Security Information Technology
Resume:
SAP SECURITY CONSULTANT
MAHESH BABU U
Ph: +91-738*******
E-Mail: ******.**********@*****.***
PROFESSIONAL EXPERIENCE
. Having total Experience of 6 years in various fields.
. 4+ years of experience on SAP Security R/3 and GRC 5.3 with emphasis on
maintenance, troubleshooting and day-to-day support.
. Expertise in Security Administration in SAP R/3 ECC 6.0 and GRC 5.3.
. Security Administration: Maintained SAP security in terms of creating
users, creating roles, assigning roles, assigning authorization objects
to roles using profile generator.
. SAP R/3 Security for User Master Records Maintenance, maintaining
Authorizations Group/Profiles/Roles and assigning roles/profiles to
users.
SAP SECURITY SKILLS
. Having Good experience on SU01,SU10,PFCG,SUIM,TABLE SECURITY,CUA,GRC 5.3
.
. User administration involving creation/deletion/locking/modifying as per
approval.
. Role administration of Single, Derived and Composite Roles.
. Worked with AGR_1251, AGR_1252, AGR_AGRS, AGR_USERS tables.
. Executed Several RSUSR* reports to ensure that there is no security
outages.
. Experience with Internal Audit of R/3 System.
. Worked on Important authorization objects like S_DEVELOP, S_PROGRAM,
S_TABU_DIS.
. Experience on assigning missing authorizations using SU53 and ST01 as per
the user requirement.
. Monitoring the critical transaction codes and ensures that they are
assigned to the concerned users only.
. Maintained table security using authorization groups.
GRC SKILLS
. Configuration of Super user provisioning on user based firefighter Id's.
. Used VIRSA FIREFIGHTER to give emergency access to functional, technical
and audit team.
. Created FF Id's, Assigned ID's to owners and controller to FF Id's and
maintained configuration table.
. Configured RFC's and JCO RFC Connection from SPM to ECC.
. Assigned SuperUser Roles to the users for emergency access and monitored
and audited their activities.
. Define background jobs for the log reports.
. Setup Background Jobs for user/role/profile synchronization High, Medium
Alert.
. Monitor SOD Conflicts and user level and role level.
. Uploaded Rule Sets and generated Rules.
. Created Monitors, Approvers and mapped them to mitigation control.
. Daily monitoring of jobs that are necessary for the GRC application(s) to
run effectively and efficiently, for example nightly management risk
analysis reporting.
PROJECT PROFILE
Client Profile#2
Ensis Information Solutions Pvt Ltd
Duration: Dec2011-Tilldate
Ensis info is an enterprising company devoted to enabling its clients to
become increasingly more competitive, productive, and profitable through
people and technology from a pool of global talent, domain expertise,
technical bandwidth, established credibility growth in the sectors of
Information Technology, Wireless Technology, Public Sector, Travel,
Logistics, Banking & Finance, Consumer Telecom, Life Sciences & Healthcare,
Energy and Utilities.
Roles and Responsibilities:
. Technical analyst for SAP security in production & non-production
environments.
. Segregation of Duties and Audit Compliance Standards
. Critical authorization objects such as S_TABU_DIS, S_PROGRAM, and
S_DEVELOP were restricted and monitored.
. Restricted the list of illegal passwords.
. Worked with security related tables such as AGR_TCODES, AGR_USER, and
AGR_DEFINE etc.
. Experienced with implementing CUA functionality within customer
landscapes
. Day to day technical support and resolution of Security issues.
. Good experience of Autorisations and its Objects, Creation of Roles and
its Administration.
. Performed user maintenance tasks, User creation, deletion, lock down,
activation, password management tasks and ran various user administration
reports.
. Performed User comparison in PFCG
. Troubleshoot security/authorization related problems using SU53, ST01 and
SUIM
. Created Monitors, Approvers and mapped them to mitigation control
. Created FF Id 's, Assigned ID's to owners and controller to FF Id's
. Assigned Administration Role, Controller Role and Owner Role in SPM.
. Assigned SuperUser Roles to the users for emergency access and monitored
and audited their activities.
Client Profile#1
Kirby Building Systems.
Duration: Feb2010-Nov2011
Kirby Building Systems is a global leader in the design and manufacturing
of pre-engineered steel buildings and structures, offering customers a wide
range of customized, cost-effective pre-engineered steel solutions. With
manufacturing plants in Kuwait, UAE, India and Vietnam, our production
capacity exceeds 400,000 MT, allowing our state-of-the-art facilities to
produce hundreds of custom-made steel buildings every year.
Roles and Responsibilities:
. Creating SAP user accounts as per the client request.
. Creation and Maintaining Organization level (company code, controlling
area, sales group, etc).
. Extensively worked on SUIM in generating reports for and analyzing
authorization issues.
. Troubleshooting missing authorizations in SAP.
. Critical authorization objects such as S_TABU_DIS, S_PROGRAM, and
S_DEVELOP were restricted
and monitored.
. Locking/deactivating accounts as per client request.
. Restricting authorizations of fields, field values.
. Secured all sensitive tables and custom programs with authorization
groups, T-codes.
. Program level security, table level security etc.
. Managed and performed internal control audits, testing control design
and effectiveness
. Resolved Audit Issue in discussion with client personnel.
. Assessed information technology control elements to mitigate IT risks
regarding the confidentiality, integrity and availability of business
information.
. Communicated the results of audit and consulting projects via written
reports and presentations to management.
. Reviewed Internal Controls planning and execution.
EDUCATIONAL QUALIFICATION
. B.Tech (ECE) from JNTU Hyderabad-2007.
Contact this candidate