Security Sap
Resume:
Asif Haque
SAP Security Consultant
act5tz@r.postjobfree.com
PROFESSIONAL SUMMARY:
Six years SAP Security experience in SAP R/3 (ECC 7.40, 6.0, 5.0), SAP HANA, CRM and SRM. Exceptional technical proficiency and astute application of Sarbanes-Oxley. Project management skills combined with demonstrated abilities to develop and implement technical solutions to meet critical business needs. Experience in complete SAP ECC full life cycle implementation covering many different modules. Expertise with maintenance/creation of roles (PFCG) and user administration (SU01). Established best practices for maintaining Authorization Object. Outstanding leadership and interpersonal skills resulting in productive working relationships among business users. Effective communicator with an ability to translate technical terms into business terms, making it easy to understand. Vast amount of experience in checking Segregation of Duties (SOD) in GRC 5.3 and GRC 10.1. Knowledge of access control with GRC tool. Developed preventative controls to ensure the appropriate level of protection and adherence to goals of the overall SAP security strategy. Used Security principle that least privilege access is given to users to perform the task required. Collaborated with other team members and business representatives to ensure that security settings meet the requirements of the business and align with the defined controls and standards. Diligent and adaptable to various working environment. Excellent problem solving skills, team player with good communication skills.
SKILLS:
ERP: SAP R/3(ECC 7.4, 6.0, ECC5.0/4.7E/4.6C)
Security Tools: GRC (EAM, ARA, ARM, BRM)
CUA - Central User Administration
SAP HANA
PROFESSIONAL EXPERIENCE:
Carlisle Interconnect Technologies, Saint Augustine, FL Oct 2015 – Currrent
SAP Security Administrator
Worked on Profile Generator (PFCG) in creating different types of roles such as composite, derive and single roles.
Performed Unit testing on new created role and existing modified roles.
Used Central User Administration (CUA) for distribution and management of users.
Interacted with business users to determine the requirement needed to perform the task.
Collaborated with team managers to find an appropriate role profile for users without causing SOD conflicts.
Performed user and role simulation in GRC for SOD and mitigated risks through Access Risk Analysis (ARA)
Checked SODs on user level as well as role level using RAR (Risk Analysis and Remediation) in GRC.
Troubleshoot authorization failure using SU53 screenshot and designating a suitable role and making role change.
Worked broadly in SUIM t-code to identify where the roles/users with the searched authorization object exist.
Proactively worked with the users using trace (ST01) to find the failed authorization.
Use transaction SE16 or SE16N to view tables.
Created transport request and release transport using PFCG and SE09. Also worked with Basis team to move the changes throughout the landscape.
Created User Groups in t-code SUGR for easy organization and administration of user grouping.
Supported and handled security development and users in all functional modules of SAP such as SD, MM, FICO
Actively involved in assisting Internal Audit team with reports and SAP User License audit. Identified gaps in Security and worked with auditors to maintain the audit checks.
Maintain transaction and authorization data in roles
Worked with process owners to ensure SOX documentation is updated (as needed) and reports are submitted timely.
Regularly worked with Process Owner, Control Owner, Auditors and Management to fulfill audit requests;
Identify business, control and audit risks. Execute and report on annual/quarterly SOX testing;
Managed production support for more than 1500 users that included role enhancement and user assignments.
Locked/unlocked and maintained large number of users using t-code SU10. Continuously improved security configuration to reflect best practices and to prepare for system audits.
Involved in all aspects of SAP security from setting up naming conventions for roles, profiles, test ids, custom objects and user groups for various different functional teams.
Responsible for the review of role redesign, implementation strategy of ECC 6.0 roles and authorizations based on business direction.
Generated authorization profiles, assign roles and profiles to Users
Worked closely with the technical leads to create and maintain security roles, discuss status reports, policies related to the SAP ECC system, project timeliness and deliverables.
Used Panaya to analyze issues before upgrade to minimize the risks associated with system changes.
Kellogg’s, Oak Brook, IL Aug 2013 – Feb 2015
SAP Security Administrator
Worked on Profile Generator (PFCG) in creating different types of roles such as composite, derive and single roles.
Performed Unit testing on new created role and existing modified roles.
Interacted with business users to determine the requirement needed to perform the task.
Collaborated with team managers to find an appropriate role profile for users without causing SOD conflicts.
Troubleshoot authorization failure using SU53 screenshot and designating a suitable role.
