Sap Security
Resume:
SHYAM BHUSHAN UPADHYAY
E- Mail: *****.*****@*****.*** Mobile: +1-732-***-****
Sr. SAP Security/ GRC Consultant & SAP Auditor
OVERVIEW
Shyam Upadhyay is SAP Security/GRC Consultant & Senior SAP Auditor with 7 years of experience in SAP Security/GRC implementation, SAP IT Auditor, Support and Upgrade projects for diversified clients belonging to Life science, Manufacturing and Oil & GAS. SAP expertise includes extensive knowledge in solution architecture, design, build and application support for small to very large scale Security and GRC implementation/Upgrade for clients in India, US and Philippines. SAP expertise includes extensive knowledge in SAP User administration and SAP Security role design for different modules in R/3, BI and PI systems and SAP GRC Implementation, SAP IT Auditor, Upgrade and Support, SAP User administration for ABAP and JAVA, SAP GRC Access Control with SOX compliance standards. Experience includes in role restructure, user administration for ABAP and JAVA system, GRC system configuration, technical developments, testing, user training, documentation, post go live support and Periodic Activities.
EXPERIENCE SUMMARY
Worked as SAP Security, GRC & Basis Consultant/Project lead/Solution Architect in Multiple Client location in India and abroad.
Worked as Senior SAP internal IT Auditor and conducted External Audit with PWC.
SAP experience includes level 3 supports and troubleshooting as security, GRC and Basis Consultant with Audit
Experienced in working on Implementation, Go-Live, Post Go-Live, Production Support, Security Re-design, and segregation of duties (SOD) remediation projects
Proficiency is in SAP include User ID Management, Authorization Management, SOX Compliance Activities, Project Support and Periodic Activities
Handled SAP security implementations (SAP R3,BI,APO,Portal) in one of the biggest SAP global implementation for 10+ companies with 20000 users
Completed SAP Security assessment for role redesign and set up the SAP Security controls and process
Collaborated extensively with SOX, Internal Audit, and External Audit teams for SAP systems compliance activities
Handled security for various modules: FI, CO, MM, SD, WM, LE, PM, PP, HR / HCM, ESS, MSS, BI / BW, BOBJ, BPC, APO / SCM, SEM / BPS, CRM, SRM, EBP, Travel Management (TV), Succession Planning, Performance Management, XI / PI, Enterprise Portal (EP), Solution Manager, and Vistex
Experience in CUA administration
Change management which involves design, configuration and Transport of Roles across the systems
SAP GRC 5.3 support for UAR & SOD review process
Proficiency is in SAP GRC Access Control configuration and SOX compliance support
SOD Rule set design in GRC system, GRC (Compliance Calibrator / Risk Analysis and Remediation / Access Risk Analysis, Fire Fighter / Superuser Privilege Management / Emergency Access Management, Access Enforcer / Compliant users Provisioning / Access Request Management), and Fpast tools
Designed Password self-service through GRC
Implementation of critical t-code usage monitoring system
Competency in various areas like SAP Background job Management, SAP Database administration, Performance monitoring, Operating system monitoring, System Copy and Maintenance, Transport and Refresh Activities, SAP security compliance and preparation for security Audits.
Worked on System Monitoring, Jobs Monitoring, CHARMS etc.
Worked on various Operating Systems like Windows 2003 Server, Windows 2008 Server and Linux
User maintenance utilizing LDAP/Active Directory and single sign-on (SSO) for SAP GUI
Sound knowledge and experience of ITIL framework including RCAs, Risk Management, Incident Management, Problem Management, Change Management, Configuration Management, Capacity Management, etc.
Excellent communication, problem Solving and analytical skills
Extensive experience with resolving ticket issues and troubleshooting security authorization problems while adhering to Service Level Agreements (SLA)
Experienced in adhering to the Change Management Processes for transporting roles, tables, security objects, GRC configuration, and maintaining the change documents
TECHNICAL SKILLS
SAP Products
Non SAP Products
Additional Tools
Operating System
SAP NW 700, SAP ECC 6.0, R3, HR, BI, APO, MII, Netweaver, Portal, MDM, PI, GRC Access Controls 5.3, Central User Administration(CUA)
Sound knowledge of JD Edwards security, VBA scripting
BMC Remedy 7.6, Iris, SAP GUI, MS Access Database, Active Directory/LDAP Microsoft Package, Salesforce, HPQC, My SQL, MDM Console, SAP Service Marketplace
HP Unix, Linux, Windows
EMPLOYMENT RECITAL
Project 1
Project Name
H.D Smith - Security & GRC implementation
Team Size
4
Start Date
July 2015
End Date
Till Date
Description
The scope of this project includes implementation of new SAP Security roles for Finance, Vistex, SD, LE and MM modules in ECC 6.0, BI and PI systems.
