PRAVEEN
SAP Security Consultant
*******.*****@*****.***
PROFESSIONAL SUMMARY
Over 11+ Years of extensive experience SAP Basis and Security in SAP DEV, QAS and 24/7 Production Support, maintenances, upgrades, troubleshooting for SAP software products ECC 5.0/6.0, SAP R/3, SAP Netweaver, Solution Manager 7.0/7.1 and SAP GRC 5.3/10.1 various versions including new dimension products (EP 7.0 & PI 7.0/7.3,XI 3.0, SRM 5.0, BI 7.0, BO 4.0,Fiori) on Windows 2003/2000, AIX, HP-UX B 11.23 ia64, Linux 5.10 and Solaris platforms with databases such as ORACLE 9i/10g/11g.
Security Administration:
Involved in Role Design meetings with Business and functional teams to gather requirements for SAP ECC 6.0 and SAP HR roles re-design Implementations Project.
Implemented SAP application level security that includes role design, role mapping for SAP ECC and other Netweaver applications (BW, Portal) for the New York Canal Corporation which was merged into NYPA environments.
Ability to coordinate across teams and follow-up for non-security issues and bringing them to closure or redirecting the issue to the correct team.
Performed quarterly SOX audit on DEV, QAS & PRD system and corrected discrepancies found in the test.
Well Experienced in Assisting Internal / External Audit in various processes, reports, controls & risks.
Experience of working with multiple integration projects between SAP and non SAP lines of business.
Executing changes in day-to-day operations, enhancement requirements in security design and delivering the same.
Developed and documented security policies and procedures, user maintenance, activity group and role maintenance using profile generator.
Experience in working with Transports (STMS) in transporting roles between Development, QAS and Production ECC systems.
Configure Emergency Access (EAM) in GRC 10.1 and also SPM in SAP GRC 5.3.
Created FF-IDs for functional people and regularly monitored FF log reports using Emergency Access Management (EAM).
Configured Owners, Controllers and security setup along with various configuration parameters in Firefighter.
Extensively worked on Firefighter tool (/n/VIRSA/VFAT) Giving emergency access (SPM) to the required critical t-codes through Firefighter tool in SAP GRC 5.3.
Performed risk analysis at User level and Role level and to mitigate risks for the users using Risk Analysis and Remediation (RAR) tool.
Experience with SAP BW Security and SAP BI analysis authorization concept.
Excellent analytical, problem solving and time management skills.
Performing HANA User administration activities such as creating users, Granting roles, Reactivating/Deactivating users, and also creating users in HANA Studio.
EDUCATION
B.Tech in Electronics & Instrumentation Engineer (EIE) April 2002
TECHNICAL SKILLS
ERP : SAP Netweaver7.0/7.1/7.3/7.4, ECC5.0, ECC6.0, 4.6C/ 4.7 EE, XI, EP, BI, APO, Solution Manager 7.0/7.1, BO 4.0/4.1, SAP HR,SAP HANA SPS10,BIA, BOBJ & SAP Fiori.
Operating Systems : HP-UX, Win NT/ 2000/2003, Linux, AIX.
Database : Oracle 9i, 10g & 11g
SAP Tools : BRTOOLS, Espresso, TREX, Wily-Introscope and DBMGUI, HANA Studio,
Analysis Office (AO), Business Explorer (Bex).
SAP GRC AC 5.3/10.1 : RAR/ARA, CUP, SPM/EAM
Third Party tool : BMC Remedy ITSM 4.0 & 7.1, Putty, Citrix, Clarify, Lotus Notes-CMS, Foot Prints.
CERTIFICATIONS
Certified in ITIL V3 Foundation and did couple of internal trainings on Incident Management, Change management, Problem Management.
SAP Certified Application Associate - SAP Business Objects Access Control 10.0 (GRC) (C.ID:- 000*******)
PROFESSIONAL EXPERIENCE
New York Power Authority (NYPA), NY, USA Oct 2016 - Present
Role: SAP Security Consultant
Implemented SAP application level security that includes role design, role mapping for SAP ECC and other Netweaver applications (BW, Portal) for the New York Canal Corporation which was merged into NYPA environments.
Canal Corp Integration Project–
Users created as per Active directory and HR are consolidated and respective User IDs are created (Total: 250) in production.
Role assignment: All the Canal users are assigned with Basic end user, ESS & MSS & Functional role as applicable.
