Summary:

• SAP Sr Security consultant with 7 years of experience in SAP R/3, SD, MM, FICO HR, ECC6.0, XI, SRM, BI, and Portal Security.
• Involved in Complete security implementations, multiple enhancements and production support in ECC 6.0, ECC 5.0, SAP R/3 4.7, 4.6C lifecycles from Design phase to Post-implementation phase on different projects.
• Strong experience at designing security for SAP R/3 SD, MM, FI/CO, BW / BI, HR, SRM, XI/ PI, EP.
• Comprehensive experience at maintaining, formulating Security Policies and Procedures, User maintenance, Activity group/Role maintenance using profile generator.
• Day to day experience in user administration, activity groups/roles and authorization tasks.
• Extensive knowledge in SAP R/3 Security troubleshooting (SU53, ST01, SUIM, and Tables).
• Experience in user administration and role assignment in CUA (Central User Administration).
• Configuration of Central User Administration.
• Hands-on security upgrades using SU25 and Profile Generator (PFCG).
• Configured SSO between enterprise Portal and backend ABAP systems
• Supported Internal and External Security audits in the production systems.
• Experience at mass user creation and maintenance and using Computer Aided Test Tool (CATT) scripts.
• Extensively worked with Sarbanes-Oxley Compliance – Strategy management related to SAP business processes, transactions and Remediation of Segregation of Duties (SOD).
• Hands on experience in configuring Compliance Calibrator in GRC suite.
• Experience in working with Transports Management Systems (STMS) to transport roles and programs between SAP R/3 client systems in multi landscapes.
• Experience with structural authorizations in HR
• Experience with helpdesk, resolving ticket issues and troubleshooting support problems which include problems like role and authorizations, transport.
• Worked on Upgrade projects from R/3 4.6C to ECC 6.0 and BW 3.0 to BI 7.0 including upgrade & post-upgrade steps, assessment of authorizations and redesign.
• Secured reporting user access to ODS objects, Info Cubes, Info Objects, Reports in BI 7.0, BW 3.5.
• Provide timely response to all client requests including On-Call Support outside normal business hours
• Knowledge transfer to team members provided ongoing security related support for all security milestones during different phases.
• Very good in documentation of security policies and security parameters.
• Hand-on experience in designing roles’ blue print/matrix for ERP systems.
• Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.

Technical Skills:

• SAP Skills: SAP Security FI/CO/LO, SD, MM, BI, HR/HCM, SRM, PORTAL, VIRSA, GRC, ABAP
• SAP Version: SAP R/3 ECC 5, ECC 6, 4.7, 4.6C, 4.6B.
• Databases: Oracle 7.33/8i/10g2, SQL Server 7/2000
• Languages: PL/SQL, T-SQL, Perl, PHP
• Operating Systems: Linux, UNIX, Windows Server 2000, 2003.
• Applications: Win Runner, Load Runner, Lotus Notes, Microsoft Visio, Microsoft; Access, Word, Excel, Power Point, FrontPage, MS Project, MS Outlook.

Professional Experience:
Confidential,Houston, TX– January 2009- till date
SAP Security Administration

