Sign in

Security Sap

San Francisco, California, United States
November 04, 2019

Contact this candidate


Sarbjit Simi Singh

SAP Security & GRC Consultant

Professional Summary

OBJECTIVE: I am a highly motivated and dedicated individual seeking a position as a SAP Security Consultant that will allow me to utilize my technical skills to better enhance the growth of the organization.

9+ Years of extensive experience as an SAP ERP consultant

Familiar with - Project Preparation, Business Blueprint, Realization, Final Preparation, Go-Live and then into ongoing Production Support

Experience with SAP GRC 10.0 Access Control tools ARA (Access Risk Analysis), EAM (Emergency Access Management) and GRC 5.3 RAR (Risk Analysis & Remediation)

Designed various types of roles (Master Role, Derived Role, Composite Role and Single Role designing) using Profile Generator (PFCG); while ensuring SAP best practices are followed.

Used Service now (Mytech) for Incident management, Creating changes, defect tracking and resolution.

Very good exposure to give the Custom T-code access to users

Work History

SAP Security & GRC Consultant

Rodan & Fields LLC, San Ramon, CA


Created rules books and General rules which comprised of Security and segregation of duties violations

Generated compliance reports to identify SOD violations and critical authorizations and created controls to mitigate or resolved risks

Ran Risk analysis User level, Role level, Profile level weekly Biweekly basis

SAP Security

Trouble-shoot authorization problems using SU53/ST01/STAUTHTRACE

Leading production support on a day-day basis in Service-now ticketing system

Securing roles by Organizational Levels such as Company Code, Plant, Cost Center, Profit center, Purchasing Organization, etc. Unit test of Security roles build and help conducting and documenting the UAT and its results

Transportation of Security roles across different systems. Discussions with process owners for gathering business requirements

Role design Single/Master/Composite roles & Functional Business positions creation for ECC, BI, Order To Cash, P2P, HCM team Set up of Central user administration (CUA)

Worked on User Administration activities such as creation of User ID (SU01), Mass User Creation (SU10), and creation of support User IDs with excess authorizations & assign to Technical Support Users as per approvals

Working on helpdesk tickets (BMC Remedy User) for authorization issues and user ID creation requests

Review EWA reports and action for performance optimization as per SAP recommendations

SAP Security Consultant

AT&T Inc., Los Angeles, CA


Completed change request tickets using the SAP Service Desk application on all systems for development, integration testing, and production support

User Maintenance

Performed user administration using the CUA (Central User Admin) tool across all systems, which include new hires, temp workers, contractors, and terminations

Locking and unlocking of users and user groups on specified systems when patches or refreshes need to be done using SU10 for mass lock

Role Administration

Created single/composite/master/derived roles using PFCG for project and business users

Conducted single Role modifications to transaction codes and Authorization objects through T-code PFCG, while also monitoring Organization values

Maintained the existing roles and modified it upon request by business users (PFCG)

Performed various security Role clean-ups in the R/3 system to ensure compliance and tighter security

Used T-code SE16 and analyzed security tables such as AGR* and USR*.


Investigated user access problems and questions using trouble-shooting tools such as SUIM, ST01, and SU53.

Troubleshooting the authorization issues

Performed Trace and analyzed SU53 dump from the Business/Functional team to resolve Authorization issues


Performed audit logs activities (SM19 and SM20)

Created Mitigation Controls as per required by the Business process and evaluated strategy to remediate and if in case remediate not possible worked closely with business folks to Develop Mitigation Controls

Created Custom Rulesets by coping Standard GRC Rule sets and adjusted Custom rule sets as per Business needs

SAP Security & GRC Consultant

The Clorox Company, Pleasanton, CA

Participated in weekly steering committee meeting explaining about security change order logged for the week

Provide daily SAP Security Support as required by business and for end-users and project team members

Involved in designing security policies and production support of SAP R/3

Leading production support on a day-day basis in ITSM and HPQC ticketing system

Created UAT and helped users in testing all new and modified roles

Created over 600 job roles through PFCG in SD, FI, MM, WM, PP

Extraction and loading of data from Sales Stats (0UC_SALES_STATS_02) and Mass Activity

Worked closely with functional team leads to develop templates for R2TM (Role to Transaction Mapping) as well Master/ Single/ Derived/ Composite role design for FI/CO, SD, WM, MM, HR, PS modules, during initial project prep/blueprint/unit testing phases and go-live of ECC end-user security roles

Work with Functional specialist to help them understand what SAP authorization objects are causing conflicts and what all options exist for mitigating the conflicts

Prepared BRD documents and followed SDLC methodologies.

Worked on critical authorization objects like S_TABU_DIS, S_DEVELOP, S_RZL_ADM, S_ADMI_FCD, and S_TRANSPORT

Prepared BRD documents and followed SDLC methodologies.

Worked on critical authorization objects like S_TABU_DIS, S_DEVELOP, S_RZL_ADM, S_ADMI_FCD, and S_TRANSPORT

SAP Security Consultant

Gulfstream, Savannah, GA


Participated in on-call support on a weekly rotation within the team

Provided excellent communication and customer service to the business and end-users

Updated custom Roles which impacted by the upgrade

Impact analysis done before update and perform post-upgrade steps.


Created roles through PFCG in PP, MM, WM, PP, and transporting them to QA for testing and then to production.

Performed Mass comparison of roles via PFUD


Troubleshooting - Identifying the missing authorizations using SU53, ST01 trace, and maintaining them in a suitable role

Analyzed and troubleshoot security issues using SU53, ST01, and SUIM


Secured table access by using the authorization object S_TABU_NAM.

Combined two and more tables using SQVI

Worked with security-related tables such as AGR_TCODES, AGR_USERS, and AGR_DEFINE, etc.

GRC 10.0

Performed Role simulations within GRC access management for any role changes to analyze risks/impact involved, and any SOD violations created; communicating all risks to role owners.

Report if any risks will be introduced by simulating the addition of transactions, Roles by using GRC 10.0 (Risk analysis and Remediation)

SAP Security Consultant

Textron Inc., Grand Prairie, TX


Used Change Request Management extensively to create change request in Solution Manager to Control, track and record all changes.


Worked with the functional teams to fill in all missing authorization values in security roles, based on their transaction task instructions performed in the development system before a design

Worked with Profile Generator (PFCG) in creating roles, profiles, composite roles, and derived roles.

Assessed and reviewed the use of the authorization object S_TABU_DIS and the table authorization classes (TDDAT) to determine whether all system tables are assigned an appropriate authorization class related to their job


Worked with security related tables such as AGR_TCODES, AGR_USERS, AGR_AGRS, USR02, AGR_1251, AGR_1252, etc.


Trouble shooting R/3 Security problems by using different scenarios such as system trace, parameter change, buffer reset, SU53 and SU56.


Bachelor of Arts: Information Technology

DeVry University - Downers Grove, IL


SAP Certified Application Associate – Sap Business Objects Access Control 10.0- Certificate ID: 001*******




South San Francisco, CA, 95330





SAP Security, GRC, Jira, Service-now, HPQC, Excel, Microsoft Access DataBase


2017-03 - Current

2016-03 - 2017-03

2012-12 - 2016-03

2013-08 - 2014-12

2009-02 - 2013-05

2002-03 - 2004-03

Contact this candidate