Sap Project Security Consultant Resume Troy Mi

SAP Project Security Consultant Resume Troy, MI
Tweet (function() { var s = document.createElement('SCRIPT'), s1 =

document.getElementsByTagName('SCRIPT')[0]; s.type = 'text/javascript'; s.async = true;
s.src = 'http://widgets.digg.com/buttons.js'; s1.parentNode.insertBefore(s, s1); })();
SAP Security Consultant
Summary of Qualifications Seven+ years' experience meeting SAP security needs of major
corporations. Known for exceptional technical proficiency and astute application of
Sarbanes-Oxley and other audit directives. Project management skills combine with
demonstrated ability to develop and implement technical solutions to meet critical business
needs. Outstanding leadership and interpersonal skills result in productive working
relationships and top performance among staff. Effective communicator able to translate
between technical and business units, making complex data easy to understand. Experienced
to handle full access to confidential company data. Proven track record with
R/3,BI 7.0, CRM 2007, SCM,SEM,APO
systemsFI, CO, HR, PP, MM, QM, PM
and
SD
modules. Well versed in automatic and manual profile generation as well as SOX
administration using GRC 5.3 RAR, CUP AND SPM tools.
Technical Summary :
- Overall Eight years of IT experience including SAP Network administration area
- Six and half years of experience in SAP technology as a Security Administrator.
- Three and half year experience of SAP Security Architecture role including 3+ Full
lifecycle implementation in SAP Security projects
- Three years Experience in SAP security production support. Worked with Project team
to provide 24X7 supports to troubleshoot security problems/issues ASAP.
- Worked extensively on SAP ECC 5.0 as well as SAP R/3 - 4.7, 4.6c, 4.5 versions.
- Develop and document security role/activity groups, processes, and procedures.
- Extensive experience on Automatic Profile Generator (PFCG)
- In depth two year experience of BW 3.0 - 3.5 and SEM 3.5 security administrations.
- Perform SOD check at Role/activity group level as well as user level using simulation
in production system in
GRC
5.3 RAR, CUP, SPM tools
.
1 / 13
- Business Information Warehouse v 3.0, 3.5 securities experience using Transaction codes
RSSM and PFCG. Develop security for RRMX and workbench administration.
- Implement and manage central user administration for large number of user population.
Used various CUA tool to manage and distribute changes. Analyze distribution Logs and
resolve any issues.
- Define, monitor, and enforce SAP security policies and authorizations. Enhance
current SAP security solutions as needed. Manage the user population through Central User
Administration
- Maintain Security Audit Log: Configuration, Analysis and Reorganization
- Extensively worked with Sarbanes-Oxley Compliance Teams - Strategy management
related to SAP business processes, transactions, control infrastructure, financial reporting
process. Sarbanes-Oxley Section 404, Remediation of Segregation of Duties (SOD) within SAP
R/3
- Preventative, mitigation and compensation controls to ensure the appropriate level of
protection and adherence to the goals of the overall SAP security strategy. Implementation
experience
of VIRSA Systems VRAT tool
- Developed Functions and critical transaction codes in VIRSA platform.
- Experience on working with various SAP tools like CATT Scripts, eCATT, Central User
Administration. Advanced knowledge of PD authorization and BW security.
- Respond to requests and generate SAP security reports based on management and
department needs. Excellent problem solving skills in a team environment with good
communication skills.
- Helped with basis administration duties: analyzing short dumps, database performance
analysis, trouble shooting using SAP Online Service System notes, corrections and transports
executions, client copy and system refreshes, analyzed system workload and Performance
tuning. Scheduled users' batch jobs using SM36/SM37, and setting up variants and remote
report printing.
Professional Experience
Company : Confidential, Client : Confidential

