Senior SAP Security
Resume:
ARCHANA KRISHNAMURTHY
*************.*******@*****.*** PH: 862-***-****
CERTIFIED SAP SECURITY/GRC 10 CONSULTANT
SUMMARY OF QUALIFICATIONS
Seven plus years of experience as SAP security and GRC Consultant.
SAP Certified Application Associate- SAP Business Objects Access Control 10.0
SAP Netweaver Certified Associate-SAP Security (2004)
Solid Expertise in SAP solution manager, Portal Security, BW/BI Security, BOBJ security, PI security ECC/R/3 Security, SRM and CRM Security, Solution Manager. Track record of improving productivity through efficient LSMW and ECATT Scripts.
Implementation, Configuration and administration of GRC- RAR, CUP and SPM.
Expertise in creation and maintenance of analysis authorization in BI.
Expertise in handling tcode SU25 through various upgrade projects.
Experience in BOBJ Security and exposure to HANA Security.
Involved in Five full lifecycle implementations from business blueprint to Project Go-Live.
Handled Offshore-Onsite models and adhered to the SLA requirements of the client.
Involved in both internal/external audit and implementation of audit findings for all SAP and GRC instances and environments.
Experience in maintaining and track the project plan from resources, functional and technical requirements to the Go-live needs and details of the project.
Proficient in Change Management applications like Remedy, Service Now, SMART and Footprints for solving help desk tickets in both production and non-production systems.
Thoroughly experienced in all phases of a project lifecycle beginning with the business blueprint all the way until production support.
Strong leadership qualities and ability to work independently. Great team player. Adept and experienced in problem solving and providing solutions.
PROFESSIONAL EXPERIENCE
Cognizant Technology Solutions Dec‘11 till March ‘15
Project Name: Hubbell User Access Review
Project Description: Client is reviewing the current roles assigned to the users and making changes to the users and roles to resolve the conflicts.
Project Role: SAP Security Lead
Project Responsibilities:
Analysis of the current role structure and assignment of roles to the users.
Analysis of the relevant and non-relevant tcodes assigned to the current roles.
Expertise in providing recommendations to the client in resolving the conflicts as per the user access history.
Provided hyper care post implementation support for all SAP ECC 6.0 rollouts.
Created SAP service IDs, System and communication IDs and OSS logon IDs.
Creation of new derived roles as per the decision made by the domain and business team.
Worked with Security weaver to make sure that the new roles does not create any new conflicts.
Experience in providing user access report and simulation of new roles from the security weaver.
Expertise in performing risk analysis for all production instances.
Created and applied new mitigating controls for critical and high risks.
Performed Quarterly and annual SOX/Risk audits with the risk and role owners.
Creation of new Firefighter ids, owner and controllers.
Project Name: Atlas and Domestic Transition and Support
Project Description: Transition of support and project from Infosys and HP for all the SAP landscape – ECC, BW, BOBJ, R/3, GRC5.3 and PI. Production and 24/7 support of all SAP instances. Internal and external audit review and documentation.
About Client: The Clorox Company is an American manufacturer of various food, chemical and consumer products based in Oakland, California, which is best known for its namesake bleach product, Clorox.
Project Role: SAP Security and GRC Lead
Project Responsibilities:
Responsible for the security knowledge acquisition and transition from previous vendors.
Production and Non-Production support for all SAP environments and instances via Service now and SMART.
Adhere to the change management process of the client and follow all process and procedures of the client.
Performed the duties of the transport co-ordinator.
Monitor and work on Service now tickets for both production and non-production of more than 40 instances.
Involved in audit report review for internal and external review.
Implementation of audit findings for all SAP instances.
Involved in both internal and external audit for BW, R/3, ECC systems.
Performed SOD risk analysis and applied mitigation of controls for all production instances.
Weekly SOX report via RAR and CUP for all production systems.
Assignment of Firefighter id and monitor of Firefighter id and their tasks.
Management of both offshore and onsite for security and GRC tasks.
Making sure that tickets and change request have been updated and resolved on time without SLA breach.
Creation and maintenance of Analysis Authorization and roles in BI7.0.
Creation and Assignment of PD and Structural authorizations in HR.
Addition of missing roles and tcodes in GRC.
Recommendation of new mitigating controls for risks along with the business and risk owners.
Project Name: COMET
Project Description: Client has started the first implementation of SAP for the modules- ECC - FI, PTP, OTC, MDM, CRM, PI. Cognizant is responsible for the build of new roles in QA and Production for all the modules.
About Client: Sears Holding Corporation is a leading American multinational company headquartered in Hoffman Estates, Illinois. The company was founded in 2005 by the merger of Sears and Kmart.
Project Role: SAP Security Lead
Project Responsibilities:
Responsible for getting the business and functional requirement from the client for ECC, CRM, Web Channel- WCEM Roles..
