SAP Security Expert
GRC 10 Configuration, SAP R/3 Security, BI & HR Security.
SAP Security & GRC Consultant
IBM India Pvt Ltd
From June 2012
Project - Estee Lauder Companies Inc
Project Description: ELC is an innovative company with worldwide reputation for elegance, luxury and superior quality of products. ELC has 15+ systems such as Sol Man for CUA, ECC, BI, HR, GRC etc., and the project is to support these systems.
• Effective Incident resolution meeting SLA, delivered technical solution in timely manner for issues related to user provisioning, R/3 authorizations, BI authorizations, Single sign on(SSO) and workflow activities.
• Actively involved in executing Change Orders for creation and modification of roles as required by business.
• Actively involved in Global roll out and Cutover activities. Supported UAT for role creation and user assignments, created Org Units, Reporting Structures, Assignment of Users to Positions using PPOME & PPOCE and updating the Fixed Asset table.
• Generated Weekly/Monthly reports such as Active, Inactive users, audit reports for Critical Transactions and Authorization Objects.
• Performed user administration on ECC, BI and SRM portal users and BOBJ Infoview.
• Supported Fixed assets, Quality Notification and SRM hierarchy workflow activities.
• Configuration and administration of Security Weaver for user provisioning. Effectively supported Global users, Point of Contact (POC), Approving Managers and role owners with new user/change authorization requests.
• Provided support to Mangers and Role owners in approving access request with SOD conflicts by suggesting mitigation controls.
• Identifying risks during role assignment to users, and while modifying roles. Mitigate the risks as per the BPOs decision.
• Creation of custom Functions, Risks and updating the Ruleset and creating mitigation controls
• Actively involved in the configuration of EAM. Creating and administrating FFIDs, Worked in Centralized FF and Managing FFID assignments.
• Creating Owners, Controllers and assigning them as Access Control Owners in the NWBC POWL.
• Scheduling back...
SAP Security & GRC Consultant
Pegasys Group of Companies
July 2011 - June 2012
Project: This project is to support In-house project for REPS, an Aerospace products distribution company.
• Interaction with Role and Business owners to gain approvals for assigning the specified roles to the users as per the business justification.
• Maintaining detailed documentation of the role and the detailed risk analysis and detailed change and approval documentation.
• Performing simulation process in Risk Analysis & Remediation to analyze the risks & conflicts at role level and user level for user/role creation/assignment.
• Customizing and creating Fire Fighter User, designing and assigning Fire Fighter roles, Fire Fighter logs activities, Critical operation Alerts and etc.
• Security Administration - creating users, creating roles, assigning profiles, assigning roles, assigning authorization objects to roles.
• Creation of Analysis authorizations in SAP BI system using RSECADMIN transaction code.
• Tracing of authorization issues in BI using SU53, ST01 and RSECADMIN Trace.
Indian Air Force
January 2009 - June 2011
• Security Administration and creating users, creating roles, assigning profiles, assigning roles, assigning authorization objects to roles across landscape.
• Analyzing and evaluating the technical security requirements for SAP R/3 Security.
• Extensively interacted with the functional teams in the process of creation of roles Matrix for FI/MM the modules.
• Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24).
• Extensively used Profile Generator (PFCG) to create single roles and derived roles/profiles for various modules such as FI and MM.
• Working with respective functional heads for SOD tools & security changes based on SOX violations at Tcode level & object level.
• Controlled the access of end users in the SAP system by assigning them appropriate authorization profiles based on SOD analysis.
Indian Air Force
January 2005 - December 2009
• IT Security Auditing, Advising on IT Procurement, Inventory management.
• System Administration: Installation, Configuration & Management of Windows, UNIX and LINUX Servers in TCP/IP domain environment.
• LAN/WAN: Planning, Configuring & Maintenance of Network Infrastructure (Routers, Switches, DSLAM, ADSL Modems and Firewall - Cisco PIX).
• Troubleshooting of OS (Win 9X, 2K, XP, 2003, Linux) and Hardware problems.
• Hardware/Software installations as well as installation of standard desktop settings as per PC Health Check (Icons, wall papers, screen savers, antivirus and update).
• Desktop Applications Support for Standard S/W packages, PC Hardware and Networking devices (Hub, Switches).
Qualifications & Certifications