Security Consultant
ion :
August 2008 till Present.
CHICAGO, IL. Title : SAP Project
Durat
- Security strategies, procedures and solutions for PepsiCo specific ESM (Equipment
Services and Finance Management) business modules in different SAP components (ECC, BI,
CRM, SCM-ICH)
- Created new CRM 2007 Business Roles for PepsiCo's ESM business - upgrade from
2 / 13
existing PCUI to
WebUI framework (Business
Role dependent view configuration / CRMC_UI_PROFILE, Org Model / Unit positioning enhanced object assignment, Authorization Report Programs (CRMD_UI_ROLE_PREPARE,
CRMD_UI_ROLE_ASSIGN) Synced more than 400 SAP GUI (Backend) roles with Enterprise
Portal Roles assignments using
LDAPSync
for
idM (Identity Management) & SOX
implementation
- Worked on existing GRC 5.3 RAR, CUP, SPM tools for SoD Analysis, those meet SOX
and SAS70 requirements for ESFM business segment and checks for Role modification,
Authorization Change Management and User Mitigation
- Created various Functions in RAR tool (GRC 5.3-formerly Virsa)based on Work center,
Job, Organization Unit, Profit Center, Controlling Area and so on to automate SOD / SOX
compliance as a best Security practice and verified effectiveness with existing BizRight Rule
Book.
- Improved security at Authorization Object level based on Internal - External Audit
reports
- Created Fire Fighter Roles and Fire Fighter Ids for Super User Privilege Access
Management IDs
- Configured Access Enforcer with idM (Identity Management) to simulate SOD checks for
any new / existing user's request.
- Worked on Central User Administration for single point of control to user master,
profiles, and composite roles (mapping of Single roles in different Child Systems)
- Supported Cut-Over activities (24/7) for Phased Go-Live, including Mass User
Maintenance
- Trouble-shooting on various issues and worked on customizing Authorization objects,
Activities / values / authorization groups to resolve issues permanently per business
requirement.
- Created Derived / Child roles (from Master roles) based on the plant level security, and
the roles with only the display authorization and others with create and change authorizations.
- Created generic Authorization Groups for the replacement of generic full authorization
profiles.
- Secured HR / ESS application with Organizational Management and Structural Authoriza
tions
,
including InfoTypes, Subtypes and sensitive HR Tables and Travel Management Application
(Employee's sensitive data - banking / credit card, tax, payroll information)
- Implemented BI Security with management of Analysis Authorizations at
Characteristics, Key Figure, and Hierarchy Node Level using Transaction
RSECADMIN
3 / 13
- Created CRMCall Center Roles in ICWebClient and set up SSO with backend SAP
System
- Successfully composed 40 customized enterprise profiles in BSP Application including P
ortal iViews
and
WebDynPro
Applications in CRM PC-UI Framework and ACE Authorizations
Company: Confidential,
Client : Confidential, Troy, MI.
Title : SAP Project Security Consultant
Duration : August 2007 - August 2008.
- SAP 4.6C - Divestiture Project Security Administrator

- Redesign SAP security design for R3 4.6C and BW with version 3.5
- STRUCTURAL AUTHORIZATION Implementation in SAP HR 4.6C system
- Two cycles of security implementation in three phase design
- Design structural authorization profile for each divested entity to segregate access for HR
employees
- Design security role/activity group/activity groups for each module with thorough
discussion with business process owners
- Developed security role/activity group/ activity groups for HR system. Specially restrict
access for executive users and salaried users
- Developed Base role/activity groups for FI, CO, MM, PP and OTC modules
- Derived role/activity groups from base role/activity groups for three level of organization
structures using PFCG
- Used CATT script to derive more than 1000 role/activity groups and assign role/activity
groups to more than 5000 users
- Analyzed each role/activity groups through SOD testing using SAP GRC tool- Virsa tool
- Extensively used Transport Management system to keep track of role/activity
group/activity groups and profile transportation - between clients - from development system to
production system
- Developed security role/activity group/activity groups for BW Queries and reports
- Discuss and analyzed thoroughly with BW configuration team members and identified
Info-objects as authorization relevant
- Developed multi-level security design with maintained hierarchies and custom
authorization objects using BW authorizations
- Managed Hierarchies using RSSM and transport it to other systems
- Troubleshoot BW authorization issues using RSSM Trace and analyzing it for missing
objects and field values
- Design security for sensitive payroll information and other employee data
- Design security role/activity group/activity groups for ESS / MSS functionality
4 / 13
- Assisted in SAP daily system monitoring, Analyzing Database checks, Transport

Management System and Spool Management
Company : Confidential Client : Confidential, Richmond VA

Security Consultant
uration :
April 2007 through July 2007
Title : SAP Project
- SAP ECC 5.0 and BW 3.5 Security Administrator

- Full cycles of security implementation in SAP ECC 5.0 security design
- Developed role/activity group/activity groups from approved design using PFCG. Design
role/activity group/activity groups based on the business requirements for different module
users
Managed Hierarchies using RSSM and transport it to other systems
- Analyzed each role/activity group/activity groups through SOD testing using VIRSA tool
- Used Virsa tools to remove conflicting transaction codes in user master record and
provide remediation to allow access for critical authorizations
group/activity group and profile transportation - between clients - from development system to
production system
Company : Confidential
Client : Confidential, Dallas TX
Consultant
Jan 2007 through Mar 2007
Title : SAP Security

