SUMMARY:

• SAP Security Lead Architect/ SME with over 17 years of experience in the IT including more than 15 years in architecting and implementing security within SAP with strong understanding of security best practices.
• Lead the end to end security migration process (developed, configured, testing, troubleshooting & support) from ECC 6 (EHP7) to S4Hana 1610.
• Five years of managerial experience in mid to large size organizations. Experienced in leading and managing individuals, implementations, mentoring team members.
• Experienced in estimating and managing project services on time, within budget in order to provide regular status reports to various levels of management.
• Worked with Big 4 Engagement teams from: PwC, KPMG, Accenture, E&Y, and Confidential & Touché.
• Extensive experience in full cycle security implementation experience right from the blue printing, gap analysis to customizations, testing, Go - Live & Post-Live production support, user training and documentations within various functional areas.
• Experienced in creating SAP security and GRC policies and standards, various improvements in the security model of an organization.
• Experience in implementing and configuring SAP S4/HANA 1610, ECC, R/3, SAP HR, SAP BI/BW, BPC, SAP BO, GTS, APO, SEM, SRM, CRM (WEB UI), SAP Fiori, IBP, SOLMAN, MDM, Portal & GRC 5.3 &10.1 SAP HANA, SAP IS-U SAP BPC, SAP PS.
• Developed roles and security for all modules of SAP such as HR, FICO, MM, P2P,APO, CRM (WEB UI), GD,SD, T&P, CS, AM, MH, PM, WM and BI etc.
• Implemented 4 end to end GRC Access control implementation. 2 GRC Access control 10.1 and 2 Access controls 10.0. 2 upgrades from Virsa and GRC 5.3 version. Including Fiori application
• Configured GRC Process control and Risk management 10.1 Pre and Post installation steps. Automated monitoring, manual testing and workflow configuration.
• Administer SOD/SOX/FDA tools like GRC modules & familiar with other 3rd party tools like Approva.
• Configured HANA security related to different application for two clients.
• Created Users, Roles, Privileges, Packages, Schemas as part of HANA Security and Development in Hana Studio. Involved in HANA Security including User Management, Roles, and Privilege.
• Configured BOBJ/BI on HANA for reporting users assign Analytic Privileges on Attributes, Analytic and Calculation Views and also implement row level security with AP like field from Attributes view, Field from Attribute View used in Analytic View, Private Dimension of Analytic View, Attribute field in Calculation View and with the Combinations of the all or Single value, range.
• Good understanding of Roles and authorization needed for SAP Hybris
• Extensively used SQL statements in SAP HANA Studio for user management and for roles.
• Created and configured CRM 7.0 Access Control Engine (ACE), Business Roles (Web UI), Technical Roles.
• Project Lead for Role re-designed based on the outcome of the GRC (ARM/RAR) and action usage reports.
• Extensive knowledge and experience in implementing BI/BW/BO/Cognos security on info /multiple cube level and creating Custom Reporting Authorization objects.
• Working knowledge in R/3 Basis, ABAP/4, Visual Basic, and SQL Server.
• Possesses good understanding of various business activities and processes.
• Strong technical, analytical, and interpersonal communication skills to provide quality service and proven results. Possesses good understanding of various businesses

TECHNICAL SKILLS:

ERP: SAP R/3(4.6C/4.6B/4.6B, 4.6C) ECC (6.0, 6.2, 7.0, 7.2), S4 HANA 1610, SAP HANA, Vertex, Click, Fiori

BW: BI.7.0 to 7.4/BW 3.0/3.5, BO, COG, SEM, EBP, SRM, SOLMAN, CRM 7,HANA, BPC

Portal: EP 5.0/7.0

Tools: GRC5.3, GRC AC 10/10.1(ARA, EAM, ARM &BRM), Process Control 10.1

Languages: C, C++, PL/SQL, Java 2.0 and VB

Databases: Oracle 7/8i/9i, SQL Server 6.0/7.0, HANA

Operating Systems: Windows NT/XP/98/2000/07, MAC

Web Tools: HTML, DHTML, VB Script, Java Script, Adobe Photoshop

Office Tools: Microsoft Access, Excel, Word, PowerPoint, Visio, MS Project, LDAP

PROFESSIONAL EXPERIENCE:

