Resume

Sign in

Security Sap

Location:
San Antonio, TX
Posted:
October 29, 2018

Contact this candidate

Resume:

Lakshmi Challagulla

ac7jlr@r.postjobfree.com

# 248-***-****

Summary

Eight years of extensive experience as SAP S/4 Hana and R/3 Security Administrator with in-depth knowledge in designing and implementing SAP security solutions, Data security and Authorization concepts.

Highly experienced in SAP Security with ECC, S/4 HANA, FIORI, SCM, BW, CRM, SRM, GRC and Portal.

Strong experience in SAP Security Administration, GRC, User Administration, Change Management Portal Security, UME, Authorization Objects, Analysis Authorizations in BI, Roles, Profiles, Trouble shooting and Production Support.

Good Experience in full lifecycle SAP implementations

Strong understanding of dual rail strategy & it's implications and Dual Maintenance in SAP Upgrade projects

Expertise in Identity Access Management (IAM). Created IAM roles and policies. Run Security Audit reports and Managed users for roles.

Involved in work load analysis, escalation and deliverables management.

Experience in creating analysis authorizations using RSECADMIN.

Good repute for my efficient communication with the client; efficient skills in people management and effective knowledge transfer to offshore team particularly during the transition and upgrade phases.

Extensive experience in Segregation of duties. Interacted directly with financial directors and local application managers to implement mitigation controls.

Troubleshooting via SU53 and system trace (ST01) to record authorization checks for the user sessions and tracing the missed authorization.

Used CATT scripts for creating and maintaining users, roles, profiles and authorizations.

Created Analysis authorizations using RSECADMIN, troubleshoot analysis authorization problems.

Knowledge of IBM Tivoli Identity Management.

Producing SOD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using Risk Analysis and Remediation /Compliance Calibrator.

Mitigation and remediation of users and roles for SOX using User/Role Analysis in Analysis and Remediation /Compliance Calibrator.

Determining and report if any risks will be introduced by simulating the addition of transactions, Roles, or Profiles to a User ID.

Responsible for providing customers with Implementation, Development, Enhancement and Support activities for their SAP applications, worked as Solution architect.

Creating and providing the FFID Access, periodically generating the FFID log reports.

Generating AGR* & USR* reports

Technical skills

ERP : SAP S/4 Hana, R/3 Enterprise 4.7.0d, ECC6.0

SAP Modules: ECC, BI, S/4, HANA, FIORI, CRM, SRM, BOBJ, GRC and Portal.

Databases: Oracle 8i, 9i, SQL, PL/SQL, SQL Server, and MS Access.

Programming Languages: C/C++

Operating Systems: MS-DOS, Windows 98/NT/XP/2000, UNIX, AIX, LINUX

Project Experience

Tesoro Corporation San Antonio, TX

SAP Security Admin Oct’16 to till Date

Roles & Responsibilities:

Worked on Mergers and Acquisition Project and gathered requirements for Business and provides security and technical expertise to development of roles to satisfy business requirements.

Works with business areas and project teams to troubleshoot issues with security objects and identify and implement appropriate solutions.

Experience with ECC, BW, HR, BPC, GRC, HANA, Solution Manager Modules.

Performed testing authorizations for multiple environments and supported for testing with business and IT users.

Created and managed users in S/4 Hana. Created roles in S/4 Hana and restricted operations on objects.

Granted roles to users in Hana.

Worked on SAP HANA DB to grant users privileges and troubleshot issues related _SYS_REPO and other technical users

Created DBMC user in Hana and given privileges. Solved access issues related to object privileges for users.

Analyzed issues while connecting to SAP HANA DB through Power BI.

Created and maintained users in FIORI through LDAP. Developed roles in Fiori front End system and backend S/4.

Given access to Apps which is role based and controlled via catalogs and group assignment on frontend and restricted via authorization on backend.

Checked error logs on gateway and backend using t-code /IWFND/ERROR_LOG and analyzed authorization error related to ODATA services.

Worked with UX team to solve Fiori configuration issues.

Used Fiori Launch pad checks to see which authorization role the content is assigned and if a given user is assigned to this role.

Applied an access level to group on the Business objects (BOBJ) folder by user security.

Secured universes by data classification and applied security. Break inheritance for Internal groups on restricted or confidential universe folders so that it appears as “No Access”.