Go-live activities: All Canal users are updated with relevant HR master Data (Total: 250).Additional access to NYPA users to support Canal business users. Provided CUTOVER IDs for MM, FI & HR and Batch ID issued for data loads.
Post Go-live activities: Access issue reported for the Canal end user & ESS roles are fixed.
AP Automation for Canal - Extended Process Director capabilities for Canal (comp.code 0300).
Worked on SAP SOD Audit conflicts raised by Internal Audit Team.
Performed yearly user licensing by assigning the users to proper licenses and run the USMM Report to send the report to SAP.
Projects Involved: SAP Fiori, SAP Concur, Process Director Upgrade.
Worked on enhancing Manager & Employer roles functionality for Approvals & Submitting timesheets through SAP Fiori.
Implementation for Procurement: - Creating new roles at Fiori and Back end systems for procurement apps functionalities as per the requirement.
Implementation Security roles setup for SAP Integration with Concur.
Setup new budget roles for Canal Corporation users to access the budget related information.
Performing Annual review of the security access (Roles) provided to users to SAP System with respective Managers.
Monitoring Canal and NYPA (Footprints) ticketing tool for SAP security requests and providing resolution as needed
Transporting Roles to Quality Assurance System (QAS) and initiating the testing process of these roles by assigning the intended Roles to test users and monitoring and troubleshooting the authorization failures during testing.
After ensuring the intended functionality of these Roles, transporting these objects to Production system (PRD) and then assigning to users as per the process.
Utilize system trace (ST01), authority check (SU53) to analyze and fix problems related to Security.
Gather business requirements, meet with business process owners / functional leads to understand the requirement and design and build roles for SAP ECC (FI, MM, SD, PS, and ISU) and SAP BW.
Experience with SAP BW Security and SAP BI analysis authorization concept.
Environments
SAP Netweaver7.4, ECC6.0 EHP 5/6, SOLMAN 7.2 SP3, SAP BW 7.4, BOBJ4.2, SAP Fiori, Portal 7.4
J.Crew Group Inc. NYC, USA Sep 2013 – July 2016
Role: SAP Basis & Security Consultant
Security Responsibilities:
Provided 24/7support for users with Basis & security-related problems and documenting the corrective action taken to resolve.
Worked extensively on Automatic Profile Generator (PFCG) for creating single and composite roles for modules such as ECC 6.0, PI, XI, BW and HR modules.
Responsible for working with business teams to test new and existing functionality and migrating roles from DEV to QA and production.
Performed user maintenance tasks, user creation, deletion, lock down, activation, password management tasks utilizing SU01, and SU10.
Involved in Role Design meetings with Business and functional teams to gather requirements for SAP ECC 6.0 and SAP HR roles re-design Implementations Project.
Worked on Rollout projects of R3/HR landscape and also provided support as POC for R3 security issues.
Performed yearly user licensing by assigning the users to proper licenses and run the USMM Report to send the report to SAP.
Updated SU24 for required T-codes and performed the Impact Analysis before updating new Auth objects to Auth check/Proposal for required T-codes.
Troubleshoot Security authorization related problems using SU53, ST01 and SUIM.
Extensive involvement and supported in Cutover and Go-Live activities and smooth transition to support the team.
Created portal users and assigned appropriate roles in UME and assigned required backend roles.
Configured Emergency Access Management (EAM) module by Creating Connector, setting up Connector type, Updating Repository Sync (User, Role and Profile) and configured Fire Fighter id’s, Fire Fighter owners and Fire Fighter in GRC 10.1.
Expert in Configuring SPM and configured Fire Fighter id's, Fire Fighter owners and Fire Fighter Controllers in GRC 5.3 .
Created FF Id's for Functional folks in EAM and Configured FF Controls and Monitors.
Configured connectors and set up the connection between GRC and backend servers and also performed synchronization and scheduled the jobs setup for ARA and EAM in GRC 10.1/5.3.
Performed risk analysis at User level and Role level and to mitigate risks for the users using Risk Analysis and Remediation (RAR) tool.
HR Security:-
Involved in Role Design meetings with functional teams to gather requirements for SAP GuXit implementing project for SAP HR landscape.
Worked on critical Authorization Objects like P_ORGIN, P_ABAP, P_PERNR, P_ORGXX etc.
Providing Access ability to end users to update their timecard by assigning ESS roles in both SAP ECC 6.0 and portal system.