Lead Architect SAP S4 & HANA DB and GRC 10.1 Consultant

Confidential

• Lead the end to end security migration process (developed, configured, testing, troubleshooting & support) from ECC 6 (EHP7) to S4Hana 1610.
• Weekly updated & communicated the project team about the status of the project from Security side.
• Updated the entire Finance (FICO), Fashion, and Sales (SD) business role to new S4Core version.
• Implemented the strategy of creating /updating the existing business roles to new roles to transaction matrix which involved detail analysis of updating the SU24, SE93, PFCG and Security tables.
• Updated the existing business processes by replacing the obsolete transactions to new SAP S4 Hana version transaction after the approval from business process owners. IT manager and SOX team.
• Worked with ABAP developer for the unit and compatibility testing for all the custom tcodes with the new S4 Hana version.
• Design and build plan for unit testing of SAP standard and custom transaction codes.
• Attention and focused with SAP SNOTE 2227963, 2227963, 2270355, 2029012 for migration process.
• Updated the existing GRC 10.1 Ruleset (Functions) with the new transactions, objects and fields, field values and program to newer version to reflect the new and existing SODs analysis.
• Updated all the documentation related to SAP security and HANA.
• SAP HANA DBA Security with ECC for HANA Data Modelling Team.
• SAP HANA DBA Security with BI/BOBJ. Created roles for both BI and BOBJ running on HANA.
• Configured SSO with HANA DB by creating a single DB user and unable access for all users.
• Implemented HANA DBA audit Control SOD/SOX. Configured and implemented HANA Audit policy.
• Configured HANA Password policy per company network policy.
• Secured sensitive HR and Finance Data based on the requirement per each department.
• Created both Repository and Catalog roles by using SAP Web IDE and HANA Studio.
• Created Packages and Schema, Analytic privileges by using SAP Repository IDE.
• Used SAP Fiori for user provisioning into HANA System,
• Extensively used various HANA SQL commands for various procedures and queries.
• Transported Packages, Repository Roles etc with in Hana landscape by using delivery unit.
• Lead new Hana projects like IFP, OPTIX and S4Hana.
• Configured workflow by using BRF+ and MSMP in GRC for user provisioning.
• Configured and implemented User access review (UAR) in GRC 10
• Upgraded GRC system from 10 versions to 10.1 SP12.
• Remove/remediate all the SODs and critical access from roles and users.
• Customize SAP Fiori roles and updated and assigned to user per the department requirement.

Project Lead SAP Security and GRC

Confidential,CA

• Successfully completed and managed five projects and supervised four Security team administrators.
• Led the team that performed an initial need assessment and defined the functional requirement.
• Managed full end to end multiple project, execution strategy, process improvement activities and change management for GRC, ECC, BI, CRM 7 Security and audit and security compliance.
• Set individual/team goals aligned to SLA/service delivery obligations, client satisfaction, and quality compliance in a complex environment and landscape.
• Extensively used HANA Studio for the creation of Users, Roles, Privileges, Packages, Schemas as part of HANA Security and development in Hana Studio for different environment.
• Configured BOBJ/BI on HANA for reporting users assign Analytic Privileges on Attributes, Analytic and Calculation Views and also implement row level security with AP like Field from Attributes view, Field from Attribute View used in Analytic View, Private Dimension of Analytic View, Attribute field in Calculation View and with the Combinations of the all or Single value, range.
• Involved in the Installation & configuration of HANA Server, Creating Schema, Schedule Backup, Setup HANA roles, Installation of SLT, Configure connection SLT to HANA and SLT to ECC and BODS configuration. Involved in the configuration of SSO between HANA and BOBJ by using enterprise authentication
• Created and restricted Schemas (Tables) level restriction in object privileges.
• Extensively used SQL statements in SAP HANA Studio for user management and for roles.
• Created and build users and roles authorization matrix for Hana roles and privileges for different level of user groups and for different environment. Critical level of authorization segregated for each position and environment.
• Customize SAP Fiori roles and updated and assigned to user per the department requirement.
• Configured HANA security related to different application for Confidential project.
• In depth knowledge of all system related privileges in HANA.
• Hana roles created for developer, Modelling Team, Admin, Reporting, ETL, Basis, Architect and business users.
• Created and customized SAP Integrated Business Planning (IBP) backend and front end roles.
• Created roles for Demand planner Demand, General planner, Basic functions, Data access, Security Administrator and all application
• Created users In IBP as part of go live and support for Business users, Technical and Support.
• Upgraded and implemented end to end GRC (AC/PC/RM) 10.1.Strategies, architecture, design, build, testing, Training and implementation of Security functions customized workflow based on a solid understanding of all phases of the systems life cycle. Configured GRC 10.1 with HANA.
• Implemented all component of AC 10.1 (ARM, ARQ, EAM & BRM).Used extensively BRF+ flat rule and MSMP for workflows. Successfully Implemented Fiori application for GRC Web access.
• Customized NWBC Launchpad based on the client requirement. Customize custom fields for each request type, GRC roles, notification template and customize default EUP menu.
• Experience in BW/BI/BPC/BOBJ security by creating roles based on the info/multiple cube level.
• Created User and user groups and role configuration on folder level for different types in BOBJ.
• Used BPC admin tool to add users, add team, add task profile and add member access profile for all BPC .
• CRM 2007 Role redesign for both ECC 6.0 and CRM 7.0 both (WEBUI Business and PFCG role).
• Role redesign project for all the modules of SAP CO, AP, AR, MM,CS, HR, BI, PS, GM, SAP IS-U SAP BPC SAP PS Portal.

