Anil Kumar Jallepalli
SAP Security and GRC Consultant
Email: **************@*****.***
Mobile: +1-801-***-****
LinkedIn: https://www.linkedin.com/in/anil-jallepalli-442b00111
Professional Summary
3 years of experience in SAP Security and GRC with strong understanding of security practices.
Experienced in working for Go-live, Roll-out and Production support projects.
Extensive experience in Requirement gathering, Design, Development, and Maintenance of SAP applications security.
Worked with Finance, Procurement, Basis, Development, Configuration, Change Control, Training, and testing teams during role design and testing phases.
Experience with user access provisioning in SAP ERP systems. Experience with SAP ECC, BI, CR, SRM, NetWeaver Identity Management and enterprise portal for user provisioning and role administration.
Strong experience with Role Design and Modification as per SOX and SOD security requirements and compliance.
Worked on maintain SAP GRC CUP workflows and RAR configuration.
Worked on SU25 for system upgrade to identify changes in SAP default values in SU22 and update SU24 values as per business requirements.
Also used SU24 in Role design during upgrade and role design to identify authorization objects needed for transaction/actions.
Hands on experience with GRC Access Control GRC 5.3 and 10.1 production support activities.
Experience in SAP GRC AC 10.1 ARA, ARM and ERM production support activities.
Trained on SAP GRC AC 10.0/1 configuration and implementation.
Knowledge on BOBJ Security. User, access rights and access level administration through Central Management Console.
Creates users, user groups and assigned users to user groups and also one user group to another user group.
Experience on maintenance of access levels. Use of default access levels provided by SAP and creation and maintenance of new access levels as per business requirements.
Knowledge on SAP HANA Security.
Knowledge on SAP HANA user administration and authorization.
Familiar with SAP HANA role concepts: Catalog Roles and Repository Roles.
Hands on experience in using tools like CATT and LSMW scripts for mass changes on User or Role updates
Solid ability to work closely with clients, Audit & Controls teams to assess needs and implement solutions.
Experience with SAP Query tool (SQVI).
Completed ADM 900 and 940 training classes.
Completed GRC 300 training.
Authorization profile maintenance, user maintenance.
Excellent problem solving skills, team member with superb communication skills.
Excellent knowledge of the MS Office Suite (Word, Excel, PowerPoint, and Project)
Experience with MS Excel Lookups and Pivot Tables.
Work and support internal and external audit teams.
Professional Experience
Tata Consultancy Services (Hyderabad, India) November’13- July’14
SAP Security and GRC Consultant
Environment: SAP ECC, SRM, HR, GTS, EWM, TMS, EM, CLM, GRC 10.1 Access Control.
Worked for Ericsson client.
Part of SAP Transport Management System Phase 2 and Phase 3 implementation.
Part of upgrade project to merge EM and EWM system into SAP TMS system.
Worked on SU24, USOBT_C and USOBT_X to update SU24 values as a part of Upgrade project to merge EM and EWM system into SAP TMS system.
Part of Security Role redesign.
Used SU24 to include customized transactions and objects into the SAP systems as per requirements.
Analyze SU24 values to determine authorization objects and authorization field values during role design and maintenance.
Designed and Implemented roles as per SoD and SOX rules.
Designed and implemented SAP TMS system. Used CATT scripts for user maintenance and Role maintenance.
Worked on in Unit testing and End User Testing.
Troubleshooting authorizations issues using system trace and error screenshots.
Created and modified single roles, composite roles, derived roles for modules such as ECC, SD, MM, FI, TMS, APO, EWM, EM using profile generator.
Other support activities include user access provisioning in SAP ERP systems.
Troubleshoot existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets, out users in appropriate groups and resolve issues in production system.
Performed trouble shooting on R/3 security problems by using system trace.
Supported system integration testing and user acceptance testing.
Part of GRC 10.1 access control support project.
Worked on GRC 10.0 Access Control’s, Emergency Access Management (EAM), and Access Request Management (ARM).
Part of GRC Super user provision Management/Firefighter maintenance team (EAM).
