Prathima Asoda +1-619-***-****

SAP SECURITY CONSULTANT adhosa@r.postjobfree.com

SUMMARY:

SAP Certified Security Consultant/Administrator having 14 years of experience in SAP Security, Security Administration, and Security Compliance. Experience includes performing Variety of security operations on SAP R/3 (ECC 6.0/5.0/4.7), BW (BI 7.0, BW 3.5/3.1/3.0), VIRSA/GRC (5.3/5.2/5.1/10.0/10.1), SRM 6.0/4.0, CRM 7.0, SCM 7.0, PI (7.1, 7.0,7.3,7.4), HR, EP 7.0/6.0, SAP HANA 1.0, SAP S4/HANA, SAP Fiori, Solution manager 7.0/7.1/7.2, SAP ByDesign, MDG and EM 9.0.

-Sucessfully completed 4 full-life-cycle implementations.

-Led Security Teams to successful conversion of SAP R/3 4.7 to ECC 6.0 and BW 3.5 to BI 7.0.

-Project planning through post go-live support, Upgrades and SOX Compliance, ASAP implementation methodology expertise.

-GRC Security - Configured GRC Compliance Calibrator (CC 5.3/5.2/5.1) - Risk Analysis and Remediation, Fire Fighter (FF 5.3/5.2/5.1) – Superuser Privilege Management, Role Expert (Enterprise Role Management), Access Enforcer (AE 5.1/5) - Compliant User Provisioning.

-Remediation of Segregation of Duties (SOD) within SAP implementation for SOX (Sarbanes Oxley) Compliance using GRC 10.0 tools Access Risk Analysis (ARA), Access Request Management (ARM), and Emergency Access Management (EAM).Worked closely with External/Internal auditors to resolve GRC (SOX)/SOD related issues.

-Preventative, mitigating and compensation controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy.

-CRM Security - Set up CRM security for Sales, Marketing&Campaign Management, Trade Promotion Management, Business Partner Security and Product Security.

-BI/BW Security - Secured BI Info Areas, Info cubes, Queries, Info objects. Successfully upgraded BW3.5 to BI7.0 Analysis authorizations. Restricted Analysis Authorizations (Using RSECADMIN Tool) at Characteristic Values, Attribute Values and Key Figure level. Extensively used new BI tools like Authorization Monitoring. Defined Authorization-Relevant Characteristics and Attributes using InfoObject Maintenance (RSD1).

-R/3 Security - Extensive Security knowledge in a R3 Validated Environment R/3 Role-based authorization (PFCG) Role, Profile creation, modifications, SU24 Changes,User Administration, Authorization objects, User reconciliation (PFUD), LSMW etc.

-ByDesign Security - Developed ByDesign Roles by adding workcenter views per requirement. Conducted sessions with User provisioning teams and provided training in role assignment and creating business/service agents in ByDesign system. Supported internal and external auditing teams by providing requested reports and participated in audit meetings.

-MDG Security – Designed and developed Menu and Authorization roles in MDG for Data Maintenance across Customer Master Data, Product Master Data and Supplier Master Data business areas, while developing and implementing technical security roles for the HANA database systems.

-Good knowledge in SAP Netweaver Identity Management(IdM) Application.

-Portal Security – Good knowledge in portal concepts such as UME, User creation, Roles, User Groups. Design, Develop, Testing and Implementation of Enterprise Portal User IDs, Roles, iViews.

-SAP Training on GRC300 – SAP BusinessObjects Access Control 5.3 – Implementation and Configuration.

-SAP Training on BW 7.4 - BW365 User Management and Authorizations

-HR Security - Designed and Developed HR Security in Personnel administration and Payroll accounting, Time Management, Payroll, Personnel Development and Org Management modules. Implemented Structural Authorizations to Restrict PD Objects.

-Full trouble shooting support for the users authorization failures in all SAP applications and resolving the Security issues and support in integration testing of Roles/Profiles.

-Experience in user administration 7x24 on call production support, quick turn around for end user requests, and Helpdesk support for user administration.

EDUCATION:

Bachelor of Engineering in Mechanical Engineering, University College of Engineering, Osmania University (2002-2006)

WORK EXPERIENCE:

Working as Role Design Engineer for Cardinal Health Inc. since August 2016 to till date.

Worked as SAP Security Lead for Forest City Enterprises Inc. since August 2015 to July 2016.

Worked as Senior Consultant for Infosys Technologies Limited, since April 2012 to August 2015

Worked as Application Architect - SAP Security for IBM India Pvt Ltd, Bangalore since August 2009 to April 2012.

