Académique Documents
Professionnel Documents
Culture Documents
Summary of Qualifications Seven+ years' experience meeting SAP security needs of major
corporations. Known for exceptional technical proficiency and astute application of
Sarbanes-Oxley and other audit directives. Project management skills combine with
demonstrated ability to develop and implement technical solutions to meet critical business
needs. Outstanding leadership and interpersonal skills result in productive working
relationships and top performance among staff. Effective communicator able to translate
between technical and business units, making complex data easy to understand. Experienced
to handle full access to confidential company data. Proven track record with
R/3,BI 7.0, CRM 2007, SCM,SEM,APO
systemsFI, CO, HR, PP, MM, QM, PM
and
SD
modules. Well versed in automatic and manual profile generation as well as SOX
administration using GRC 5.3 RAR, CUP AND SPM tools.
Technical Summary :
- Overall Eight years of IT experience including SAP Network administration area
- Six and half years of experience in SAP technology as a Security Administrator.
- Three and half year experience of SAP Security Architecture role including 3+ Full
lifecycle implementation in SAP Security projects
- Three years Experience in SAP security production support. Worked with Project team
to provide 24X7 supports to troubleshoot security problems/issues ASAP.
- Worked extensively on SAP ECC 5.0 as well as SAP R/3 - 4.7, 4.6c, 4.5 versions.
- Develop and document security role/activity groups, processes, and procedures.
- Extensive experience on Automatic Profile Generator (PFCG)
- In depth two year experience of BW 3.0 - 3.5 and SEM 3.5 security administrations.
- Perform SOD check at Role/activity group level as well as user level using simulation
in production system in
GRC
5.3 RAR, CUP, SPM tools
.
1 / 13
- Business Information Warehouse v 3.0, 3.5 securities experience using Transaction codes
RSSM and PFCG. Develop security for RRMX and workbench administration.
- Implement and manage central user administration for large number of user population.
Used various CUA tool to manage and distribute changes. Analyze distribution Logs and
resolve any issues.
- Define, monitor, and enforce SAP security policies and authorizations. Enhance
current SAP security solutions as needed. Manage the user population through Central User
Administration
- Maintain Security Audit Log: Configuration, Analysis and Reorganization
- Extensively worked with Sarbanes-Oxley Compliance Teams - Strategy management
related to SAP business processes, transactions, control infrastructure, financial reporting
process. Sarbanes-Oxley Section 404, Remediation of Segregation of Duties (SOD) within SAP
R/3
- Preventative, mitigation and compensation controls to ensure the appropriate level of
protection and adherence to the goals of the overall SAP security strategy. Implementation
experience
of VIRSA Systems VRAT tool
- Developed Functions and critical transaction codes in VIRSA platform.
- Experience on working with various SAP tools like CATT Scripts, eCATT, Central User
Administration. Advanced knowledge of PD authorization and BW security.
- Respond to requests and generate SAP security reports based on management and
department needs. Excellent problem solving skills in a team environment with good
communication skills.
- Helped with basis administration duties: analyzing short dumps, database performance
analysis, trouble shooting using SAP Online Service System notes, corrections and transports
executions, client copy and system refreshes, analyzed system workload and Performance
tuning. Scheduled users' batch jobs using SM36/SM37, and setting up variants and remote
report printing.
Professional Experience
Durat
- Security strategies, procedures and solutions for PepsiCo specific ESM (Equipment
Services and Finance Management) business modules in different SAP components (ECC, BI,
CRM, SCM-ICH)
- Created new CRM 2007 Business Roles for PepsiCo's ESM business - upgrade from
2 / 13
existing PCUI to
WebUI framework (Business
Role dependent view configuration / CRMC_UI_PROFILE, Org Model / Unit positioning enhanced object assignment, Authorization Report Programs (CRMD_UI_ROLE_PREPARE,
CRMD_UI_ROLE_ASSIGN) Synced more than 400 SAP GUI (Backend) roles with Enterprise
Portal Roles assignments using
LDAPSync
for
idM (Identity Management) & SOX
implementation
- Worked on existing GRC 5.3 RAR, CUP, SPM tools for SoD Analysis, those meet SOX
and SAS70 requirements for ESFM business segment and checks for Role modification,
Authorization Change Management and User Mitigation
- Created various Functions in RAR tool (GRC 5.3-formerly Virsa)based on Work center,
Job, Organization Unit, Profit Center, Controlling Area and so on to automate SOD / SOX
compliance as a best Security practice and verified effectiveness with existing BizRight Rule
Book.
- Improved security at Authorization Object level based on Internal - External Audit
reports
- Created Fire Fighter Roles and Fire Fighter Ids for Super User Privilege Access
Management IDs
- Configured Access Enforcer with idM (Identity Management) to simulate SOD checks for
any new / existing user's request.
- Worked on Central User Administration for single point of control to user master,
profiles, and composite roles (mapping of Single roles in different Child Systems)
- Supported Cut-Over activities (24/7) for Phased Go-Live, including Mass User
Maintenance
- Trouble-shooting on various issues and worked on customizing Authorization objects,
Activities / values / authorization groups to resolve issues permanently per business
requirement.
- Created Derived / Child roles (from Master roles) based on the plant level security, and
the roles with only the display authorization and others with create and change authorizations.
- Created generic Authorization Groups for the replacement of generic full authorization
profiles.
