Security Sap
Resume:
Sarbjit Simi Singh
SAP Security & GRC Consultant
Professional Summary
OBJECTIVE: I am a highly motivated and dedicated individual seeking a position as a SAP Security Consultant that will allow me to utilize my technical skills to better enhance the growth of the organization.
9+ Years of extensive experience as an SAP ERP consultant
Familiar with - Project Preparation, Business Blueprint, Realization, Final Preparation, Go-Live and then into ongoing Production Support
Experience with SAP GRC 10.0 Access Control tools ARA (Access Risk Analysis), EAM (Emergency Access Management) and GRC 5.3 RAR (Risk Analysis & Remediation)
Designed various types of roles (Master Role, Derived Role, Composite Role and Single Role designing) using Profile Generator (PFCG); while ensuring SAP best practices are followed.
Used Service now (Mytech) for Incident management, Creating changes, defect tracking and resolution.
Very good exposure to give the Custom T-code access to users
Work History
SAP Security & GRC Consultant
Rodan & Fields LLC, San Ramon, CA
GRC 10 AC
Created rules books and General rules which comprised of Security and segregation of duties violations
Generated compliance reports to identify SOD violations and critical authorizations and created controls to mitigate or resolved risks
Ran Risk analysis User level, Role level, Profile level weekly Biweekly basis
SAP Security
Trouble-shoot authorization problems using SU53/ST01/STAUTHTRACE
Leading production support on a day-day basis in Service-now ticketing system
Securing roles by Organizational Levels such as Company Code, Plant, Cost Center, Profit center, Purchasing Organization, etc. Unit test of Security roles build and help conducting and documenting the UAT and its results
Transportation of Security roles across different systems. Discussions with process owners for gathering business requirements
Role design Single/Master/Composite roles & Functional Business positions creation for ECC, BI, Order To Cash, P2P, HCM team Set up of Central user administration (CUA)
Worked on User Administration activities such as creation of User ID (SU01), Mass User Creation (SU10), and creation of support User IDs with excess authorizations & assign to Technical Support Users as per approvals
Working on helpdesk tickets (BMC Remedy User) for authorization issues and user ID creation requests
Review EWA reports and action for performance optimization as per SAP recommendations
SAP Security Consultant
AT&T Inc., Los Angeles, CA
Responsibilities:
Completed change request tickets using the SAP Service Desk application on all systems for development, integration testing, and production support
User Maintenance
Performed user administration using the CUA (Central User Admin) tool across all systems, which include new hires, temp workers, contractors, and terminations
Locking and unlocking of users and user groups on specified systems when patches or refreshes need to be done using SU10 for mass lock
Role Administration
Created single/composite/master/derived roles using PFCG for project and business users
Conducted single Role modifications to transaction codes and Authorization objects through T-code PFCG, while also monitoring Organization values
Maintained the existing roles and modified it upon request by business users (PFCG)
Performed various security Role clean-ups in the R/3 system to ensure compliance and tighter security
Used T-code SE16 and analyzed security tables such as AGR* and USR*.
TROUBLESHOOTING
Investigated user access problems and questions using trouble-shooting tools such as SUIM, ST01, and SU53.
Troubleshooting the authorization issues
Performed Trace and analyzed SU53 dump from the Business/Functional team to resolve Authorization issues
GRC & AUDIT
Performed audit logs activities (SM19 and SM20)
Created Mitigation Controls as per required by the Business process and evaluated strategy to remediate and if in case remediate not possible worked closely with business folks to Develop Mitigation Controls
Created Custom Rulesets by coping Standard GRC Rule sets and adjusted Custom rule sets as per Business needs
SAP Security & GRC Consultant
The Clorox Company, Pleasanton, CA
Participated in weekly steering committee meeting explaining about security change order logged for the week
Provide daily SAP Security Support as required by business and for end-users and project team members
Involved in designing security policies and production support of SAP R/3
Leading production support on a day-day basis in ITSM and HPQC ticketing system
Created UAT and helped users in testing all new and modified roles
Created over 600 job roles through PFCG in SD, FI, MM, WM, PP
Extraction and loading of data from Sales Stats (0UC_SALES_STATS_02) and Mass Activity
Worked closely with functional team leads to develop templates for R2TM (Role to Transaction Mapping) as well Master/ Single/ Derived/ Composite role design for FI/CO, SD, WM, MM, HR, PS modules, during initial project prep/blueprint/unit testing phases and go-live of ECC end-user security roles
Work with Functional specialist to help them understand what SAP authorization objects are causing conflicts and what all options exist for mitigating the conflicts
Prepared BRD documents and followed SDLC methodologies.
Worked on critical authorization objects like S_TABU_DIS, S_DEVELOP, S_RZL_ADM, S_ADMI_FCD, and S_TRANSPORT
Prepared BRD documents and followed SDLC methodologies.
Worked on critical authorization objects like S_TABU_DIS, S_DEVELOP, S_RZL_ADM, S_ADMI_FCD, and S_TRANSPORT
SAP Security Consultant
Gulfstream, Savannah, GA
Responsibilities:
Participated in on-call support on a weekly rotation within the team
Provided excellent communication and customer service to the business and end-users
Updated custom Roles which impacted by the upgrade
Impact analysis done before update and perform post-upgrade steps.
ROLE ADMINISTRATION
Created roles through PFCG in PP, MM, WM, PP, and transporting them to QA for testing and then to production.
Performed Mass comparison of roles via PFUD
TROUBLE SHOOTING
Troubleshooting - Identifying the missing authorizations using SU53, ST01 trace, and maintaining them in a suitable role
Analyzed and troubleshoot security issues using SU53, ST01, and SUIM
TABLE SECURITY
Secured table access by using the authorization object S_TABU_NAM.
Combined two and more tables using SQVI
Worked with security-related tables such as AGR_TCODES, AGR_USERS, and AGR_DEFINE, etc.
GRC 10.0
Performed Role simulations within GRC access management for any role changes to analyze risks/impact involved, and any SOD violations created; communicating all risks to role owners.
Report if any risks will be introduced by simulating the addition of transactions, Roles by using GRC 10.0 (Risk analysis and Remediation)
SAP Security Consultant
Textron Inc., Grand Prairie, TX
Responsibilities:
Used Change Request Management extensively to create change request in Solution Manager to Control, track and record all changes.
ROLE ADMINISTRATION
Worked with the functional teams to fill in all missing authorization values in security roles, based on their transaction task instructions performed in the development system before a design
Worked with Profile Generator (PFCG) in creating roles, profiles, composite roles, and derived roles.
Assessed and reviewed the use of the authorization object S_TABU_DIS and the table authorization classes (TDDAT) to determine whether all system tables are assigned an appropriate authorization class related to their job
TABLE SECURITY
Worked with security related tables such as AGR_TCODES, AGR_USERS, AGR_AGRS, USR02, AGR_1251, AGR_1252, etc.
TROUBLE SHOOTING
Trouble shooting R/3 Security problems by using different scenarios such as system trace, parameter change, buffer reset, SU53 and SU56.
Education
Bachelor of Arts: Information Technology
DeVry University - Downers Grove, IL
Certifications
SAP Certified Application Associate – Sap Business Objects Access Control 10.0- Certificate ID: 001*******
CISSP
Contact
Address
South San Francisco, CA, 95330
Phone
*************@*****.***
Skills
SAP Security, GRC, Jira, Service-now, HPQC, Excel, Microsoft Access DataBase
.
2017-03 - Current
2016-03 - 2017-03
2012-12 - 2016-03
2013-08 - 2014-12
2009-02 - 2013-05
2002-03 - 2004-03
Contact this candidate