Worked as Assistant System Engineer for TATA CONSULTANCY SERVICES, Bangalore since August 2006 – August 2009

CERTIFICATIONS:

SAP Certified Technology Consultant SAP Netweaver – SAP Security

SAP Certified Application Associate - SAP BusinessObjects Access Control 10.0

MSI Certified Sarbanes Oxley Trained Professional.

MSI Project Management Essentials Certified (PMEC)

SAP Certified Technology Associate SAP Authorization and Auditing for NetWeaver 7.31

SAP Certified Associate SAP Activate Project Manager

SKILL SETS:

Platform

Versions

SAP

ECC 6.0, ECC5.0, 4.7,Netweaver 7.4,SAP HANA,S4,FIORI,SAP By Design,MDG

BW/BI

BI 7.0, BW 3.5/3.2

Enterprise Portal

EP 7.0, EP 6.0,

Solution Manager

Solution Manager 7.0

CRM

CRM 7.2

SCM

SCM 7.0

EM

EM 9.0

MDG

MDG 6.1

GRC

Compliance Compliance Calibrator (RAR 5.3/5.2), Firefighter (SPM 5.3/5.2/5.1), Access Control (CUP 5.2/5.1), GRC 10.0, Access Risk Analysis (ARA),Access Request Management (ARM)

Business Role Management (BRM), Emergency Access Management (EAM)

SAP HANA

HANA 1.0

PI/XI

PI 7.1, PI 7.0,PI 7.3, PI 7.4

Database

Oracle 10g/9i,

Operating System

Windows Server 2008/2003/2000

Programming

SQL, PL/SQL, C,C++

Other Tools

Remedy, Documentum, Quality Center, Clear Quest,ControlPanelGRC

PROFESSIONAL EXPERIENCE:

Project: Cardinal Health Inc. Duration: Aug’16 – Present

Client: Cardinal Health Inc.

Role: SAP Security Consultant

Environment: SAP ERP 6.0, SAP NetWeaver Portal 7.4, SAP GRC 10.1, SAP BW 7.4, SAP HANA, SAP S4, SAP Fiori, SAP MDG, SAP ByDesign

Responsibilities:

Provide Security Administration for SAP NetWeaver Business Suite, Business Warehouse (BW), Business Objects (BOBJ), SAP HANA Security, SAP S4, SAP Fiori, SAP Enterprise Portal, SAP ByDesign, MDG, Solution Manager and SAP Governance, Risk and Compliance (GRC) Access Controls (Version 10.0/10.1).

Coordinating with various functional and technical teams on the understanding of the new business functions and changes in the access, to build security solutions.

Performing Security Review of the functional and technical requirements, to appropriately secure the custom programs and transactions.

SAP GRC (10.0/10.1) Implementation and Production support experience with a good understanding of business processes.

Experience in Configuration and support of GRC 10.0/10.1 AC Suite (EAM, ARA, ARM, BRM).

Experience in workflow configuration functionality in SAP GRC Access Request Management (ARM). Configured MSMP workflows in Access Control Suite and activating the delivered business configuration (BC) set for Access Control Multi-Stage Multi-Path (MSMP) workflow configuration.

Created custom MSMP workflows integrating with custom BRF plus rules as per business requirements and hence maintained agents. Hands on experience in Rule Set Customizations, Configuring Mitigation Controllers, Approvers, Monitors in ARA.

Create and execute SOD analysis reports manually and through background jobs as part of the security solutions. Drive discussions with risk owners to remediate or mitigate risks.

Upgrade of the SAP GRC application from GRC Access Control 10 to 10.1 including the

GRCPIERP & GRCPINW plugins.

Managed setting up of the LDAP connections to the Microsoft Active Directory to validate users for the GRC User Management.

Led security team in the EHP8 and S4HANA 1809 upgrade projects for the SAP Medical landscape.

Provide training and guidance to process teams and support personnel on SAP security policies and procedures.

Project: Forest City Enterprises Inc. Duration: Aug’15 – Jul’16

Client: Forest City Enterprises Inc.

Role: SAP Security Lead

Environment: SAP ERP 6.0, SAP Netweaver Portal 7.4, Control PanelGRC, SAP BW 7.4

Responsibilities:

Lead SAP security team to support SAP NetWeaver System Landscape for ECC, BW, BOBJ, Portal, BW Portal, PI, Solution Manager, Gateway, Control Panel GRC, SAP BPC.

Provide status reports and updates to Director - Applications and Integrations so that timely information can be incorporated into IT status reports and Business Steering Committees.