Duration :
- Provide technical and procedural expertise in security environment maintenance

- Worked as an SAP security team member to provide production system support at
client site
- SAP ECC 5.0 Security administration. Worked with Security team to maintain SAP User
IDs, profile, and Fire Fighter IDs
- Design and develop security role/activity group/activity groups and profiles using profile
generator.
- Discuss and analyzed on going security problems at client side Provide solutions to
existing issues and suggestions to avoid future problems
- Design security role/activity group/activity groups for each functionality in R/3 system with
thorough discussion with business process owners
5 / 13
- Developed role/activity group/activity groups from approved design using PFCG. Add
custom authorization objects for hierarchies used for reporting purpose
- Developed security role/activity group/activity groups for HR system. Specially restrict
access for executive users and salaried users
- Used Virsa Fire Fighter tools to provide fire fighter IDs in Production environment for
developers. Keep track of the activities done by fire fighter IDs and provide reports to
management
group/activity group and profile transportation - between clients - from development system to
production system
- Used scripting tools like CATT and ECATT for mass user administration. Created CATT
scripts by recording transactions and use it to maintain mass number of users effectively within
reasonable time periods
- Troubleshoot SAP authorization error logs through transaction code SU53 and provide
solution based on it
- Use SAP Trace tool (ST03) to analyze existing authorizations and determine authorization
objects to resolve complex authorization problems
Security Consultant
Client : Confidential, ELMHURST, IL
ration : July 2006 through Dec 2006
Title : SAP portal

Du
- Provide technical and procedural expertise in HR security implementation

- Designed BW security with version 3.5 For capital planning functionality
- SAP ECC 5.0 Security administration. Worked with Security team to maintain Portal
security environment.
- Full cycles of security implementation in BW security design
- Discuss and analyzed thoroughly with SEM configuration team members and identified
- Design security role/activity group/activity groups for each functionality in BW system with
thorough discussion with business process owners
- Developed role/activity group/activity groups from approved design using PFCG
- Analyzed each role/activity group/activity groups through SOD testing using VIRSA tool
6 / 13
- Used Virsa tools to remove conflicting transaction codes in user master record
- Extensively used Transport Management system to keep track of role/activity group and
profile transportation - between clients - from development system to production system
- Developed security role/activity groups for HR system. Specially restrict access for
executive users and salaried users
- Worked with SOX manager to identify existing SOD in production system and remove or
mitigate them.
- Analyze financial system and identified the most sensitive transaction codes in production
system and put under SOD matrices .Run reports based on sensitive Tcode to identify users
having access to sensitive financial data
- Used VIRSA Tool to check SOD at role/activity group level as well as User level using
simulation tool. Provide VIRSA Firefighter IDs to system administrators in production system.
Client : Confidential, MADISON, WI
Consultant
: Feb 2006 through July 2006
Title : SAP BW Security

Duration
- SAP 4.6C and BW 3.5 Security Administrator

- Designed and administer BW security with version 3.5
- Full cycles of security implementation in BW security design. Manage the project as team
lead for BW Security implementation.
- Extensively used Automatic Profile Generator (PFCG) to create Activity groups/profiles for
various modules such as FI/CO, MM and SD.
- Configured Profile Generator and transported settings to all clients, setup security for the
developers
- Created users and maintained user master and established security policies and
procedures and assigned required privileges for the database access.
- Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
- Transported profiles between clients within R/3 system and between R/3 systems.
- Performed transports and mass transports of role/activity groups.
- Worked on SAP Check Indicator Defaults and Field values, reduced the scope of
Authorization checks using transaction SU24 and maintained check indicators for Transaction
codes
- User maintenance SU01 (User creation / deletion / lockdown / activation / Password
management).
- Used Derived activity groups to create new activity groups and to transfer transaction
codes from old ones to new ones with the help of functional heads
- Tracing missed files and authorizations for user's access problems and inserted missing
authorizations manually
- Analyzed each role/activity groups through SOD testing using VIRSA tool
7 / 13
- Used Virsa tools to remove conflicting transaction codes in user master record
- Lead the project to analyze and remove the sensitive transaction codes from mass users
to avoid SOX audit failure
- Successfully identified the most sensitive transaction codes in production system and put
under SOD matrices
- Define Functions and critical transaction codes in VIRSA tool. Used VIRSA Tool to check
SOD at role/activity group level as well as User level using simulation tool.
- Provide knowledge transfer to other team members. Created documentation for team
references.
-
Client : Confidential, Troy, MI.
Consultant
June 2005 through Feb 2006
Title : SAP Project Security