This project also includes configuration and support of GRC 10.0 system. GRC feature will be implemented user/role creation through GRC, UAR and SOD review process setup, critical t-code usage monitoring, template based request form, firefighter process setup, etc.
Role & Contribution
Creation and Maintenance of Roles, Profiles and User groups
User ID management
Authorization group maintenance for tables and Programs
Maintenance of Authorization checks on Transaction code
Maintenance of Authorization checks on Authorization objects
Troubleshooting Security issues
Hands on Trace
Hands on Transport of Security changes
Creation of transport request and importing them in Quality and production.
Assigning firefighter Id to users.
Implement Password Self Service (PSS)
CUA Implementation
Discussing with the SMEs of different modules to set up/ modify security role matrix
Maintenance of SAP User Master along with Role Matrix
Configuration of all components of GRC 10.0 system.
Troubleshooting Security issues.
Running Risk Analysis on the GRC Access Control tool
Removal/ Mitigation of SOD violations
Creating GRC access request for assigning additional access and Firefighter access.
Maintenance of workflow for access requests, Firefighter log review.
Modifying GRC Rule set.
Technologies
GRC 10.0, ECC6.0, BI 7.0, PI, Salesforce, HPQC
Project 2
Project Name
Chevron SAP System Integrity security
Team Size
19
Start Date
August 2011
End Date
March 2014
Description
The System Integrity team comprises of SAP Security resources. It deals with creation & modification of users’ access to various SAP Systems. The team works on creation of new Roles & modification of existing Roles. The team also provides support for SOX Compliance support & Projects
Role & Contribution
Proficiency is in SAP include User ID Management, Authorization Management, SOX Compliance Activities, Project Support and Periodic Activities.
Managing a team and ensure all deliverables are on time.
Basis Consulting involved L3 support on SAP Security issues
Handle Security Related Incidents for various SAP systems, R/3, APO, XI, HR, BI, XMII, etc. We deals with creation & modification of user’s access to various SAP Systems
Handle CRQ (Change Request), which involves design, configuration and Transport of Roles across the systems.
Basis Consulting on GRC which include SOD and UAR Rounds for HR, CCL, PI & Portal system
Mitigation Control
Deployment of roles in production
System Upgrade.
Registering S-User IDs in SAP Service Marketplace.
Configuration of Background Roles.
Creating Background / Interface / RFC IDs and scheduling in Background.
BI Security and Analysis Authorization.
HR Security and Position based security.
Worked on MDM Console.
ADM 14 Monitoring.
Active Directory/ LDAP
Generating Developer Key and Access Key
Provide support for SOX Compliance support & Projects and currently working with some project and process improvement along with daily production support.
Internal Quality Lead for Chevron SAP Security Team and perform all necessary activity required.
Mentor for new member in team and Prepare Certification question for them. Help new member in analyzing and resolving the incident. KCD Update form time to time.
Implemented User Exit feature in Chevron Landscape, which helped Chevron to meet its SOX Standards
Provide SAP Security support on allocated projects
Perform Periodic Activities & SOX Compliance Activities
Technologies
R3, HR, BI, APO, MII, Netweaver, Portal, MDM, PI, SAP NW 700, SAP GRC Access Control 5.3
Tools
Remedy 7.6, Iris, SAP GUI, MS OFFICE, MS Access Database, Active Directory/LDAP, SAP Security Tools, SAP ABAP and Java stack, SAP NetWeaver, MDM Console, SAP Service Marketplace, GRC 5.3, DOEA, Whitepages, Microsoft outlook
Key Achievements
External ITIL V3 Foundation Certification
Internal SAP Audit Lead for Chevron
Conducted External Audit with PWC
Provide SAP Security support on allocated projects and received Client Appreciations for the quality of service delivery
Prepared of Knowledge Capture Documents and suggested Process improvements
Mentoring new member of our team
Implementation of User Exit Feature in Chevron Landscape
Spot Award for HR-BI Sync Program
Star Award from 1Step Mahape
Best Team Award of year 2014
Project 3
Project Name
Chevron GRC AC Managed Services
Team Size
5
Start Date
April 2013
End Date
March 2014
Description
The Chevron needs to perform the User Access Review and Segregation of Duty (SOD) review to comply with the SOX 404 compliance for SAP and non-SAP (JDE) systems. This is conducted through the SAP GRC Access Control 5.3 module. All these are facilitated by integrating/configuring different components of GRC Access Control RAR, CUP and ERM.