Build of new roles for QA and Production in modules of ECC-OTC, FTM, and PTP.
Build of new roles for CRM and Web Channel- WCEM.
Build of new roles and groups for PI and entire security strategy for PI.
Unit and Security Testing of the security roles in all modules- ECC, CRM and PI.
Creation of Test IDs for Security and functional testing in QA.
Creation of Security Strategy and Role-Transaction code Matrix for the client for all the modules.
Documented the security strategy and technical requirements for all the modules.
Provided 24/7 production support after go-live.
Project Name: Polaris
Project Description: Client had engaged Cognizant for implementing SAP Security
About Client: 3M- Leading mining and manufacturing company headquartered in Maplewood, Minnesota with annual revenues of more than $30 Billion in sales from more than 55,000 products.
Project Role: Core Team Member for SAP Security
Project Responsibilities:
Involved in the full life cycle implementation of various modules of SAP- ECC6.0, SRM, SCM, BI, BOBJ and CRM-RDS.
Involved in requirements gathering from various business and process teams.
Worked as a single point of contact for SRM, ECC-Order to Cash and CRM-Rapid Development Solutions.
Creation of single and derived roles for SRM and CRM from Standard SAP Delivered Roles and changing them according to the client requirements.
Maintenance of SU24 authorization objects for sap standard and custom transaction codes.
Transport of roles from Development to QA to UAT to Production via Control Panel-GRC.
Troubleshooting of role and user access issues via Remedy Ticketing System.
Assisted Client in the interview process for new security team members.
Creation of Test user ids and management of transport systems via CPGRC tool.
Creation of Firefighter ids in GRC 10.0 for the UAT and Cutover in Production system.
Analyzing SOD issues and applying mitigating controls in GRC 10.0
Expertise in troubleshooting user issues via ST01 and SU53.
Xenosoft Technologies Inc. June ’10 – Dec ‘11
Client: Wolters kluwer, Chicago, Illinois
Project Role: SAP Security Lead
Project Responsibilities:
Responsible for the Role Re-design and support for the ECC6.0 and BI Security.
Extensive experience in SAP Security Administration & Authorization including Activity Groups, Profile Generator (PFCG) and Central User Administration.
Creation of Analysis Authorizations using Sales_org and Company_code.
Creation of single and derived roles as per the requirements from the business and functional team.
Some of the medium to high risks were either recommended to work with mitigation or go with firefighter ID to respective Business Areas.
Maintainence of Authorization objects using SU24 for both standard and custom transaction codes.
Client: Kraton Polymers, Houston, Texas
Project Role: Senior SAP Security consultant
Project Responsibilities:
Responsible for the Role Administration and support for the ECC6.0 and BI Security.
Creation of new derived roles for all areas FI, MM, Logistics, Third party users, CFR’s globally.
Implementated the new role structure globally according to the regions and company codes.
Performed Unit and UAT Testing for all the roles in ECC and BI security
Interacted with Global Managers and End users in the development and testing of the roles.
Creation of new BI Analysis Authorization for each of the end use and region in the company.
Created new BI roles for Sales Rep, Sales Managers and Analysts.
Troubleshooting user issues and reporting authorization issues via footprints.
User Administration using SU01 in both production and non-production environments.
Documentation the policies and procedures for internal audits and Sox Compliance.
Performing Risk Analysis using RAR and Mitigation of Risks by development of effective controls and procedures.
Upload and download of Rules and mitigating controls from GRC Production to QA system.
Development of new Mitigating Controls for FI, Security for SOX compliance.
Implementation of PFCG_TIME_DEPENDENCY to update the roles and profiles in all the systems.
Upgrade of ECC6.0 Enhancement Pack 3 to Enhancement Pack 4N using SU25.
Experience in Business Objects user administration and maintainence of users using Active Directory.
Usage of PANAYA tool to administer and upload the testing results for the upgrade.
Worked with Internal and External auditors for SOX audit.
Worked extensively with Solution Manager for managing User access across all modules.
Experience in working with Single Sign-On for many production and non-production SAP Systems.
Netmatrix Solutions Inc. May ’08 – Jan ‘09
Client: Celanese International, Dallas, Texas
Project Role: Senior SAP Security Consultant
Project Responsibilities:
Proposed and implemented effective controls spanning all areas of Finance for SOX Compliance.
Responsible for the Logistics Roles and support of the R/3 system 4.6C, BW systems.
Interfaced with the external auditor and handled all audit issues.
Improved productivity through development of ECATT and LSMW scripts for repetetive Security tasks.
Alleviated audit concerns such as sensitive transaction access control by configuring alert monitor in Compliance Calibrator.
Worked on analyzing the SOD Matrix in order to accommodate all the custom transactions and also making sure it is updated with all the required authorizations
Prepared Test Plans and Test Scripts for testing the new roles and transactions.