• Worked on Sap Portals 6.4, SRM 5.0, BI, HR/HCM and ECC 6.0(SD, MM, FI).
• Used Profile Generator for creation/ modifying single roles, composite roles and derived roles.
• Responsible to implement Role-based security administration, including design, testing and documentation.
• Created and maintained the new analysis authorizations to give access to the existing Info providers using transaction RSECADMIN.
• Assigned these new Analysis Authorizations to the BI roles using transaction PFCG.
• Involved in unit testing of these new roles along with the BI team members.
• Setting of HR security authorization objects for structural authorizations based on Info Type and allowed functions / activities.
• Creating and maintaining personnel master records using PA40
• Create Maintained Structural Authorization Profiles and assign the profiles to positions and User IDs as per the organizational structure.
• Worked on EBP user id administration via USERS_GEN and SU01
• Worked with HR auth objects like P_ORGIN, P_ORGINCON, P_ORGXX, P_ORGXXCON
• Limit a user’s access to information according to the structure of the organization plan.
• Worked on ESS (Employee Self Service) & MSS (Manager Self Service) security in HR.
• Profile Generator (PFCG) to create roles/profiles for various modules such as HR, SD, and MM.
• Worked on ESS user id administration via HRUSER and SU01.
• Worked on security tickets and satisfied the client by reducing the ticket volume to a manageable number in the remedy ticketing system
• Troubleshooting tickets on Remedy Tool for CRITICAL, URGENT, HIGH, MEDUIM & LOW
• Performing day-to-day administration duties including troubleshooting, problem analysis and resolution.
• Transport all the roles across the system including Development, Quality and Production systems.
• Interacted and discussed with all levels of users for defining and developing user roles
• Review critical and sensitive authorizations, implement improvements to meet audit requirements.
• Responsible for generating weekly or month SOX reports
• Transported the generated roles and profiles using SE09/SE10.
• Created/maintained IDs, profiles and authorizations.
• On call rotation 24/7.
• Worked on Ticketing, to resolve the Sap Security issues.

Confidential,Wilmington, DE, – January 2008- November 2008
SAP SRM Security Analyst

• Worked on Sap Portals 6.4, SRM 5.0, EBP, XI, BI, MDM and ECC6.0 Support.
• Independently developed security models with inputs from functional team and Business users.
• Designed, implemented and maintained security for all landscapes which include SAP SRM, XI.
• Complete overall support includes design and implementation for all Security needs on R3, BW, HR for all user ID admin and Role builds for SOX compliance.
• Created role to transaction matrix used for new role design for various modules.
• Independently developed security models with inputs from functional team and Business users.
• Responsible to implement Role-based security administration, including design, testing and documentation.
• Used Profile Generator for creation/ modifying single roles, composite roles and derived roles.
• Portal Security Worked on User administration and assigning portal groups to users.
• MDM Security worked with users to resolve access issues by assigning appropriate roles.
• Worked on EBP user id administration via USERS_GEN and SU01.
• Configured SSO between enterprise Portal and backend ABAP systems.
• Worked extensively on Authorization Groups (SE54/SUCU) and Customized Transaction Codes (SE93)
• Assigned these new Analysis Authorizations to the BI roles using transaction PFCG.
• Involved in unit testing of these new roles along with the BW team members.
• Created and maintained the new analysis authorizations to give access to the existing Info providers using transaction RSECADMIN.
• Performed the migration of reporting authorizations from BW 3.5 to BW 7.0 using program Rsec_Migration
• Review critical and sensitive authorizations, implement improvements to meet audit requirements.
• Troubleshoot security/authorization related problems using ST01, SUIM and SU53.
• Configuration of Central User Administration
• CUA Customization of transaction SU01 using Transaction SCUM.
• Using Transaction SCUL to view logs that are generated by child systems.
• Developed and Maintained the Roles and their assignment to users via CUA
• Strong Experience and knowledge of security procedures for client user administration and central user administration (CUA).
• Extensively performed User Master Reconciliation (PFUD and SUPC)
• Maintained check indicators for authorization objects in Transaction SU24.

Confidential,Santa Clara, CA – February 2007- December 2007
SAP Security Team Lead

• Worked on Sap Portals 6.4, BI, XI, SRM, ECC 6.0 and GRC.
• Designed, implemented and maintained security for all landscapes which include SAP ECC 6.0, SRM, BI and Portal.
• Independently developed security models with inputs from functional team and Business users.
• Worked with the Business Process Owners to restrict sensitive transactions and security authorizations, and ensured segregation of duties across business areas.