Designed new roles and assigned to the users to access PA20 and PA30 via GuXit Application in SAP HR landscape.
Redesigned backend roles for HR Employer self-service ESS and Manager self-service MSS to access Timecard and Open enrollment.
BW Security:
Restricting reporting users through S_RS_COMP and S_RS_COMP1 authorization objects to leverage on query accessing in BW Production System.
Assigned analysis authorizations to the roles using object S_RS_AUTH authorization object.
Built Analysis & Troubleshoot authorizations related problems using RSECADMIN.
Designed new role to access Analysis Office (AO).
Setup BI security for user roles (query users, administrative users and power users)
Basis Responsibilities:-
Provide SAP Basis administration support Tasks i.e. User Administration, System Refresh, Support Pack upgrades, Client Copy, Kernel Upgrades, Applying Add-on’s, Spool Administration, Background jobs, Performance Tuning and applying OSS Notes.
Installed Diagnostics agents on the ECC 6.0, BW, HR and PI landscape.
Performed TREX Upgrade on all PI Systems.
Support package upgrades and add-on implementations in ABAP and Java stack.
Performed Kernel Patch upgrade across the ECC 6.0, BW, HR and PI landscapes.
Performing SAP profile parameter changes and configuration of Operation modes.
Importing transports through NWDI and CTS+ transports
Importing transport requests across the systems landscape.
Deployment of various JAVA files (ear, sda, sca) through JSPM and NWDS
Involved in post migration activities for Data Center Migration projects, we have migrated our all SAP systems from our HP data center in Charlotte, NC to our primary Verizon data center in Beltsville, MD.
Monitoring Background jobs, re-scheduling, canceling long running jobs
Request the sap license keys, Developer keys and Object key from SMP.
Manually generating Earlywatch (EWR) report prior to regular scheduled time as on request from superiors.
Creating Users, user groups & Assigning users to groups in SAP BOBJ Environment.
Providing security Levels to users, applications and also to folders in the CMC.
Performing Failover activity during quarterly Windows Patching Maintenances on BOBJ Servers.
Performing HANA User administration activities such as creating users, Granting roles, Reactivating/Deactivating users, and also creating users in HANA Studio.
Administration and Monitoring HANA System through HANA Studio and DBACOCKPIT.
Installed HANA Studio and adding SAP HANA Systems.
Involved in post migration activities in BW on HANA migration project.
Environments
SAP Netweaver7.0/7.1/7.3, ECC6.0 EHP 5/6, PI 7.3, EP, BI 7.0/7.4, SAP BPC 10.1, SAP HANA SP10, SAP HCM, BOBJ4.1, GRC 5.3/10.1, Solman 7.1, Solaris, Linux, Oracle 11g.
Grifols (Talecris) Therapeutics Inc. NC, USA Sep 2012 – Dec 2012
Role: SAP Security Consultant
Responsibilities
Provided 24/7support, Experiences in onsite and offshore role model and update weekly status to superiors.
Maintaining Transport System across 3-System Landscape and Handling transports between SAP Systems.
Searching OSS notes and applying OSS notes as per instructions or wherever applicable.
Involved in day-to-day activities and also working on issues raised by customers.
Deployed related support packages for SAP GRC AC 5.3 and GRC RTA 5.3 implementation servers.
Performed User Management like Creation, Deletion, Lock, Unlocking of Single Users using SU01 and Mass Users using SU10.
Performed quarterly SOX audit on DEV, QAS & PRD system and corrected discrepancies found in the test.
Created Single users and Mass User Maintenance.
Performing mass user maintenance as per the Governance and Auditing team.
Find out missing Authorizations using SU53 report and also User trace using ST01.
Creating RFC and OSS user ids and granting necessary authorizations to them
Creation of monthly audit report (SUIM).
GRC user account creation, validity extension, role addition and deletion, SUPM user account request creation, working with Fire Fighting Id’s.
Performed Risk Analysis for Role using RAR tool.
Good at analyzing Basis, Security and Functional related issues.
Transported the Roles across the Development, Quality and Production Systems
Assigned Roles to Users based on SOD.
Environments
SAP ECC 6.0, SAP Netweaver7.0/7.1/7.3, SRM 5.0, BI 7.0, BO 4.0, EP 7.0, PI 7.0, GRC 5.3 and Solman 7.0/7.1, AIX, oracle 10g.