Worked broadly in SUIM t-code to identify where the roles/users with the searched authorization object exist.
Proactively worked with the users using trace (ST01) to find the failed authorization.
Identified gaps in Security and worked with auditors to maintain the audit checks.
Identified process and control improvements, Security improvements for ECC 6.0, CRM, and SRM system.
Created User Groups in t-code SUGR for easy organization and administration of user grouping.
Supported users for the security issues in all functional modules.
Created and maintained developer profiles for ABAP, Security and Basis teams.
Worked in portal environment and maintain Security within.
Other functions included resetting passwords, and locking/unlocking user ids.
Worked on setting up SAP Users (SU01) and Roles (PFCG).
Locked/unlocked and maintained large number of users using t-code SU10. Used LSMW transaction and administered large amount of users.
Continuously improved security configuration to reflect best practices and to prepare for system audits.
Involved in all aspects of SAP security from setting up naming conventions for roles, profiles, test ids, custom objects and user groups for various different functional teams.
Built and maintain roles on all existing systems.
Worked closely with the technical leads to create and maintain security roles, discuss status reports, policies related to the SAP R/3 system, project timeliness and deliverables.
Handled Security development for all modules of SAP such as SD, MM, and etc.
Created transport request and release transport. Also worked with Basis team to move the changes throughout the landscape.
Continuously ensured that Security authorization objects are fully maintained through SU24.
Created and modified Single Roles, Composite Roles and Derived Roles.
User master maintenance including creating users, deleting users, and copying/renaming users.
Documented the changes performed on roles, user access, profile maintenance, and security procedures.
Transported the generated roles and profiles using SAP transport management system.
Created custom authorization objects to meet business requirement around security restrictions.
Communicated effectively to explain the role owner and process owner of the changes needed in a role.
Devon Energy, Oklahoma City, OK June 2011 – July 2013
SAP Security Analyst
Involved in maintaining user access of roles for different geographic location by providing access and restricting Org-Levels.
Created users and roles in the system as per the requirement based on SOX standard on day to day basis.
Used Central User Administration (CUA) for distribution and management of users.
Made changes to single/master roles and generated profiles of those roles.
Supported SAP implementation from security side providing access to users, resolved SAP access issues and determined the required access using trace.
Worked directly with users, functional analysts, and developers to identify security requirements and translate requirements into Security Designs.
Created users, roles and assigned required privileges for the database access.
Used Profile Generator for creating and modifying roles like composite, derived and global roles.
Checked SODs on user level as well as role level using RAR (Risk Analysis and Remediation) in GRC.
Mitigated users using SPM (Super Privilege Management) system in GRC and maintained Controllers and Owners.
Implementation of Emergency user concept with GRC Firefighter tool and Business Firefighter ids for example closing a financial pay period.
Created users, preserve user master record and established security policies and procedures.
Analyzed root cause of security failures to resolve help desk tickets; support unit and integration testing of roles/profiles, assist business with remediation of segregation of duties conflicts.
Worked on many different tables to ensure and analyze the required information is obtained.
Performing SAP R/3 Security activities related to SU53 based authorization issues or system trace using ST01.
Developed and streamlining R/3 Security Roles.
Provided SAP Security recommendations for sensitive t-codes and how to ensure users are not assigned sensitive t-codes.
Owens-Illinois, Perrysburg, Ohio Feb 2010 – June 2011
SAP Security Analyst
Assisted in planning overall security approach for project scope.
Worked with functional teams to define security requirements.
Handled Security development for all modules of SAP such as SD, MM, and etc.
Created and generated profile, authorization objects, object classes, and assigned to user master record.
Effectively analyzed trace files and tracked missing authorizations for user access problems and maintained missing authorizations.
Extensively used Profile Generator to create and modify roles and profiles for various modules.
Transport and mass transports of role profiles throughout the R/3 system.
Extensively worked with authorization objects, fields and profiles.
User maintenance - creation, deletion, lock, unlock, and password management.
Lock/unlock mass users for System refresh activities.
Documented procedures on SharePoint site for all SAP tasks, processes and controls.
Performed troubleshooting on R/3 security problems for project team and end users.
Used many different transactions (SU10, SU53, SU24, SUIM, SE93 etc.) and administered large amount of users.
Maintained huge number of users based in different locations, communicating with users, and troubleshooting their problems instantly with proper approvals
EDUCATION:
Bachelors of Architecture – Auburn University
Contact this candidate