Provide mentoring support and guidance to junior security team members.

Co-ordinate with various functional and technical teams on the understanding of the new business functions and changes in the access, to build security solutions.

Involved in Security Review of the functional and technical transports, to appropriately secure the custom programs and transactions.

Implemented and configured ControlPanel GRC Access Certification, GRC Password Manager and GRC workflows for User Provisioning.

Set up AutoAuditor integration to schedule control reports, System Risk Analysis that are automatically executed on a periodic basis and output is sent to appropriate parties for documented review.

Collaborate with Internal and External Audit teams to consolidate SSAE16 (SOC Reports) from various vendors. Document and update Key Control Narratives which has details on control execution, description, business processes with screenshots of normal occurrence.

Implement Audit recommendations, address and remediate IT control deficiencies raised by external and internal audit teams via PwC connect tool, by providing assurance on accuracy and completeness of the controls.

Implemented and built the SOD rule book to configure non-sap actions in the functions to generate a cross system risk from SAP and COUPA (Procure to Pay) solution.

Use HP Quality Center tool, to track the testing defects. Focus on the resolution of the defects and other testing issues during the testing phase. Go-live and Post go-live support.

Project: Sysco Portal & Vistex Upgrade Project Duration: Dec’14 – Aug’15

Client: Sysco Corporation

Role: SAP Security Consultant

Environment: SAP ERP 6.0, SAP Netweaver Portal 7.4, SAP GRC 5.3, Vistex 60E, SRM

Responsibilities:

Lead Sysco Portal & Vistex Upgrade Project with onsite and offshore team coordination, to upgrade security roles and authorizations for SAP NetWeaver EHP and Vistex 60E version upgrades.

Lead the offshore team, to handle Role remediation and other enhancement activities to mitigate the SOD risks in the roles due to upgrade changes.

Co-ordinate with various functional and technical teams on the understanding of the new business functions and changes in the access due to upgrade.

Discussing with the SMEs of different modules to set up or modify security roles and role matrix.

Configured and Implemented GRC Access Control Suite 5.3

GRC implementation; automation; upgrade experience with GRC RAR, CUP, ERM, SPM and SAP CUA (Central User Administration) integration with SAP GRC.

Worked with application managers to clean up the security roles to eliminate segregation of duties (SOD) conflicts.

Working with GRC Access Control tool Risk Analysis & remediation (RAR) to restrict SOD Conflicts. Creation, Assignment of FFID’s and generation of log reports.

Testing support by handling the creation, modification of test user IDs for the testing of the upgraded systems and roles.

Experience in developing BI Analysis Authorizations, designing security roles on SAP BI BO Integration, for different reporting tools such as web intelligence, crystal reports etc.

Knowledge and understanding on SAP HANA security, and hands on experience on HANA security editor tool.

Experienced in user administration, create and grant roles with Analytical privileges on attribute restrictions in SAP HANA.

Use HP Quality Center tool, to track the testing defects. Focus on the resolution of the defects and other testing issues during the testing phase. Go-live and Post go-live support.

Implemented security in the integration of Worklogix HR Desktop with the Sysco Portal. This helps the HR to streamline the review and management of employees. Also automates HR processes and Forms by delivering efficient information to support all HR activities.

Implemented security, for integration of HR SuccessFactors, which is the HCM application. Developed roles and authorizations for Onboarding, Recruitment, and Learning Management system (LMS) applications.

Collaborate with internal audit team to implement proper security controls.

Provided training at unit level in SAP Security and GRC practice.

Project: CRM & Mobility Program Duration: March’13 – Dec’14

Client: Unilever

Role: Sr. SAP Security Consultant

Environment: SAP CRM 7.0 EHP 2, BW 7.3, Portal 7.3, SAP GRC 5.3, EM 9.0

Responsibilities:

-CRM Security:

Lead and implement set up of Security & Authorizations for SAP CRM systems, which utilized Mobility platform.

Implemented security for the Retail field Sales, Trade Promotion Management, Funds Management.

As part of this project, Visit Management (Visit Notes, Visit/Schedule, Customer Visit), Activity Management (Promotion, Product availability, Survey/Questionnaire, Assortments, listings etc), Trade Promotion, Funds, Fund Usage, Budget Posting, Segmentation, Planning applications, Organization, Territory Management, CIC components of CRM were implemented.

Co-ordinate with project teams to identify business roles based on the business processes and functionality requirements.

Built technical security role design with business roles where each Business role was be mapped to a security role in configuration.