Experience with GRC Access Controls and had Basic knowledge on GRC configuration

Created roles for GRC Access Controls and performed testing of GRC roles

Documented the steps of GRC for each Process Area and helped Business with testing

Studied the Organization structure, jobs, roles and the SOD matrix for the Security developed in SAP and handled SOD conflicts for Sarbanes Oxley Compliance

Working with respective functional heads for SOD & security changes based on SOX violations at T-code level & Object level.

Worked on Third Party tools like Vertex, LDAP, AD, Track and HP

Review of critical & sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.

Performed Security tasks for Server Decommissions Monthly

Worked on Service Now tickets with necessary role modifications, role assignments and transported roles to Production weekly releases

Experience in analyzing critical issues with root cause and coordinating with respective teams to resolve the issue.

Troubleshoot missing authorization problems exclusively using ST01 and suggest resolution.

Maintaining Credentials for OSS ID's in Secure Area.

Worked on HR role modification and maintained user Info types in PA30

Given KT to Entry Level Security analysts and helped them in Project

Participated in Weekly Change Control Meetings and discussed with team regarding Meeting Notes.

Modified roles as per the RBA Process with approvals

Worked on Analysis Authorization issues in BW and added new Multiproviders in role restricted to particular Info Area

Worked on Creating BPC roles and analyzing issues related BPC.

Worked with Audit team in getting respective reports as per the requirement

Performed Security tasks for Dress Rehearsals

Worked on setting up Security tasks for Cutover Activities.

Performed Cutover tasks during Go-Live and completed tasks as per the schedule

Worked on Hyper care issues after Go-live and supported as Level 2 security for Escalations

Worked as 24/7 On-call Support and scheduled meeting with Off-shore regarding Security updates and process

Harley- Davidson Powertrain Operations Milwaukee, WI

SAP Security Administrator Dec’14 to Aug’16

Roles & Responsibilities:

Worked with functional team leads financial control teams to define the new transactions.

Gathered requirements for the end users for ECC, BW, APO/SCM systems.

Secured roles by Company Code, Plant, Cost Center, Profit Center, and Purchasing Organization etc.

Analyzing all custom programs and transaction codes for authority checks.

Analyzing all business roles and mapped them to transaction code according to business processes.

Used PFCG t-code for Role and profile management and additions.

Create and maintain user authorization, roles and profiles for SAP ECC, BW

Used Derived roles to create new role and to transfer transaction codes from old ones to new ones.

Perform user creation, modification, lock/unlock and validity date extension.

Transport the generated roles and profiles using SAP transport management system.

Identify missing authorizations via trace to use system ids to run custom program as background job in ER- Project.

Worked on GIS Security implementation.

Work with testing team about how to test security profiles.

Created Static roles in Identity and access Management with Role Owner details.

Also created and Managed IAM polices for IAM roles and assigned suitable SAP roles to IAM policies.

Assigned IAM roles to users in DEV, QA and PROD upon Approvals.

Managed Services to the IAM policy as per the requirement

Run few reports in IAM like Policies Governing a Role, Entitlements granted to an Individual, User and Account Reports and other Custom reports.

Created users in LDAP, where user can login with credentials all system Landscapes using Single Sign on.

Handle tickets and defects for authorization failures and Additional access issues.

Documented the procedure for all SAP tasks process and controls.

Identified missing authorizations via trace to use system ids to run custom program as background job in ER-Project.

Worked on Authorization objects for securing Master data, Cluster data, Personal planning data, and Payroll data.

Assigned roles indirectly in Organizational management.

Worked on id administration for a large amount of users in Development, Quality, and Training and Production instances and provided developers key and reset the passwords.

Worked with testing team about how to test security profiles.

Provided knowledge transfer for SAP ECC, SCM, and BW security environment.

Performed trouble shooting on security problems by using system traces.

Working in collaboration with application managers to clean up the security Roles to eliminate segregation of duties conflicts

Maintained system parameters for password rules through transaction RZ11.

Worked closely with Audit team for user-role conflict removal in SAP R/3 and SAP BW.

Worked with Functional team to gather required information as part of Blueprint in GT Project

Worked with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles.

Creating new users and maintained users on day to-day basis (Single roles, Composite roles and Derived roles).

User master maintenance through Central user Administration.

Supported audit team for generating audit reports.

Studied the Organization structure, jobs, roles and the SOD matrix for the Security developed in SAP and handled SOD conflicts for Sarbanes Oxley Compliance

Worked with process experts & head of departments for SOD conflicts and assigned appropriate roles to the users.

