SAP SECURITY CONSULTANT

MAHESH BABU U

Ph: +91-738*******

E-Mail: acezrn@r.postjobfree.com

PROFESSIONAL EXPERIENCE

. Having total Experience of 6 years in various fields.

. 4+ years of experience on SAP Security R/3 and GRC 5.3 with emphasis on

maintenance, troubleshooting and day-to-day support.

. Expertise in Security Administration in SAP R/3 ECC 6.0 and GRC 5.3.

. Security Administration: Maintained SAP security in terms of creating

users, creating roles, assigning roles, assigning authorization objects

to roles using profile generator.

. SAP R/3 Security for User Master Records Maintenance, maintaining

Authorizations Group/Profiles/Roles and assigning roles/profiles to

users.

SAP SECURITY SKILLS

. Having Good experience on SU01,SU10,PFCG,SUIM,TABLE SECURITY,CUA,GRC 5.3

.

. User administration involving creation/deletion/locking/modifying as per

approval.

. Role administration of Single, Derived and Composite Roles.

. Worked with AGR_1251, AGR_1252, AGR_AGRS, AGR_USERS tables.

. Executed Several RSUSR* reports to ensure that there is no security

outages.

. Experience with Internal Audit of R/3 System.

. Worked on Important authorization objects like S_DEVELOP, S_PROGRAM,

S_TABU_DIS.

. Experience on assigning missing authorizations using SU53 and ST01 as per

the user requirement.

. Monitoring the critical transaction codes and ensures that they are

assigned to the concerned users only.

. Maintained table security using authorization groups.

GRC SKILLS

. Configuration of Super user provisioning on user based firefighter Id's.

. Used VIRSA FIREFIGHTER to give emergency access to functional, technical

and audit team.

. Created FF Id's, Assigned ID's to owners and controller to FF Id's and

maintained configuration table.

. Configured RFC's and JCO RFC Connection from SPM to ECC.

. Assigned SuperUser Roles to the users for emergency access and monitored

and audited their activities.

. Define background jobs for the log reports.

. Setup Background Jobs for user/role/profile synchronization High, Medium

Alert.

. Monitor SOD Conflicts and user level and role level.

. Uploaded Rule Sets and generated Rules.

. Created Monitors, Approvers and mapped them to mitigation control.

. Daily monitoring of jobs that are necessary for the GRC application(s) to

run effectively and efficiently, for example nightly management risk

analysis reporting.

PROJECT PROFILE

Client Profile#2

Ensis Information Solutions Pvt Ltd

Duration: Dec2011-Tilldate

Ensis info is an enterprising company devoted to enabling its clients to

become increasingly more competitive, productive, and profitable through

people and technology from a pool of global talent, domain expertise,

technical bandwidth, established credibility growth in the sectors of

Information Technology, Wireless Technology, Public Sector, Travel,

Logistics, Banking & Finance, Consumer Telecom, Life Sciences & Healthcare,

Energy and Utilities.

Roles and Responsibilities:

. Technical analyst for SAP security in production & non-production

environments.

. Segregation of Duties and Audit Compliance Standards

. Critical authorization objects such as S_TABU_DIS, S_PROGRAM, and

S_DEVELOP were restricted and monitored.

. Restricted the list of illegal passwords.

. Worked with security related tables such as AGR_TCODES, AGR_USER, and

AGR_DEFINE etc.

. Experienced with implementing CUA functionality within customer

landscapes

. Day to day technical support and resolution of Security issues.

. Good experience of Autorisations and its Objects, Creation of Roles and

its Administration.

. Performed user maintenance tasks, User creation, deletion, lock down,

activation, password management tasks and ran various user administration

reports.

. Performed User comparison in PFCG

. Troubleshoot security/authorization related problems using SU53, ST01 and

SUIM

. Created Monitors, Approvers and mapped them to mitigation control

. Created FF Id 's, Assigned ID's to owners and controller to FF Id's

. Assigned Administration Role, Controller Role and Owner Role in SPM.

. Assigned SuperUser Roles to the users for emergency access and monitored

and audited their activities.

Client Profile#1

Kirby Building Systems.

Duration: Feb2010-Nov2011

Kirby Building Systems is a global leader in the design and manufacturing

of pre-engineered steel buildings and structures, offering customers a wide

range of customized, cost-effective pre-engineered steel solutions. With

manufacturing plants in Kuwait, UAE, India and Vietnam, our production

capacity exceeds 400,000 MT, allowing our state-of-the-art facilities to

produce hundreds of custom-made steel buildings every year.

Roles and Responsibilities:

. Creating SAP user accounts as per the client request.

. Creation and Maintaining Organization level (company code, controlling

area, sales group, etc).

. Extensively worked on SUIM in generating reports for and analyzing

authorization issues.

. Troubleshooting missing authorizations in SAP.

. Critical authorization objects such as S_TABU_DIS, S_PROGRAM, and

S_DEVELOP were restricted

and monitored.

. Locking/deactivating accounts as per client request.

. Restricting authorizations of fields, field values.

. Secured all sensitive tables and custom programs with authorization

groups, T-codes.

. Program level security, table level security etc.

. Managed and performed internal control audits, testing control design

and effectiveness

. Resolved Audit Issue in discussion with client personnel.

. Assessed information technology control elements to mitigate IT risks

regarding the confidentiality, integrity and availability of business

information.

. Communicated the results of audit and consulting projects via written

reports and presentations to management.

. Reviewed Internal Controls planning and execution.

EDUCATIONAL QUALIFICATION

. B.Tech (ECE) from JNTU Hyderabad-2007.

Contact this candidate