Monitoring SAP GRC EAM& ARM requests.
Experience in ARA Module. Maintain Mitigation controls, business process, risks and risk remediation.
Monitored Remedy tickets and HP Service Manager for any change to user access and Role maintenance.
Help Internal and external auditors to perform their activities and remove risks from user accounts and roles.
Work with auditors to clean SAP systems as per their suggestion.
WIPRO Technologies (Bangalore, India) Sep’11 to November’13
SAP Security and GRC Consultant
Environment: SAP R/3, CRM, BI, Enterprise Portal, GRC 5.3, Access Control and Enterprise portal.
Worked for Philips Electronics Ltd client.
Responsible for Security of SAP R/3 (modules SD, MM, FI, CRM and BI) for production support.
Responsible for Access provisioning in SAP ERP systems and trouble shoot issues with user access and authorizations.
Part of Role Redesigning Project.
Part of Roll-out project. Designed and developed roles for new location
Worked on SU25 for system upgrade to identify changes in SAP default values in SU22 and update SU24 values as per business requirements.
Also used SU24 in Role design during upgrade and role design to identify authorization objects needed for transaction/actions.
Worked on GRC 5.3 Access Control’s, Compliant User Provisioning, Risk Analysis, Remediation, Enterprise Role Management and Superuser Privilege Management.
Maintained/Monitored Firefighter Access Usage, Open/Close System Report, Non Personal Accounts, S_Develop, S_TABU_DIS, System Security Parameters, Interfaces, Inactive Accounts, System Default Users and Termination for SOX Audit/IT Compliance
Created and modified single roles, composite roles, and derived roles for modules such as SD, MM, CRM and BI.
Troubleshoot user access issues in BI system through RSECADMIN.
Resolve end user issues in BI system regarding access to reports.
Performed troubleshooting on R/3 Security problems by using system traces.
Performed reconciliation of user master records and roles.
Used report to obtain overview of authorizations and users in SAP system.
Assisting Internal and External Auditors in Annual Authorization Review.
Performed risk analysis with the help of GRC RAR at user/role/critical transactions level to identify SoD and SOX risks and remediate or mitigate them as per the requirements.
Part of CRM and enterprise portal user management and role maintenance.
Monitored HP Service Manager for any change to user access and Role maintenance.
Worked on user access and authorization in Vendavo systems.
Experience in Enterprise Portal administration.
Created views in SAP query tool (SQVI), with table joins to pull reports that are used regularly and for customized reports regarding SAP user access for management.
Experience in implementation and support of GRC AC 5.3 CUP, RAR and SPM modules.
Used GRC AC CUP (Compliant User Provisioning) to raise access requests for users and maintain CUP workflow and other activities like troubleshoot issues with access requests, workflows, updates agents, role import and administrate hold requests.
Use of SPM component to pull reports for FFID usage and send to Controllers to review and approve FFID usage and reasons.
Education
University of Illinois, Springfield, IL 2014-2015
Master of Science in Management Information System GPA- 3.80
Amity University, India 2007-2011
Bachelor of Science in Computer Science GPA- 3.18
Rewards:
Mountain Mover Award
oESS, Wipro
oMay 2013
Best Employee of the month
oPHILIPS
oDecember 2012
Helping Hand and Most Approachable person
oPhilips SAP Security and Authorization Lighting Team
oJuly 2013
Academic Projects:
2015 Reporting Database System: Interactive website to pull reports (SQL queries) from database with dynamic entries.
Skills required: SQL developer, web design (HTML and CSS)
2011 Mail User Agent: Mail application to combine all your mails from different email accounts under one roof.
Skills required: Java Programming (NetBeans application). SQL (Oracle).
2010 Spaceship Game: Entertainment based shooter game. Demonstrated knowledge and implementation of OOPs concept through C++ programming.
Skills required: C++ programming.
Other Skills:
Database Management Systems (MySQL, Oracle)
Project Management (MS Project)
Supply Chain Management (SAP SCM Classroom Training)
Enterprise Resource Planning (SAP ERP Classroom Training)
Operations Management