Developed custom Authorization Objects for queries developed by the users.

Knowledge of IBM Tivoli Identity Management.

Worked on Creating TR using CHARM and QGM tools.

Worked on Assigning Firefighter access to user upon Approvals.

Handled critical and high issues during Integrating Testing and Cutover

Supported Hyper care issues after GO_LIVE

Given KT to our Off-shore support team to handle issues further.

Environment: ECC 6.0, 4.7 Enterprise Edition enabled 3- System Landscape, Oracle 9.2.0.6.0, HPQC, and Windows NT/2000

Tools: GRC, REV-TRAC, ITIM

Johnson Controls Milwaukee, WI

SAP Security Analyst July’13 to Nov'14

Responsibilities & Roles:

Led SAP Security Support for SAP BI Upgrade Project from BW 3.5 to BI 7.0(Both Technical (Analysis Authorizations) and Functional Upgrade).

Marked info objects Authorization relevant from RSD1.

Created new analysis authorizations using RSECADMIN as per the requirements and restricted by company code and plants.

Restricted data by Multiproviders instead of cubes to reduce maintenance.

Worked on Authorization trace through transaction codes like RSSMTRACE, RSSMQ, RSUDO, RSSM, analysis and identifying Info Areas Info cube, and created custom authorization objects

Recommended implementation of info object level BW security.

Designed BW roles and went through complete phase from designing the roles, supporting unit and integration testing, going live and post go live support.

Responsible for all SAP Security tasks, role design, development, configuration, troubleshooting, resolution, and documentation of all Production, Test, Development Systems of all SAP landscapes.

Worked on Sail Point Identity and Access Management. Expertise in Password Management, Single Sign - on, Access request and Provisioning Roles.

Analyzed the effects of system upgrades on the Security Access.

Led Role Redesign Project to reduce number of Composite roles assigned to users to one composite and redesigned single role’s in composites to eliminate redundant authorizations assignments.

Worked with the business in creating new roles – single roles and composite roles per requirements

Coordinated the Functional Unit testing (FUT), and Integration testing.

Worked on preparations for cutover, go-live and post go live security activities

Analyzed the traces files and ABAP dumps to provide the appropriate access to the dialog as well as system users.

Maintained check indicators, authorization values for authorization objects for the SAP transaction codes through SU24 and transporting to the other SAP Systems.

Created BI analysis authorizations via RSECADMIN to implement field level & hierarchy security for org levels - company code, profit center and sales organization.

Worked with SRM team for maintaining the users & roles in the SRM Org Structure.

Worked on creating the SAP Profiles, Roles, Authorization Security for SRM Module.

Extensively worked on creating SRM derived roles from master roles and maintaining the SRM & PPS roles for the catalogs, shopping carts, bid invitation, buyers,

Work with SRM team for giving tcodes, authorizations for SRM Shopping Cart, Catalogs.

Created the Users & Roles in the portal system and assigned the Portal based roles, user groups to the users in DEV, QA, and PROD portal System for Single Sign ON (SSO).

Worked on the Portal, SAP Roles and Portal Sync Program for the user’s access in the SAP portal & SAP backend system

Preparation of SoD Matrix for the Risk analysis and remediation in GRC.

Producing SoD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using RAR in GRC.

Mitigation and remediation of users and roles for SOX using User/Role Analysis

High Level solution/design formation and verification of solution with client

Managing all phases in the project life cycle- Design, Execution, Testing, UAT, Production delivery

Quality Management and Analysis during all phases in the project life cycle

Manage day to day team activities and provide technical & functional guidance to the team

Understanding the business process of our client and designing their SAP security roles

Manage customer Relationships – Obtain feedback and responsible for customer satisfaction

Environment: ECC 6.0, 4.7 Enterprise Edition enabled 3- System Landscape, BI 7.0,BOBJ, GRC 10,SRM

Tools: GRC

Cardinal Health Hyderabad, India

SAP Security Consultant Oct’11 to Apr’13

Responsibilities & Roles:

Security related support on New Dimension products like BW/BI.

Created BI analysis authorizations for FI, MM, SD internal data.

Performed end to end unit testing.

Supported Integration testing and resolved missing authorizations to help consultants.

Resolve all the pending problems received in UAT, cut over and go-live.

Prepare the operational guides for Access Risk Analysis.

