: SAP R/3 WINDOWS XP

Confidential,Indianapolis, IN, January 2004 – March 2005
SAP Security Administrator

• Analyzed and evaluated the technical security requirements for SAP R/3 Security.
• Reviewed and adjusted the validation process (add Transaction code, unlock users, assign roles, etc).
• Extensively worked with Profile Generator to create different types of roles.
• Used Profile Generator to effectively restrict user access to specific BUSINESS AREAS.
• Created cross application roles to segregate authorization for easier maintenance.
• Responsible for DAY to DAY technical support and resolution of security issues, trouble shooting R/3 security problems.
• Worked with FUNCTIONAL Team leads to define new transactions and updated roles for MM, PM, SD, FICO.
• Involved in identification of key controls, risks and SOD issues.
• Worked on SAP check indicator defaults and field values.
• Used SU24 and maintained check indicators for Transaction codes and activating and deactivating the Authorization Objects.
• Performed user maintenance task creation, deletion, lock down, activation, password management.
• Transported from DEVELOPMENT, to QA and to PRODUCTION.
• Troubleshot existing user roles, security objects and authorizations to resolve security conflicts.
• Resolved issues arising from testing using system level trace and dumps.
• Educated teams about how to test security profiles.

Environment: SAP R/3, WINDOWS XP

Confidential,IL, August 2002 – December 2003
SAP Security Administrator

• Worked with business managers in defining access requirements for end users, maintain role design and worked with Functional team members to set up end user roles.
• Identified and maintain secured transactions, manage and maintain access to DEV, QA and PRD.
• User support, resolved end user problems on day to day basis.
• Worked with the business managers in refining or changing SAP roles.
• User administration and password management.
• Created, modified and deleted users, roles and assigned required privileges.
• Transported profiles between clients within R/3 systems.
• Cleaned up roles and profiles not being used.
• Ran security reports for critical transactions and objects using SUIM.
• Used system trace to troubleshoot authorization issues.
• Performed post-upgrade security troubleshooting, modification and support.
• Generated profiles using PFCG and assigned to users.
• Used DERIVED roles for standard business processes for different ORGANIZATION VALUES.
• Fixed end user roles/profiles based on changes requested by role owners.
• Knowledge transfer to team members, providing ongoing security related support for all security milestones during different phases.
• Educated client personnel in R/3 security.
• User support, resolved end user problems on DAY to Day basis.

Environment: SAP R/3, WINDOWS NT

EDUCATION:
Bachelors of Sciences, International Business (Major), General Management (Minor), The Confidential,University Akron, OH, 2000