Worked on Profile Generator to create new roles and modify existing ones in order to reduce the existing the SOD conflicts
Involved with the Security Controls and SOX activities for the company and analyzing the existing roles and implemented changes in order to restrict the sensitive transactions.
Implemented many process improvements in the Security Procedures which helped streamline the user provisioning process and gave a quick turn-around time for the end users
Protiviti Inc. April ’07- April ‘08
Client: Rohm & Haas, Philadelphia, PA
Project Role: Senior SAP Security Consultant
Project Responsibilities:
Accountable for audit and SOX compliance issues.
Worked with Mercury Quality center to create test scripts and store the testing results for the client.
Designed, Implemented and Supported security strategy for ECC6.0 and BI systems.
Creation of new roles in ECC6.0 and BI systems.
Unit and User Acceptance testing for the new roles in ECC6.0 and BI.
Provided 24/7 Go-Live support globally.
Created and maintained ECATT scripts.
Led knowledge transfer sessions and trained the production support team.
Material Software Solutions Inc. May ’05 – March ‘07
Client: VWR International, West Chester, PA
Project Role: SAP Security and GRC Consultant
Project Responsibilities:
Accountable for security of complex project on ECC5.0 and BI.
Designed and developed SAP technical roles; analyzed financial business processes, ensured compliance from SOX perspective.
Extrapolated SOD type controls and critical access as part of GRC 5.x implementation. Customized the rule set in GRC for SOD analysis.
Designed Security Strategy and Implemented Portal Security which is extensively involved in resolving security issues raised in HP Quality Center.
Designed and Documented Security administration policies and procedure
Client: Vistakon Pharmaceuticals, Jacksonville, FL
Project Role: SAP Security and GRC Consultant
Project Responsibilities:
Interfaced with the auditor and supported all audit activities, established SAP security policies and procedures, advised clients in industry best practices in areas of audit, SOX compliance, SOD remediation and mitigation for SAP FI/CO implementation.
Reviewed and analyzed the deficiencies in the existing security processes and recommended process improvements.
Implemented security in SRM/EBP, BI and R/3 systems
Mitigated the SOD issues using Compliance Calibrator and worked with the SOX committee in order to ensure clean roles.
Designed and implemented the required Security for several projects and worked on analyzing the conflicts of transaction codes and suggested mitigation controls for the same.
Performed analysis of SU53 as well as setting up and analyzing user traces to troubleshoot user access problems.
Worked with functional consultants in understanding the problem and suggesting suitable solutions.
Created CATT scripts for changes in Role groups and User Administration activities.
Applied Program and Table level Security for custom Transaction codes.
Created Single roles, Composite roles and Derived roles by using Profile Generator PFCG for all the Modules
Extensively worked on Authorization Objects, Authorization Fields, Authorization Values. Also worked on the analysis of User Access, Missing Authorization, Trace Files, System Logs, Audit Logs, Update Errors, User Locks, Transaction Locks, User Activity and research of possible tampering of data
Worked on streamlining the security process and came up with many process improvements techniques for the same.
Performed security audits and worked with both external and internal auditors
Client: Avaya Communications, Basking Ridge, NJ
Project Role: SAP Security Consultant
Project Responsibilities:
Experience in building derived and composite roles for R/3 3.1h and 4.6c systems.
Ensured SOX compliance, utilized VIRSA/GRC’s compliance calibrator, performed simulation of risks before modification. Enabled regulated super user access control, utilized trace results to identify expected authorization values; incorporated them into security roles after upgrade.
Work with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles by analyzing the business requirements and development of roles.
Analyzed all business roles and mapped them to transaction code according to business processes
Working with VIRSA for SOD & security changes based on SOX violations at Tcode level & Object level.
Analyzing the Roles created using Authorization objects and inserting the missing authorizations manually.
User Administration responsibilities included: Created authorization profiles, Activity Groups and Users. Defined Job profiles for various Functional Areas, Created Authorizations and Profiles based on the Job Profiles, Created and Maintained User Master records, Utilization of SU53, System traces and Debug utilities to Optimize authorization, checks Customized User Logon Controls.
EDUCATION AND TRAINING
MASTER OF SCIENCE IN ELECTRICAL ENGINEERING
FAIRLEIGH DICKINSON UNIVERSITY Teaneck, NJ
BACHELOR OF ENGINEERING IN ELECTRONICS & COMMUNICATION ENGINEERING
madras university Chennai, India
CERTIFICATION
SAP Netweaver-SAP Security (2004)- C_TADMSEC_04
SAP Business Objects Access Control 10.0- C_GRCAC_10
TRAINING
ADM940 Authorization Concept AS ABAP
ADM950 Secure SAP System Management
ADM960 Security in SAP System Environment
HR940 Authorizations in SAP HR
GRC300 SAP GRC Access Control - Risk Analysis and Remediation
GRC300 SAP Business Objects Access control 10.0
Reference: Available on Request
Contact this candidate