SAP HR Security Lead

Confidential,St Paul,MN

• Implemented E-requirement and on boarding component of SAP cloud based Success Factors application Blue printing, development, Testing, roles and group creation and assignment.
• CRM integration with success factor JAM integration.
• GRC 10 HCM customize rule set for ARA and full end to end implementation of GRC AC.
• ERM integration with HCM system. Created Firefighter ids for GRC 10 system for HR system.

SAP Security Project Lead

Confidential,San Diego,CA

• Lead the multiple projects to implement the GRC 10.1, CRM 7.0, HANA 1.0 and BI 7.3 Security.
• Strategies, architecture, design, build, testing and implementation of Security functions based on a solid understanding of all phases of the systems life cycle.
• Implemented all four component GRC AC 10.1 (ARM, ARQ, EAM and BRM).
• Implemented SOD/SOX tools like Governance Risk & Compliance (GRC) modules ARM
• Use extensively BRF+ flat rule for all MSMP workflows including Initiator and agent.
• Created and configured CRM 7.0 Web UI roles both Business Roles (Web UI), & PFCG for SAP IS-U.
• Created Business Role (Web UI) - Creating Role Configuration Keys, Transaction Launcher, Menu Navigator, and Logical Link for Transaction, Actors creation, Rules and Rights creation.
• Upgraded BW system from BW 3.5 to BI 7.0 and from 7.0 to 7.3.
• Experienced in BW/BOBJ/BI/BPC security by creating roles based on the info/multiple cube level and provides authorizations based on the org level values via Analysis Authorization (AA).
• Extensively used HANA Studio for the creation of Users, Roles, Privileges, Packages, Schemas as part of HANA Security and development in Hana Studio for different environment.
• Configured BOBJ/BI on HANA for reporting users assign Analytic Privileges on Attributes, Analytic and Calculation Views and also implement row level security with AP like Field from Attributes view, Field from Attribute View used in Analytic View, Private Dimension of Analytic View, Attribute field in Calculation View and with the Combinations of the all or Single value, range.
• Involved in the Installation & configuration of HANA Server, Creating Schema, Schedule Backup, Setup HANA roles, Installation of SLT, Configure connection SLT to HANA and SLT to ECC and BODS configuration.
• Involved in the configuration of SSO between HANA and BOBJ by using enterprise authentication
• Created and restricted Schemas (Tables) level restriction in object privileges.
• Extensively used SQL statements in SAP HANA Studio for user management and for roles.
• Created and build users and roles authorization matrix for Hana roles and privileges for different level of user groups and for different environment. Critical level of authorization segregated for each position and environment.
• Implemented Position Based Security by assigning Roles to Positions.
• Daily administration, support and trouble-shooting of security across the SAP Net weaver
• Design, Developed and configure Single, derived and composite role per company requirement.
• Troubleshoot authorization issues occur in prod. Documented day-to-day activities for future reference.

Lead SAP Security Consultant

Confidential,Minneapolis,MN

• Working as lead while managing all new projects, maintaining and improving existing security design in a timely and efficient manner. Organize and manage security tasks for on-going projects.
• Interact with off-shore and onsite support teams: Basis, development, application production support.
• Developed and maintained roles and performed user administration for all SAP system
• Experience with CRM 7.0 Web UI authorization concept. Created roles and security based on specific requirement by CRM team of Business Roles (Web UI), Technical Roles (ABAP).
• Proficient in use CRM security administration tools as ACE, Business Role, and Technical Roles.
• Configured SAP GRC 10 components ARM, ARQ, EAM. Used extensively MSMP workflow for all the workflows. Upgraded from GRC Virsa to GRC 10 version with all the new MSMP workflow but same Ruleset.
• Customized the NWBC Launchpad for Home suit page. Configured LDAP for user data source.
• Managed SOX Compliance Remediation tasks to comply with SOX/SOD/FDA requirements.
• Upgraded experiences from EHP4 to EHP5 by running SU25, SUIM & SE16tcode
• Design, developed and configure Single, derived and composite role per company requirement.
• Transport roles i.e. single and mass between clients on a particular system and across systems from development, Q/A, Regression via SOLMAN, SE03, SE10, SE09 & PFCG.
• Created and configured roles for SAP GTS on a multiple projects
• Troubleshooting /resolved issues by running SU53 and trace via ST01 and RSECADMIN
• Administrating /managing more than 15000 users in Prod, QA &Dev
• Extracted information from SAP tables like AGR DEFINE, AGR USERS, AGR TCODES, USR40, USR02, USGRP, USOBT C, TOBJT and SUIM tcode concerning users, roles & profiles
• Experience in BW/ BI/ BOBJ security by creating roles based on the info/multiple cube level and provides authorizations based on the org level values via Analysis Authorization (AA).
• Created roles and security for SAP BI Business Objects (BO) and configured access with in BO.