Populated external services based on the end-user access requirements for CRM functionality from Mobile devices.

Relevant Authorization objects were populated for restrictions on Marketing attributes, Product categories, country organization Levels (Sales Organization/Division/Distribution Channel), territory structure.

Worked extensively with authorization objects UIU_COMP, CRM_ORD_OE, CRM_ORD_LP, CRM_ORD_PR,CRM_BP_SA,B_BUPA_RLT,B_BUPA_BZT etc., for order related security and CRM_MPT,CRM_CPG,CRM_TPM etc for Marketing, Campaigns and Trade promotions.

The design followed SAP recommendation and good security practices for the role build. Worked on SAP Check Indicator Defaults and Field values using transaction SU24.

Ensured to build simple and flexible roles for easy maintenance.

The key security restrictions were on Customers/wholesaler, contacts, products based on product categories, activity management, Sales Orders, campaign types and territory management.

Used standard report CRMD_UI_ROLE_PREPARE to start the initial role build. Business role assignment was performed via the user parameter CRM_UI_PROFILE.

As per business requirement, country derivations are needed so the technical role build included derived role and composite role concepts.

The general organization level restrictions are on Sales org, Division and Distribution channel. Worked with marketing attributes (class maintenance and classification auth groups) as additional organization restrictions.

Experienced in troubleshooting and support of the CRM systems for security and authorization issues.

Involved in gathering reporting requirements from CRM Web Interface.

Performed various testing (unit testing, system integration testing, end to end performance testing) and transport.

Involved in Go-live and Post Go-live support.

Knowledge transfer to team members provided ongoing security related support for all security milestones during different phases

-BI Security

Designed BI Analysis Authorizations to secure reports based on business requirements on BW reports, Infoproviders, sales organization, etc.

Worked with default characteristics in BI Analysis Authorization, planning authorizations, troubleshooting authorization issues.

Publish BI reports on CRM Web UI for the end users to access reports, as per the identified end user business requirements.

-GRC

Worked with Audit and Business Teams to create the RAR Rule Set, Mitigation controls and Firefighter access procedures.

Initiated changes in the Role Design and deployed process controls to tackle SOX/SOD issues.

Involved in raising GRC CUP requests, GRC SPM requests and approvals.

Involved in working of the following SPM 5.3 related activities:

Configuration of Firefighter.

Maintained Auth Objects & ran Log reports on the front end of Fire Fighter.

Creation of FF IDs and assigned additional emergency access.

Create/Maintenance of Owners, Firefighters, Controllers, Security, tables of FF.

-Event Management (EM)

Identified business requirements in coordination with functional teams.

Assigning IMG projects or project views access to the roles.

Created security roles for the users to access web transactions in EM.

-EP

Design, Develop, Testing and Implementation of Enterprise Portal User IDs, Roles.

Project: BW Retrofit Project Duration: April’12 – March’13

Client: Unilever

Role: SAP Security Consultant

Environment: BI 7.0

Responsibilities:

Involved in Re-Design of Country roles across the BI systems in the landscape.

Analysis of the Authorization checks in Info/Multi Providers for the security strategy.

Derived role concept for the Role creation as per stream/sub-stream to achieve access to signed off Reports.

Creation of Analysis Authorization with Country level restriction.

Restricted Authorizations at various levels such as Query, Query View, Web Template, Web Item and Workbook.

Created and Restricted Analysis Authorizations (Using RSECADMIN Transaction) at Characteristic Values, Attribute Values, and Key Figure level.

Communicate and participate with different stakeholders for the technical development.

Troubleshoot security/authorization related problems using SU53, ST01, RSECADMIN (BI) and SUIM.

Project: British Petroleum Duration: August’09 – April’12

Client: British Petroleum

Role: SAP Security Consultant

Environment: ECC 6.0, SAP 4.7, BI 7.0 and Enterprise Portal.

Responsibilities:

Maintaining Global and Template security design.

Maintaining Roles in Template and Target systems.

Analysis of change requests in the form of Service Investigation Request (SIR) regarding role design and functionality as per the client requirements.

Used VIRSA Tool to check SOD risk analysis for remediation of the roles.

Participating in Knowledge Sharing sessions with other project teams.

Involved in designing Security Roles in BI for all the security levels as per the Security standards, restriction is at the Infoarea and Infocube level along with organization level restriction.

Extensively used RSECADMIN tool in BI by creating security Authorizations and to fix the User issues through Trace.

Design of backend Security in ECC and BW systems for users using Enterprise Portal systems.