Duration :
- SAP 4.6C - L3 and L2 Security Administrator

- Lead Security team for daily support and enhancement during multiple releases - FI,
CO, MM, SD, BW, HR security development
- Managed BW security with version 3.5
- Two cycles of security implementation in three phase design
- Design security role/activity groups for each module with thorough discussion with
business process owners
- Developed Base role/activity groups for FI, CO, MM, PP and OTC modules
- Derived role/activity groups from base role/activity groups for three level of organization
structures using PFCG
- Used CATT script to derive more than 1000 role/activity groups and assign role/activity
groups to more than 5000 users
- Analyzed each role/activity groups through SOD testing
- Used custom tools to remove conflicting transaction codes in user master record
- Developed security role/activity groups for BW Queries and reports
- Discuss and analyzed thoroughly with BW configuration team members and identified
- Developed multi-level security design with maintained hierarchies and custom
authorization objects using
- Managed Hierarchies using RSSM and transport it to other systems
8 / 13

- Design security role/activity groups for ESS / MSS functionality
- Provide ESS/MSS access to all 16000 users through out the system using portal access
and LDAP integration
- Lead the project to analyze and remove the sensitive transaction codes from mass users
to avoid SOX audit failure
- Successfully identified the most sensitive transaction codes in production system and put
under SOD matrices
- Assisted in SAP daily system monitoring, Analyzing Database checks, Transport
Management System and Spool Management
consultant
To JUNE 2005
Client : Confidential, WI
Title : SAP security SOX

Duration : SEP 2004
- SAP 4.7 - Security Administration and SOX consultant

- Managed BW security with version 3.1
- Worked with technical team to analyze and insert authorization checks in existing ABAP
codes. Add external level of checks by inserting authorization check statements.
- Worked with user exits to improve authorizations for tables and data dictionary objects.
- Implement Central User Administration Environment. Define characteristics as local or
globally manageable.
- Distribute changes among all uses in all systems. Get log of distribution and resolve any
issues.
- Work with profile generator (PFCG) in creating role/activity groups, profiles, composite
role/activity groups, derived role/activity groups, and global role/activity groups
- Perform Unit testing on created role/activity groups
codes from old ones to new ones
- Transported the generated role/activity groups and profiles using SAP transport
management system (TMS)
- User Administration. Creating new users and maintaining users on day to-day basis User
master maintenance through Central User Administration
- Used CATT script for mass user creation
- Helped the Audit team to assess the Organization structure, jobs, role/activity groups and
the SOD matrix for the Security developed in SAP and handled SOD conflicts for Sarbanes
Oxley Compliance accordingly
- Used Virsa tool for handling SOD conflicts.
- Used extensively in-house developed tools and SAP tools for analyzing SOD conflict,
T-code assignment to role/activity groups and role/activity groups assignments to users
9 / 13
- Working closely with the Audit team for user-role/activity group conflict removal in SAP
R/3 and SAP BW
- Supported audit team for generating audit reports
- Worked with process experts and Head of Departments for SOD conflicts and assigned
appropriate role/activity groups to the users
- Effectively analyzed trace files (ST01) and tracked missed authorizations for users access
problems and handling the missing authorizations manually
Client : Confidential, IOWA
Consultant (Upgrade Project)
Duration : March 2004 Through Sep 2004

- Up gradation Project security administrator
- Upgraded the role/activity groups from 4.5B to 4.7
- Providing SAP R/3 Security Support for SAP R/3 4.7
- Worked on BW version 3.0 and configure security settings for reports and queries
generation
- Generated role/activity group matrices
- Creating end user role/activity groups as per the Organizational structure
- Created and modified Single role/activity groups, Composite role/activity groups and
Derived role/activity groups using automatic profile generator
- Worked as liaison member between R/3 Development team, Users and Audit Team
- Supported users at different levels for the security issues in all functional modules
- Analyzed Business scope, user role/activity groups and developed user / role/activity
group matrix for the better understanding of Security authorization plan
- Conducted a detailed study for SAP Security methodology for Security implementation in
Head office and Plant
- Developed the Business workflow and Organization chart for the project
- User Administration, creating user id and assigning role/activity groups
- Worked with process experts on Segregation of Duties (SOD) issues.
- Revamped existing activity groups to make them compliant with SOD
- Created new activity groups as per Segregation of Duties requirements
- Developed procedure manual for the Security of the system, database, user
authorizations, backup and recovery
- Extensively used Ms-Access and Ms-Excel for creating role/activity group matrix and
Ms-PowerPoint for presentations to the users.
- Conversant with all security related tables in SAP
- Worked closely with Audit team for SAP Security Audit and generated Audit Information
Systems logs
- Created transports for mass transports of role/activity groups
- Troubleshoot security related problems
- Provide SAP Basis Support for SAP systems
10 / 13
- Continuous monitoring via CCMS of SAP Systems performance SAP system performance
tune
- Work with ABAP programmer/Functional Consultant to program tuning Change
Management through CTS (STMS)
Client : Confidential. Dundee, MI
Administrator
n : August 2003 through March' 2004

