SAP Security & GRC Access Control
Resume:
ABILESH THIAGARAJA
Phone: +1-734-***-****
Email: ad0mfz@r.postjobfree.com
LinkedIn profile: Abilesh T
Summary
• SAP professional with 14+ years of experience with a demonstrated history of working in the information technology and services industry
• Strong knowledge of SAP security principles, including role-based access control (RBAC), authorization objects, and user provisioning
• Requirement gathering, design document preparation for security and GRC access control
• Implementation, rollout, testing, support experience in S4 HANA, ECC (FI, MM, SD, PS, HR, DBM, WM, REFX, PP, PLM, QA, PM, CFIN), MDG, SOLMAN, BW, CRM, SRM Enterprise Portal, FIORI and GRC AC (V5.3 & V10.1, 12.0)
• Authorization matrix build, role design, creation and testing
• Ruleset preparation and assignment.
• SOD matrix preparation
• Expertise in analyzing and remediating security vulnerabilities and compliance issues within SAP systems
• Skilled in collaborating with cross-functional teams, auditing processes and conducting security assessments
• Excellent communication and problem-solving skills with a strong commitment to enhancing security and compliance
• Worked with the audit teams in cleaning up and streamlining the security roles
• Experienced in pre-sales and preparing proposals for Security and GRC AC requirements Education
Bachelor of Technology, Information and Technology May 2008 Anna University Chennai, India
Residential Status
Permanent Resident/GC
Work Experience
Manager, Deloitte, India (Dec 2021 – July 2023)
Client: V-Guard, Daimler, Mizuho Bank Ltd, Indian Bank, Ashok Leyland, CSS Corp, Ford
• RFP preparation for role remediation, redesign and GRC Access Control. Proposal review with clients
• Manual SoD review based on the ruleset. Presented analysis and suggested corrective actions. Developed a plan to remediate users
• Prepared cost sheets based on the proposed timelines and activity
• Effort analysis and estimation
• Developed hiring plan: shortlist candidates, plan interview panel, conduct technical interviews and coordinate with HR at each level of interview until the joining of the candidate
• Creation of opportunity in SFDC/ Jupiter, initiated IRMS (Integrated Risk Management System), updated FPC (First Pass Check) and DCCS (Deloitte Conflict Check System), obtained LCSP (Lead Client Service Partner) and global LCSP approval, updated ECM (Engagement Contract Management), FRL (Functional Risk Leader) approval, PMS (Price Management System), DRMS (Deloitte Risk Management System), engagement code creation, performed engagement code declaration, updated ERMS
• Conducted appraisal for direct reports
• Trained candidates for client interviews
• Forecast of billing plan and regular tracking of NSR (Net Service Revenue) generated
• Regular touch points with leadership to discuss new opportunities
• Conducted security training and submitted documents in KX (Knowledge Exchange).
• Monthly, quarterly follow-up with clients, member firms for payment based on the positive WIP generated in PAR report Team Lead, Accenture, India (Jan 2017 – Nov 2021)
Client: British Telecom, The United Kingdom (Telecommunications) (Feb 2020 – Nov 2021) Project type: Implementation
Environment: S4 HANA (CFIN, BW, MDG, BPC), SAC, FIORI, HANA DB, GRC V12.0
• Preparation of custom GRC ruleset (Basis, CFIN, MDG, BPC, BW, Solman, Cross application, HANA DB), deploy and test
• Implementation of GRC V12.0 Access Control (ARA, EAM, ARM, BRM)
• Worked with ITGC (IT General Controls) for different GRC scenarios to ensure system is ready for audit. Created master data and supported the testing to execute all the relevant scripts
• End to end support to UT, SIT, UAT teams for ARM (New/ Change access request, leavers process, movers process) and Firefighter (Superuser access)
• Preparation of GRC job list with execution evidence and creation of variants for job scheduling
• Updated GRC AC architecture document
• GRC upload of single, composite and business roles
• Performed risk analysis and coordinated with business leads for applying mitigation control
• Creation of master data - role owner, risk owner, mitigation owner, mitigation controller, mitigation control, FF ID setup, FF owner, FF controller, coordinator (UAR) and reviewer (UAR)
• User provisioning in production satellite systems and updated the business role using utility program before go-live in GRC production system
• Fiori catalog, group creation and assignment
• HANA DB user creation and access provisioning
• Worked on Charm to create CD and include transports. Moved the CD to different stages based on the testing confirmation and attached necessary evidence
• Worked on CFIN role build
• Creation of hyper care, cutover, Firefighter roles based on the requirement Client: Keppel Autobots, Singapore (Infrastructure) (Jan 2017 – Feb 2020) Project type: Implementation
Environment: S4 HANA (FI, HR, MM, PS, REFX, WM, PP, PLM, QA, PM, SD), FIORI, GRC V10.1
• Authorization matrix build and SAP security role implementation for FI, HR, MM, PI, WM, REFX, PS, SD, QM, PM, PP, PLM
• Implementation of GRC V10.1 Access Control (ARA, EAM, ARM, BRM)
• Implementation of Fiori apps for FI, MM, HR
• Prepared design document to implement SAP Security and GRC Access Control
• Involved in SoD matrix build and ruleset
• Maintained and updated MSMP global process settings, maintained paths and generated new workflow versions.