Role & Contribution
Offshore Coordinator for the project
Managing a team and ensure all deliverables are on time.
Basis Consulting involved L2 and L3 support on GRC issues
Involved in planning and execution of SAPGRC Audit rounds.
Hands on and day-to-day experience in GRC modules.
Working in a Strong Support model of Chevron to provide the Support to the user access review and SOD review to comply with the SOX.
Fetching the authorization data and role usage data from the backend system to the GRC Access Control to create the SOD and UAR requests, which is distributed among Supervisors.
Analysis of the SOD approvals and removals.
Generating the Risk Analysis reports for the management.
SOD logic update.
New Z t-codes and authorization objects updates as in SU24
Testing GRC functionality during SP upgrades with respect to SOD and UAR
Implemented and configured Risk Terminator.
JAVA User Assignment, Role Modification and Creation
Process Improvement and Enhancement
Preparation of Knowledge Capture Documents for new Process improvements
Technologies
SAP NW 700, SAP GRC Access Control 5.3, Oracle 11, JD Edwards Security
Tools
Remedy 7.6, MS Access Database, Active Directory/LDAP
Key Achievements
Risk Terminator Implementation
Monitoring mechanism for Critical t-code Usage in the system
Excluded false positive role removals from the process
Offline SOD Risk Analysis for JDE systems through using VBA scripting
Project 4
Project Name
Larsen & Toubro EBG (Support)
Team Size
3
Start Date
April 2014
End Date
Nov 2014
Description
L&T Electrical & Automation (E&A) Business is one of the core businesses of Larsen & Toubro Limited (L&T) - India's largest engineering and construction conglomerate.
L&T E&A has implemented Enterprise Resource Planning (ERP) solution of SAP AG, Germany and it went live at 35 locations across the country simultaneously in the 'Big Bang' mode in 1999.
L&T E&A have around 4000 end users and a team of around 70 technical and functional consultants with 3 basis consultants
Role & Contribution
Creation and Maintenance of Roles, Profiles and User groups
User ID management and Troubleshooting Security issues
Authorization group maintenance for tables and Programs
Maintenance of Authorization checks on Transaction code
Maintenance of Authorization checks on Authorization objects
Hands on Trace & Transport of Security changes
Creation of transport request and importing them in Quality and production.
Preparation of Knowledge Capture Documents for new Process improvements
Day-to-day SAP Basis Support for all SAP Servers.
Implementing Authorization matrix – Created Roles and profiles based on job-profile and assigning them to users and User Maintenance.
Maintenance of Firefighter IDs, Ids with critical authorization & their control.
Preparation for Internal as well as external Security audit and actions on the audit findings
Active participation in security value add “80 point checklist “for L&T in the field of SAP Authorizations. This checklist ensures the 100% compliance during sap audits.
Maintained organization level authorizations for users.
Implementation of parent/child roles in L&T E&A Unit.
Extended support during late hrs to business during each month end.
Daily Monitoring of all the Production Environments.
Troubleshooting and problem solving for daily production support activities.
Maintaining and creating different clients specifically designed for Development, Quality and Production environments.
Schedule Standard background Jobs for landscapes.
Transport changes into entire landscapes using STMS.
Applying Support Pack Stack, Support Packages, SPAM, Kernel Upgrade and Notes as per client requirement.
To provide solutions for existing process improvements.
To Support Basis processes in active business hours and Basis support for critical business process in non-active business hours.
Remote and Local Client copy from Production Client to Quality Client.
