Praveen Mobile : +919*********
SAP Security & GRC Consultant E-mail :dtl6q6@r.postjobfree.com
Professional Summary
Having 3+ years Experience as SAP Security & GRC consultant
SAP Security experience summary
SAP Security & Authorization consultant with over 3 years of experience in SAP Security Roles/Profiles and Authorizations, designed and developed for various SAP modules FICO, SD, MM, HR, PP, PS
Proven experience in developing, Testing and Implementing SAP Security Roles, Profiles and Authorizations for various products of SAP Net Weaver components R/3.
Experience in SAP Security analysis, Roles creations, Authorizations troubleshooting, maintaining security profile parameters, Central User Administration (CUA).
Hands-on working experience on GRC (VIRSA) tools Compliance Calibrator.
Perform User & Role analysis to find the exiting SoD violation for users and roles.
Perform Simulation in order to find out proactive SoD violation for users & profiles.
Used SUIM for analysis of the users, profiles, roles, auth. objects and change documents.
Schedule & troubleshooting of various background jobs (synchronous, daily and weekly) as per business requirements in RAR.
Good communication skills, customer oriented approach to support of production processes, able to communicate with non technical partners concerning the security or control of the business processes.
Technical Skills:
ERP SAP ECC6.0,R/3 4.7E, 4.6c,
GUI SAP GUI 640/ 710
Tools & Utilities Putty 0.53b, Remedy User, Lotus Notes 7.0.1
Databases Oracle 9.2.0
Operating Systems Windows 2000/2003 server, XP, IBM AIX 5.3
Education:
B.Tech with Jawaharlal Nehru Technological University in 2006.
Experience
Working as SAP Security Consultant February 2009 – till date, AVON Technologies, Hyderabad.
Worked as SAP Security Consultant from January 2007 to December 2008 in Accenture, Bangalore.
Project Summary
Project 1
Client : Inbev
Role : Security Consultant
Duration : February 2009- till date
Team Size : 6
Environment : SAP Basis Ecc6.0, Oracle 9.2.7.0
O/s : Aix.
R/3 Security Support
• Responsible for SAP security support for more than 5000 end users
• Administered users, roles and authorizations using transactions SU01, PFCG.
• Administration of GRC access controls tools SPM,RAR
• Tracing missing authorizations using SU53, ST01, SUIM and recommended appropriate roles for the end users.
• Performing quarterly inactive user termination in production systems.
• Periodic review of Critical Authorizations
• Technical coordination for various teams including incident management, change management and problem management
• Troubleshooting Role design changes and problems (adding transactions, display versus change access) using various authorization transactions SU53, ST01, ST03.
• RAR:
• Perform User & Role analysis to find the exiting SoD violation for users and roles.
• Perform Simulation in order to find out proactive SoD violation for users & profiles.
• Creation of Mitigation Approver, Mitigation Monitor & risk owner in SAP GRC 5.3.
• Creation of Mitigation Control id & mapping of various risk is with control id based on region & business process.
• Perform remediation & mitigation against various risk for users & roles.
• Compliance Calibrator 5.3 User maintenance
• SPM:
• Defining Firefighter Administrator
• Defining Firefighter Owner
• Defining Firefighter Controller
• Defining Firefighter
• Assigning these roles accordingly.
• Creating the firefighter id with super user privileges.
• Assigning the fire fighter to firefighter id.
• Assigning the firefighter owners and fire fighter controllers to fire fighter id.
• Defining the role based fire fighters.
PROJECT-2
Client : RUUKI,
Role : Security Consultant
Duration : January 2007- December 2008
Team Size : 10
Environment : SAP R/3.
O/s : Aix.
My Responsibility:
• Created over 80 customized end user roles and menus.
• Set up security roles and user accounts for over 5000 End Users for primary Go Live.
• Set up Central User Administration (CUA) to manage 4 systems/clients
• CUA configuration in Quality system
• Introduced Sarbanes-Oxley and audit compliance issues to client.
• Educated client personnel in R/3 Security and general Basis knowledge
• Identified Security issues, recommended and implemented solutions to problems
Responsible for all Security-related aspects of upgrade
• Check indicators (SU24)
• Tables relationship for Tcode, Roles and users
• Assigning authorization groups for table restrictions and program restrictions.
• Performing transport management.