Duratio
- SAP 4.6C - Security Role/activity groups and profiles Administration

- Supported Internal and External security audits in the production system every month.
- Work with Business specialists to help them understand where SAP authorization objects
are conflicting and suggest the options for mitigating the conflicts
- Execute security reports for critical transactions and objects, and monitor the user logs
- Secured role/activity groups by Company Code, Plant, Cost Center, Profit Center, and
Purchasing Organization, etc.
- Analyzed all customer programs and transaction codes for authority checks.
- Analyzed all business role/activity groups and mapped them to transaction codes
according to business processes.
Authorization checks using transaction and maintained check indicators for Transaction codes.
- Continuously improve security configuration to reflect best practices and to prepare for
system audits.
developers.
- User maintenance (User creation / deletion / lock / unlock / activation / Password
management). Used CATT scripts for mass users and assigning Activity groups.
- Worked on user administration in Development, Quality, Training and Production
instances. Provided developers key and reset the passwords.
codes from old ones to new ones.
- Performed trouble shooting on R/3 security problems by using system traces.
- Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of
significant Processes and controls.
- Performed Client copies/deletes in Sandbox, Development and Training.
- Worked with functional team leads to define the new transactions.
- Established security testing procedures and tools
- Documented the procedure for all SAP tasks and controls.
- Helped the testing team on testing security profiles.
- R/3 basis administration in analyzing short dumps; database performance analysis, setting
up the profile generator for user role/activity groups
- Maintained and configured Correction and Transport System
11 / 13
- Knowledge transfer on SAP R/3 security environment
Client : Confidential. Chicago, IL
Administrator (L3 Support)
Duration : Nov 2002 through August 2003

- SAP 4.6B - Security level3 Administration
- Extensively used Automatic Profile Generator (PFCG) to create Activity groups/profiles for
various modules such as FI/CO, MM and SD.
developers
procedures and assigned required privileges for the database access.
- Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
- Transported profiles between clients within R/3 system and between R/3 systems.
- Performed transports and mass transports of role/activity groups.
codes
- User maintenance SU01 (User creation / deletion / lockdown / activation / Password
management).
codes from old ones to new ones with the help of functional heads
- Tracing missed files and authorizations for user's access problems and inserted missing
authorizations manually
Administrator
2002 through Oct 2002
Client : Confidential, MO
Title : SAP Security User

Duration : Jan
- SAP 4.5 - Security Users Administration

- Transported profiles between clients within R/3 system
- Created users, role/activity groups and assigned required privileges for the database
access.
- Used Profile Generator for creation, modifying role/activity groups, composite role/activity
groups, global role/activity groups, derived role/activity groups.
- Manual generation and modification of profiles.
- Generated authorizations using Profile Generator and assigned to authorization profiles
12 / 13
and assigned to activity groups. Activity groups are assigned to user master.
codes from old ones to new ones.
- Effectively analyzed trace files and tracked missed authorizations for user's access
problems and inserted missing authorizations manually.
- Transported the generated role/activity groups and profiles using SAP Transport
Management System.
procedures.
- Cleaning up of role/activity groups and profiles not being used.
- Knowledge transfer to team members, provided ongoing security related support for all
security milestones during different phases
codes.
- Educated client personnel in R/3 Security and general Basis knowledge.
Technical Qualifications
-
SAP R/3 (4.5 B, 4.6B, 4.6C, 4.7 Enterprise, ECC 5.0)

SAP BW/v3.0 and 3.5, CUA
VRAT (Virsa Tool), SAFE (PWC Tool)
MS-Excel, PowerPoint, MS-Visio, MS-Project
MS-DOS, Windows (2K, 95/98,NT, XP) Unix, Linux
ORACLE 8i, 9i, Microsoft SQL Serve
Education
Masters in Computer Network Administration
13 / 13

Sap Project Security Consultant Resume Troy Mi

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Sap Project Security Consultant Resume Troy Mi

Transféré par

Droits d'auteur :

Formats disponibles

SAP Project Security Consultant Resume Troy, MI

Tweet (function() { var s = document.createElement('SCRIPT'), s1 =