Johnson & Johnson, Belgium Sep 2007- May 2011
Role: SAP Basis Administrator
Responsibilities
Provided 24/7support for users with Basis & security-related problems and documenting the corrective action taken to resolve.
Performed User Management like Creation, Deletion, Lock, Unlocking of Single Users using SU01 and Mass Users using SU10.
Worked extensively with the PFCG tool to create roles for ECC and BW systems.
Performed maintenance activities like SPAM upgrade, Support packages upgrade, Kernel upgrade and BRTool Upgrade and Applied Add-ons.
Experience in SAP Security analysis, Roles creations, Authorizations troubleshooting, maintaining security profile parameters.
Performed quarterly SOX audit on DEV, QAS & PRD system and corrected discrepancies found in the test.
Providing emergency user access to end-user to perform activities in PRD system as per approvals.
Transporting the portal content across the landscape.
SSO configuration between portal and backend systems.
Exporting and importing designed & configuration objects request across the landscape in SAP XI.
Creating and maintaining RFC destinations to remote systems.
Defining and Maintaining background jobs in Espresso Tool.
Searching OSS notes and applying OSS notes as per instructions or wherever applicable.
Changing profile parameters as and when required in SAP and setting up operation modes.
Maintaining Transport System across 3-System Landscape and Handling transports between SAP Systems.
Opening systems for SAP remote support.
Client Administration including Client Copies – Local, Client Export and Import.
Generating Early Watch reports for production systems in solution manager and preparing action plans for alerts.
Setting-up E-Mail in SOLMAN to send EWA report automatically.
Live-cache monitoring and starting/stopping of Live-cache through LC10 and DB Manager Tool.
Applied JAVA patches using JSPM.
Monitoring performance of SAP Servers for errors, Analyzing SAP traces, logs, ABAP Dumps, Locks and Troubleshooting.
Track and report project status on a regular basis including identifying, categorizing and escalating project issues that need management attention which will be discussed on weekly basis in OP’S meeting.
Opening systems for SAP remote support.
Database administration using BR-Tools. Extending Table Spaces, checking free space and adding new data files.
Printers’ setup for the SAP R/3 system through SPAD, daily & weekly print queue monitoring and solving end user printer troubleshooting. Performed Client Administration includes Local client copy, Remote Client Copies and Deletion of obsolete clients.
Assigned instances to operation modes to provide additional dialog or background processing resources.
Environments
SAP Netweaver7.0/7.1, ECC5.0, ECC6.0, 4.6C/ 4.7 EE, XI, EP, BI, APO, Solution Manager, HP-UX, Linux, oracle 10g.
Ticketing Tool: BMC Remedy
Mossi & Ghisolfi Group, Italy July 2004 – Aug 2007
Role: SAP Consultant
Responsibilities
Maintaining SAP Security. Creating and administering users, defining roles, assigning authorizations and generating Profiles.
Performed daily monitoring activities.
Involved in day-to-day activities and also working on issues raised by customers.
SAP security using profile generator (PFCG) that include roles, profiles and authorizations.
Use of transaction SU53 to troubleshoot Authorization Profile problems.
Deletion of obsolete users and clients in the systems.
Used SUIM for analysis of the users, profiles, roles, auth. objects and change documents.
Configured client settings and system change options as per the definition of the client strategy document of the project.
Creation and Maintenance of User Master records and adding the roles, profiles to the user upon request.
Experience in SAP Security analysis, Roles creations, Authorizations troubleshooting, maintaining security profile parameters.
Client Export/Import, Deletion, Local Client Copy & Remote Client Copy.
Importing transport requests across the systems landscape.
Configured RFC connection between the systems in the landscape.
Maintained the instance profiles & its parameters using RZ10 in DEV, QAS and PRD systems.
Analyzed the tablespaces and extending the tablespaces using SAPDBA & Brtools.
Scheduled and monitored background jobs using transactions SM36 and SM37.
Problem analysis and troubleshooting with minimal OSS support.
Defining and maintaining background jobs and Setting Operation modes.
Printers’ setup for the SAP R/3 system through SPAD, daily & weekly print queue monitoring and solving end user printer troubleshooting.
OSS notes. Checking for all prerequisites and applying the OSS notes
Environment: R/3 4.6, 4.7EE ECC 5.0, Win 2003 server, UNIX, Oracle 9i.
Ticketing Tool: Remedy