• Review critical and sensitive authorizations, implement improvements to meet audit requirements.
• Responsible for generating weekly or month SOX reports.
• Performed the migration of reporting authorizations from BW 3.5 to BW 7.0 using program Rsec_Migration.
• Created and maintained the new analysis authorizations to give access to the existing Info providers using transaction RSECADMIN
• Created new analysis authorizations for giving access to the existing hierarchies, info objects by replacing the old customized auth objects.
• Assigned these new Analysis Authorizations to the BW roles using transaction PFCG.
• Involved in unit testing of these new roles along with the BW team members.
• Created and maintained service users for different XI components like Integration repository, Integration Directory, Adapter Engine.
• Work with profile generator (PFCG) in creating roles, profiles, composite roles & derived roles.
• Developed matrix of Transactions to Roles for designing of roles. This matrix was used for adding/removing Transactions to roles.
• Experience in configuring Compliance Calibrator in GRC suite
• Worked with Compliance Calibrator to determine rule sets, actions and permissions according to client needs.
• Performed Risk Evaluation and suggested mitigating controls for some of the unsolved risks. Assignment of Roles and Profiles using Access Enforcer.
• Performance of Risk Level Analysis at Authorization Level, Transaction Level and User Level.
• Used Access Enforcer to create User Request and to maintain users in the system.
• Used Role Expert to redesign all the roles for the client.
• Perform UNIT testing on created roles.

• SU24 and maintained check indicators for Transaction codes.
• Reconciliation of Segregation of Duties (SOD) conflicts, to meet compliance with Sarbanes-Oxley requirements.

Confidential,Philadelphia,PA – June 2004- Feb 2007
SAP Security Consultant

• As a SAP Security and Controls Analyst working for the implementation project, performed administration activities such as setting up user login ID’s, assigning and resetting passwords, locking, unlocking users, designing Roles, Authorization Objects, Profile Generator, User Tracing and Troubleshooting
• Worked extensively with the ECC 6.0, HR, BI 7.0, and EP.
• Extensively involved in Re-designing the SAP Security for ECC (SD, MM, and FICO) system.
• Designed the Role based security for the Silicon users by knocking out Task based security
• Redesigned the roles and decreased the number of roles to 600 + from 1500+ roles
• Extensively worked with Profile Generator Tool (PFCG) to design the roles
• Involved in Complete full life cycle implementation of Redesigning the Security from requirements gathering to after Go-live support.
• Performed User Administration using Central user administration (CUA) to create and maintain all user master data across the multiple systems landscape
• Designed custom roles for end users, process and technical teams in the sandbox, development, quality, training and production environments for all SAP modules.
• Responsible for day to day technical support and resolution of security issues, trouble shooting R/3 security problems.
• Extensively worked with the SUIM tool everyday in the process of monitoring the system.
• Extensively worked with the ST01 tracing and analyzing the trace records for the user in the process of trouble shooting.
• Extensively worked with the P_ORGINCON and P_ORGXXCON objects in HR Roles.
• Extensively involved in Unit testing and Integration testing and coordinated all the testers.
• After go-live supported the roles by making some changes as per the business requirements.
• Set up security by INFOAREA, INFOCUBE, ODS, INFOOBJECT, QUERY and WORKBOOKS.
• Limiting the Query access within the BEx Analyzer.
• Implemented Info Object Security (field-level security) for Reporting Users and also created custom reporting authorization objects.
• Proficient in use BI Analyses Authorizations tools.
• Implemented security for BI power users and reporting end users by restricting them on plants, sales organizations and also created custom auth objects.
• Helping out the Basis team in locking and unlocking the users at the time of support packs.
• Supported around 4000 user’s production environment by monitoring system and resolving day to day issues.
• Involved in Blueprint and Redesign existing security roles to maintain SOX Compliance.
• Based on our company’s SOD Risk Matrix, all the roles have been done SOD checks at both role level and user level using Virsa Compliance Calibrator and also implemented mitigation controls.
• Used PCM (Production change Management) tool for transport creation in multiple systems to transport roles from Development to Production.

Education:

• Masters in Computer Applications.

Certifications:

• SAP Net weaver 04 Security Certification

Technical Trainings:

• SAP Authorization concept (ADM940) training at SAP India
• SAP Secure System Management (ADM 950) training at SAP India
• SAP BI User and Authorizations (BW365) training at SAP America