Senior SAP Security Admin

Confidential,Saint Louis,MO

• Creating and maintaining users on day to-day basis for the DEV, QA and Prod environment.
• Modification of roles to isolate sensitive transactions.
• Strategies, architecture, design, build, testing and implementation of Security functions based on a solid understanding of all phases of the systems life cycle.
• Daily administrator, support and trouble-shooting of security across the SAP Net weaver.
• Support day-to-day administration, user provisioning and segregation of duties tool (GRC)
• Assist in resolving segregation of duties conflicts identified in GRC 10 and assigning related mitigating controls.
• Design, Developed and configure Single, derived and composite role per company requirement.

SAP Lead Security Analyst

Confidential,Saint Louis,MO

• Lead the security team to implement the global security projects for all the modules.
• Creating and maintaining users on day to-day basis for the DEV, QA and Prod environment.
• Use Central User Administration (CUA) for distribution and management of users & roles.
• Assisted development team for setting up custom security for all modules of SAP such as HR, FICO, MH, APO, CRM (WEB UI), ELM, GD, T&P, CS, AM and BW.
• Using ITIM, centrally created/maintained users across the system. e.g. AD, MS Exchange, portal, CUA, etc
• Experience with CRM 7 Web UI authorization concept Business Roles (Web UI), Technical Roles.
• Creating and maintaining of SAP Roles and authorizations to assist role coordinators, Functional and business.
• Strong proficiency in the GRC, Compliance Calibrator, Access Enforcer and Firefighter.
• Extensive upgrade experience on ECC, BIW, BOBJ, CRM Security.
• Resolve request and incident tickets related to SAP roles & Authorization.
• Propose recommendations to SAP Project streams on ways to build security restrictions.
• Implemented Position Based Security by assigning Roles to Positions.
• Experience in BW/ BI security by creating roles and dummy transaction based on the info/multiple cube level and provided authorizations based on the queries.
• Experience in setting up PD authorizations. Maintenance of roles to positions using PFCG and PO13. Creating info type 0105 subtype 0001 for employees.
• Implemented security and developed custom roles for the process and technical teams in the SAN, QAS & PROD environments for all existing SAP modules (R3, BW, APO, SEM, SOLAM, & Portal).
• Created single roles, Composite roles, parent and derived roles as per company requirement.
• Generated Audit Information Systems (AIS) logs (SM19, SM20, SM18)
• Used CATT scripts and Microsoft Excel to create mass user accounts, assign user groups and roles.
• Extensively used tool PFUD and PFCG TIME DEPENDENCY for updating the profiles in the user master records.
• Transported roles i.e. single and mass between clients on a particular system and across systems.
• User Administration for more than 15,000 users. Documented day-to-day activities for future reference.

Sap Security Consultant

Confidential,Baltimore,MD

• Main responsibility included maintaining the security of DEV, Q/A & PROD systems by designing mechanisms and procedures for user account management.
• Created Roles and Authorization for the functional consultants including FI/CO, MM, SD, PP, and QM.
• CATT scripts were used for assigning roles to users on mass scale.
• Maintained security related tables like AGR USERS, AGR TCODES, USR02, and USR40.
• Maintained roles & profiles to meet audit requirements and departmental requirements.
• Experienced in BW security and created roles based on the info cube level and provided authorizations based on the queries and also custom reporting objects.

SAP Security Consultant

Confidential,Memphis,TN

• Responsible for keeping the Development, Quality Assurance, Production and Training SAP system environments secure by designing mechanisms and procedures for user administration.
• Developing, implementing and securing change management process -Assist Programmers/Analysts with identifying and designing security requirement for all interfaces, conversions, and enhancements.