Mentoring new member of our team
Technologies
SAP NW 700, SAP R/3, Oracle, Windows, UNIX /Linux
Project 5
Project Name
Johnson & Johnson
Team Size
12
Start Date
December 2014
End Date
June 2015
Description
Johnson & Johnson is an American multinational medical device, pharmaceutical and consumer packaged goods manufacturer founded in 1886. Its common stock is a component of the Dow Jones Industrial Average and the company is listed among the Fortune
Role & Contribution
Day-to-day SAP Basis Support for all SAP Servers.
Daily Monitoring of all the Production Environments.
Troubleshooting and problem solving for daily production support activities.
Maintaining and creating different clients specifically designed for Development, Quality and Production environments.
Schedule Standard background Jobs for landscapes.
Transport changes into entire landscapes using STMS and ChaRM.
SAP Start & Stop Activities, Applying Support Pack Stack, Support Packages, SPAM, Kernel Upgrade and Notes as per client requirement.
To provide solutions for existing process improvements.
HANA Monitoring, start & stop, Operations etc.
To Support Basis processes in active business hours and Basis support for critical business process in non-active business hours.
Remote and Local Client copy from Production Client to Quality Client
Implementing Authorization matrix – Created Roles and profiles based on job-profile and assigning them to users and User Maintenance.
Preparation for Internal as well as external Security audit and actions on the audit findings
Active participation in security value add “80 point checklist “for L&T in the field of SAP Authorizations. This checklist ensures the 100% compliance during sap audits.
Maintained organization level authorizations for users.
Technologies
SAP, Oracle, HP-UNIX /Linux
Project 6
Project Name
Authorization & Server Separation of Medical Division from L&T E&A
Team Size
08
Start Date
July 2009
End Date
July 2011
Description
L&T Electrical & Automation (E&A)’s Medical division has been sold out to another company. Business has planned to separate its medical division from rest of its companies on the basis of authorization and finally from present IBM AIX Server to Windows servers. From L&T InfoTech 2
SAP basis consultants are involved in planning and execution of this project.
Role & Contribution
Study the security requirement for the new division
Create the users and roles as per the matrix.
Plan and prepare the new authorization Matrix
Positive and negative security testing for the org level based authorizations.
User administration & SAP security.
Creation and maintenance of new roles.
Security audit for the newly separated System.
Regular basis administration for the newly separated unit like sap installations, post installation, client copy, TMS configuration and transports.
System copy & backup configurations.
Oracle tuning.
Preparation of security manual with aspects covering fire fighter ids, SAP_All & SAP_New authorizations, critical authorizations etc.
Perform Periodic Activities & SOX Compliance Activities
Proficiency is in SAP include User ID Management, Authorization Management, SOX Compliance Activities, Project Support and Periodic Activities.
Basis Consulting on SAP Security issues
Handle Security Related Incidents for various SAP systems, R/3, APO, XI, HR,,, etc. We deals with creation & modification of user’s access to various SAP Systems
Mitigation Control
Deployment of roles in production
System Upgrade.
Registering S-User IDs in SAP Service Marketplace.
Configuration of Background Roles.
Creating Background / Interface / RFC IDs and scheduling in Background.
Technologies
R3, HR, Netweaver, Portal, MDM, SAP NW 700, SAP GRC Access Control 5.3
Tools
Remedy 7.6, SAP GUI, MS OFFICE, MS Access Database, SAP ABAP and Java stack, SAP NetWeaver, MDM Console, SAP Service Marketplace, GRC 5.3, Microsoft outlook
EDUCATION
Graduation
University
Year of Passing
B-Tech (E.C.E.)
Visvesvaraya Technological University, Belgaum, India
2011
XII
C.B.S.E
2007
X
C.B.S.E
2005
TRAININGS ATTENDED
SAP Basis & Security
SAP IT Audit
GRC AC 5.3
My SQL
JDE Security
DEMO/TRAINING/SEMINAR CONDUCTED
GRC AC 5.3 RAR use to Chevron SAP Security team
SOD and UAR process flow
SAP IT Audit Checklist and entire life cycle.
SU24 sync up from backend to front end GRC system
Critical t-code usage monitoring
HR-BI Sync Up Program for Chevron HR Land
Fire Fighter component demo to Chevron
GRC AC 10 features presentation to L&T EBG
Critical t-code usage monitoring
PERSONAL INFORMATION
Name: Shyam Bhushan Upadhyay
DOB: 07/31/1989
Mobile: +1-732-***-****
E-mail: *****.*****@*****.***
Contact this candidate