- Secured HR / ESS application with Organizational Management and Structural Authoriza
tions
,
including InfoTypes, Subtypes and sensitive HR Tables and Travel Management Application
(Employee's sensitive data - banking / credit card, tax, payroll information)
- Implemented BI Security with management of Analysis Authorizations at
Characteristics, Key Figure, and Hierarchy Node Level using Transaction
RSECADMIN
3 / 13
- Created CRMCall Center Roles in ICWebClient and set up SSO with backend SAP
System
- Successfully composed 40 customized enterprise profiles in BSP Application including P
ortal iViews
and
WebDynPro
Applications in CRM PC-UI Framework and ACE Authorizations
Company: Confidential,
4 / 13
Company : Confidential
Client : Confidential, Dallas TX
Consultant
Jan 2007 through Mar 2007
5 / 13
- Developed role/activity group/activity groups from approved design using PFCG. Add
custom authorization objects for hierarchies used for reporting purpose
- Developed security role/activity group/activity groups for BW Queries and reports
Managed Hierarchies using RSSM and transport it to other systems
- Troubleshoot BW authorization issues using RSSM Trace and analyzing it for missing
objects and field values
- Developed security role/activity group/activity groups for HR system. Specially restrict
access for executive users and salaried users
- Used Virsa Fire Fighter tools to provide fire fighter IDs in Production environment for
developers. Keep track of the activities done by fire fighter IDs and provide reports to
management
- Extensively used Transport Management system to keep track of role/activity
group/activity group and profile transportation - between clients - from development system to
production system
- Used scripting tools like CATT and ECATT for mass user administration. Created CATT
scripts by recording transactions and use it to maintain mass number of users effectively within
reasonable time periods
- Troubleshoot SAP authorization error logs through transaction code SU53 and provide
solution based on it
- Use SAP Trace tool (ST03) to analyze existing authorizations and determine authorization
objects to resolve complex authorization problems
Company : Confidential
Security Consultant
6 / 13
- Used Virsa tools to remove conflicting transaction codes in user master record
- Extensively used Transport Management system to keep track of role/activity group and
profile transportation - between clients - from development system to production system
- Developed security role/activity groups for HR system. Specially restrict access for
executive users and salaried users
- Design security for sensitive payroll information and other employee data
- Worked with SOX manager to identify existing SOD in production system and remove or
mitigate them.
- Analyze financial system and identified the most sensitive transaction codes in production
system and put under SOD matrices .Run reports based on sensitive Tcode to identify users
having access to sensitive financial data
- Used VIRSA Tool to check SOD at role/activity group level as well as User level using
simulation tool. Provide VIRSA Firefighter IDs to system administrators in production system.
Company : Confidential
Client : Confidential, MADISON, WI
Consultant
: Feb 2006 through July 2006
7 / 13
- Used Virsa tools to remove conflicting transaction codes in user master record
- Extensively used Transport Management system to keep track of role/activity group and
profile transportation - between clients - from development system to production system
- Developed security role/activity groups for HR system. Specially restrict access for
executive users and salaried users
- Design security for sensitive payroll information and other employee data
- Lead the project to analyze and remove the sensitive transaction codes from mass users
to avoid SOX audit failure
- Successfully identified the most sensitive transaction codes in production system and put
under SOD matrices
- Define Functions and critical transaction codes in VIRSA tool. Used VIRSA Tool to check
SOD at role/activity group level as well as User level using simulation tool.
- Provide knowledge transfer to other team members. Created documentation for team
references.
-
Company : Confidential
Client : Confidential, Troy, MI.
Consultant
June 2005 through Feb 2006
8 / 13
Company : Confidential
consultant
To JUNE 2005
Client : Confidential, WI
9 / 13
- Working closely with the Audit team for user-role/activity group conflict removal in SAP
R/3 and SAP BW
- Supported audit team for generating audit reports
- Worked with process experts and Head of Departments for SOD conflicts and assigned
appropriate role/activity groups to the users
- Effectively analyzed trace files (ST01) and tracked missed authorizations for users access
problems and handling the missing authorizations manually
Company : Confidential
Client : Confidential, IOWA
Consultant (Upgrade Project)
10 / 13
- Continuous monitoring via CCMS of SAP Systems performance SAP system performance
tune
- Work with ABAP programmer/Functional Consultant to program tuning Change
Management through CTS (STMS)
Company : Confidential
Client : Confidential. Dundee, MI
Administrator
n : August 2003 through March' 2004
11 / 13
Company : Confidential
Client : Confidential. Chicago, IL
Administrator (L3 Support)
Company : Confidential
Administrator
2002 through Oct 2002
Client : Confidential, MO
12 / 13
and assigned to activity groups. Activity groups are assigned to user master.
- Used Derived activity groups to create new activity groups and to transfer transaction
codes from old ones to new ones.
- Effectively analyzed trace files and tracked missed authorizations for user's access
problems and inserted missing authorizations manually.
- Transported the generated role/activity groups and profiles using SAP Transport
Management System.
- Created users and maintained user master and established security policies and
procedures.
- Cleaning up of role/activity groups and profiles not being used.
- Knowledge transfer to team members, provided ongoing security related support for all
security milestones during different phases
- Worked on SAP Check Indicator Defaults and Field values, reduced the scope of
Authorization checks using transaction SU24 and maintained check indicators for Transaction
codes.
- Educated client personnel in R/3 Security and general Basis knowledge.
Technical Qualifications
-
Education
13 / 13