Security upgrade from 4.6C to ECC 6.0: Handled SU25 and Role remediation tasks for the upgrade activities. Involved in post upgrade testing for security issues.

Working on SAP Security and audit logging tools (SM20, SM19, SECR), setting Security audit log parameters, defining filter groups, complete and user defined auditing, logging changes to user master records, profiles, and authorizations.

Project: Johnson and Johnson Duration: Jan’09 – August’09

Client: Johnson and Johnson

Role: SAP Security Analyst

Environment: ECC 6.0, BI 7.0

Responsibilities:

User Administration in CUA environment (SSO implemented).

Updating profiles in the user master records, profile comparisons using mass compare (PFUD), report PFCG_TIME_DEPENDENCY to schedule time dependency jobs.

Worked on position-based authorizations.

Maintaining authorizations based on the SOD Ruleset Matrix, to make sure there are no SOD risks and conflicts associated.

Performing SOD check before assigning authorizations (New access/additional access/change access) using VIRSA compliance calibrator tool.

Fire-call authorizations for critical activities using VIRSA FIREFIGHTER tool.

User administration and Authorizations in Cranberry Web Portal.

Provided SAP Security support for various business applications of J&J covering different time zones across the world using SAP Netweaver Applications (ECC 6.0, BI 7.0).

Providing on-call support on a rotational basis and as needed.

Used SAP Solution Manager System for monitoring and resolving service desk requests raised by business/support teams.

Maintaining OSS user ID's in SAP Service Marketplace.

Providing SAP Remote access Connection for SAP in project landscape whenever required to fix the issue/problem reported to SAP.

Generating 45/120 days user reports from production systems for business approvers to review inactive users. Security team action will be taken based on review inputs received from approvers on monthly basis.

Review critical and sensitive authorizations, implement improvements to meet audit requirements.

Continuously improved security configuration to reflect best practices and to prepare for system audits.

Project: GBIP Duration: Aug’06 – Dec’08

Client: Eli Lilly

Role: SAP Security Analyst

Environment: ECC 6.0, BW 3.5,

Responsibilities:

Maintaining Global security design

Maintaining Role groups.

Analyzing and troubleshooting all authorization related issues that come across from business/support teams in various SAP modules R/3, BW, BI and Enterprise Portal

Played Security Steward (SME) and Security Analyst, role within the team, providing end to end solutions the User access and Security related issues in the SAP system with Specialization in FI/CO Security and make sure there is no business impact and issues are resolved within less down time.

Experienced in security implementation of various SAP functional modules: FICO – Company Code, General Ledger (GL), Accounts Payable (AP), Accounts Receivable (AR), Cost Center Accounting (CCA), Product Costing, MM, and SD

Set up general authorization checks for PA, PD, Time Management, Payroll modules.

Designed & Implemented structural authorizations to cover HR requirements.

Created Organizational Plan, Personal Master Record, Infotype 105 and 1017 for SAP HR Structural Authorization.

Extensively used RHBAUS reports to improve the performance while using Structural authorizations.

Generated authorizations for users in organizational plan using RHPROFL0 report

Responsible for design, Maintenance and support of all security changes including User Master record maintenance in existing SAP landscape. Following are the activities involved:

Role Administration using Profile Generator tool.

User Master Record Maintenance.

Maintain SU24 changes to link authorization objects to transaction codes.

Creation of authorization groups to restrict authorization to critical tables, Reports, ABAP programs.

Using User Information System (SUIM) functionality to resolve authorization related issues and prepare adhoc reports as and when required by business teams, application and support managers.

Usage of System functionalities like Trace, SU53, RSECADMIN for troubleshooting access related issues in SAP system.

Worked with the Business Process Owners to restrict sensitive transactions and security, authorizations, and ensured segregation of duties across business areas.

Creating and releasing of transport requests for all security related changes.

Design of Security strategy and process documents.

Design and maintaining Role Matrix

Handling release changes.

Used VIRSA Compliance Calibrator Tool for SOD risk analysis and remediation.

Production support security by handling call tickets and Change Request (CR) forms in Remedy system.

Experienced in using Mercury Quality Center tool to test and review all the authorization changes before they are implemented in production.

Preparation of Change request packet (Contains supporting documents for the changes made), documenting the changes using Documentum tool and submitting to the Validation group.

Delivering all the change requests raised by business for new enhancements.

Involved in transition activities between offshore and onsite teams.

Presented excellent communication skills, customer-oriented approach, able to coordinate with technical and business teams in implementing the business process controls in achieving SOX complaint systems

Contact this candidate