• Led a team of 6 members
• Post go-live hyper care and support
• Developed automation scripts with ABAP team to reduce manual effort Senior Software Engineer, Hexaware Technologies, India (Sept 2014 – Jan 2017) Client: IMS Health, USA (Information & Technology for Healthcare) (Sept 2014 – Jan 2017) Project type: Role out and Support
Environment: SAP ECC, SAP SRM, SAP BI, GRC 10.1 and EP.
• Developed SRM roles for requisitioner, approver and purchase order admin
• Replication process of HR master data from ECC to SRM system
• Organizational structure mapping in SRP using USERS_GEN
• Maintained attributes in SRM
• Dolphin approver access setup, Dolphin work center access setup, Dolphin display and change access provisioning
• GRC V10.1 - Firefighter ID creation, provision and log analysis
• GRC V10.1 - User Risk Analysis using user simulation functionality to prevent new SoD violations
• Created analysis authorization using RSECADMIN and trouble shooting
• Rolled out activities for new company codes
• Prepared role design matrix with composite position roles against single derived roles along with corresponding transaction codes
• Secured custom tables, transactions and ABAP with authorization groups and authorization object checks IT Analyst, TATA Consultancy Services (TCS), India (Mar 2013 – Sept 2014) Client: Ashok Leyland, India (Automotive Manufacturer) (Mar 2013 – Sept 2014) Project type: Role out and Support
Environment: SAP CRM, DBM and BI
• Roll out in CRM and DBM systems for new dealers
• Created structural authorization for new company code configuration
• Organizational level assignment respective to position
• Created BP for users
• Created/maintained Single, Composite and Business roles
• Implemented derived role setup
• Updated Veloru table in DBM system
• SU53 and trace analysis
• Created an automation report for mass user & BP creation
• BI object and role creation
Associate Consultant, HCL Technologies LTD, India (Jun 2009 – Feb 2013) Client: Lloyds Banking Group, Europe (Finance) (Sept 2012 – Feb 2013) Project type: Implementation
Environment: SAP ECC and EP
• Creation of an ECC role for end user to view pay slip and admin roles
• Creation of DPAD (Detailed Platform Application Design) Client: Wolters Kluwer Legal, Tax & Regulatory, Europe (Publishing) (Nov 2011 – Aug 2012) Project type: Level 3 support
Environment: SAP R/3, SAP CRM 4.0, SAP BW 3.10, Sap ECC 6.0, SAP XI 3.5 netweaver04, Solman and Portal
• Role comparison between systems and transport
• User maintenance and role assignment through CUA
• Moved IDOC’s when there was an ID replication issue from CUA to child system
• Ticket management through ticketing tools HPOV and Amulet
• Monthly Project Quality Auditing (PQA) which includes Work Product Audit, Data
• Validation and verification audit & configuration control audit Client: Auto Desk Inc., USA (Software Corporation) (Nov 2010 – Feb 2011) Project type: Support
Environment: R/3, BI
• User Access Provisioning in R/3, BI– create, change and delete
• Role management triggered by change requests
• Preparation of production push documents for change requests
• Handling of authorization requests for projects
• Facilitation of authorizations and system user locks during release
• Creation of reports and facilitation of SOX audits using security net weaver tool Client: Royal Mail Group, The United Kingdom (Postal Service) (Jun 2009 – Oct 2010 & Mar 2011 – Oct 2012) Project type: Implementation and support
Environments: ECC6.0, CRM 7.0, BI 7.0, PI 7.1, EP and GRC v5.3
• HR Security - position based in SAP ECC6.0
• Implementation of business roles to SAP role mapping in SAP CRM 7.0
• Single & Composite role implementation for CRM, BI, PI
• User administration, user authorization checks & system trace
• Day to day technical support and resolution of security issues like object missing and activity missing to user.
• User build, authorization testing and defect fixing during System Integration Testing (SIT), User Acceptance Testing
(UAT) and Functional Acceptance Testing (FAT)
• Worked on LSMW scripts and CATT scripts for mass security changes
• Handled multiple user requests via CUA. CUA configuration & maintenance
• Enterprise Portal based security. Creation of roles and groups. Ran scripts for mass user/role creation
• Testing & Transport of roles, profiles across systems – creation, testing migration
• Created and maintained users in LDAP and user mapping between LDAP and SAP net weaver portals
• Developed and Implemented Security Roles for BW Reporting as per design
• Worked on CUP, RAR, SUP, ERM in GRC V5.3 & IDM
Contact this candidate