Access request management, Business role and Emergency Access management.

Coordinating with onsite and offshore team on regular basis.

Prioritizing the issues which will have impact on go-live.

Trouble shooting using ST01 and SU53.

Transported the generated roles and profiles using SAP transport management system (STMS).

Review of critical & sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.

Performed Sarbanes Oxley Compliance - SAP System Audit and documentation of Significant Processes and controls.

Working with client for their different projects like role SOX cleanup and Role cleanups.

Working with respective functional heads for SOD & security changes based on SOX violations at T-code level & Object level.

Aligning resources in shifts as per the requirement and delegating tasks to one or more depending on priority

Customized role attributes defined naming convention, role sensitivity, criticalities, functional areas, and maintained role status for auto provisioning.

Environment: ECC 6.0, 4.7 Enterprise Edition enabled 3- System Landscape, Oracle 9.2.0.6.0, HP-UX, Linux, and Windows NT/2000

Tools: GRC

MARS Master Foods Hyderabad, India

SAP Security Analyst Jan’10 to Sep’11

Project Description:

Mars is an $18bn Business Organization operating in over 65 countries. Mars, Inc. now operates its three core businesses - snack food, pet care and main meal food - under the Master Foods name in most parts of the world. MARS landscape is basically a mySAP.com implementation with all major SAP applications like R3, BW, CRM, APO. It has a vast landscape of 120 SAP servers. Mars landscape is a multi-system landscape, as per SAP best practices.

Responsibilities & Roles - MARS:

Used PFCG t-code for Role and profile management and additions.

Create and maintain user authorization, roles and profiles for SAP ECC, BW

Used Derived roles to create new role and to transfer transaction codes from old ones to new ones.

Perform user creation, modification, lock/unlock and validity date extension

Maintained SU24 settings for all transactions before building the roles, so that Roles can be built with ease and allow less maintenance subsequently.

Troubleshoot missing authorization problems exclusively using ST01 and suggest resolution. Maintaining Credentials for OSS ID's in Secure Area.

Executing Scheduled/Emergency/Production Transports via. CUA.

Extensive experience in performing SoD Analysis on users and roles using VIRSA 4.0

Created and modified functions and risks using Compliance Calibrator

Creation and maintenance of fire fighters using /VIRSA/VFAT transaction

Security logs and performance reports for transactions in productions systems.

Monitoring and execution of transports manually in the target system

Capable of satisfying the customer for all the production activities & outages handled and received lot of appreciation from the customer & Team Leads.

Environment: ECC 6.0, 4.7 Enterprise Edition enabled 3- System Landscape, Oracle 9.2.0.6.0, HP-UX, Linux, and Windows NT/2000

Tools: VIRSA, MAESTRO, REV-TRAC, Lotus Notes, Magic 2.0

OFFICE MAX Hyderabad, India

SAP Security Consultant Jun’ 09 to DEC’ 09

Gathered requirements for the end users for BW, APO/SCM and R/3 Systems.

Created roles and worked on user mapping.

Secured roles by Company Code, Plant, Cost Center, Profit Center, and Purchasing Organization etc.

Analyzed all customer programs and transaction codes for authority checks.

Analyzed all business roles and mapped them to transaction code according to business processes.

Performed user creation, modification, lock/unlock and validity date extension.

Worked with PFCG for Role and profile management and additions.

Derived roles from Master role and maintained Org. values for different locations.

Documented the procedure for all SAP tasks process and control.

Identified missing authorizations via trace to use system ids to run custom program as background job.

Worked on Authorization objects for securing Master data, Cluster data, Personal planning data, and Payroll data.

Assigned roles indirectly in Organizational management.

Handled tickets for authorization failures.

Worked on id administration for a large amount of users in Development, Quality, and Training and Production instances and provided developers key and reset the passwords.

Worked with testing team about how to test security profiles.

Provided knowledge transfer for SAP ECC, BW, SCM security environment.

Performed trouble shooting on R/3 security problems by using system traces.

Working in collaboration with application managers to clean up the security Roles to eliminate segregation of duties conflicts

Environment: ECC 6.0, 4.7 Enterprise Edition enabled 3- System Landscape, Oracle 9.2.0.6.0, HP-UX, Linux, and Windows NT/2000

Tools: VIRSA

Education

Jawaharlal Nehru Technological University

Bachelor's of Technology in Computer Science 3.5 GPA



Contact this candidate