Summary
Having around **+ years of experience in SAP Security and GRC access control.
Completed 7 successful Security rollouts and 2 implementations
Responsible for day to day technical support and resolution of security issues, troubleshooting ECC GRC, HANA, BI, Fiori and Portal security problems.
User administration activities such as setting up user login Ids and assigning and resetting passwords, locking and unlocking users.
Creation of roles with transaction code PFCG (Single roles, Composite roles and Derived roles)
Performed reconciliation of user master record and roles and updated the user master records regularly by PFUD.
Restricted table access using S_TABU_DIS and S_TABU_NAM
Mass roles comparison & profile generating
User Authorization problems using SU53 and SUIM.
Role Transportation from one system to another system using T-code SE09.
Uploading and downloading the roles on request.
Worked on SUIM, USR*, AGR* Tables to trouble shoot and to get reports.
Worked on SOX Audit Reports like
Worked on Creation of Analysis Authorization (RSECADMIN), Assignment to users directly and through roles
Working experience on Service Now, ITSM, CHARM, IDM Management Tools
SKILLS SAP GRC 10.1:
Working Experience in GRC access control (ARA, EAM, ARM) Support
Working as an administrator in ARM like creation of GRC request on behalf of Business users.
Approving/Rejecting/Cancel the GRC request on behalf of approvers based on email approval.
Providing the status of the GRC request to Business Users.
Set up the Admin Delegation incase if approver going on vacation.
Creating new Risks/Functions and Modifying Risks/Functions.
Perform risk analysis for Checking the SOD risks, Critical Action and Permission risks at user level and role level.
Creation and assigning Mitigation Control to reduce risk at User, Role levels.
Assigned Monitors and Approvers for Mitigation Control.
Configuration of Emergency Access Management (EAM).
Day to day support activities on SAP GRC Web services for user creation, termination and provisioning.
Designed and Configured the Firefighter Tools i.e. Creation of Firefighters and FFID’s.
Extensively worked on access control Owners and creating reason codes. Assigning owners to FFID and assigning FFID to Firefighter and Controller.
Extensively worked on Synchronization jobs.
Experience with SAP BRF+ (Specific to GRC) and troubleshooting skills to identify the issues related to BRF
Experience with setting up MSMP workflow and troubleshooting skills for errors related to MSMP.
Certifications
SAP Certified Application Associate - SAP GRC AC 10.0
Employment History
Duration
Company
Role
16-Oct-2019 to till date
HTC Global Services Chennai
SAP Senior GRC Consultant
14Oct2014-14Oct2019
IBM Client Innovation Centre Malaysia
SME SAP Security and GRC Consultant
Nov-2010-Sep-2014
NTTDATA Global Delivery Services Ltd
SAP Security consultant
Project Experience
Company – HTC Global Services - Chennai
Project
Hunterdouglas User Profile Management – Support Project – Offshore
Client
Hunterdouglas– Transportation Systems and Speciality Materials
Role
SAP Senior Security and GRC Consultant
Leading 4 member team from HTC Global Services managing user’s access in more than 65 SAP servers for Hunterdouglas Project.
Involved in S4HANA upgrade from V 1709 – 1809, updated the missing authorization objects and values after the upgrade.
Managing the user master record of more than 27000 users in production environment alone
User Administration Activities like Creation, Modification, Deletion, Lock/Unlock and Password reset using SU01 T-code
Creating new single, master/derived roles as per the standard template provided by the Business
Worked on analyzing the transaction codes to maintain authorization checks in SU24
Checking missing Authorizations using SU53 and ST01 and SUIM provided missing access to users by following proper permissions
Role Assignment in Portals, user creations, deletion, content administration and password reset
Monitoring security related job using SM37
Role Transportation from one system to another system using T-code SE09.
Worked on SOX Audit Reports like
B1 – Approval and Granting of Access
B2 – Segregation of Duties
B3 – Leavers
B4 – Privileged IT User Access Review
B5 – Normal User Access Review
Performed SAP GRC Post & installation steps and configuration for ARA, ARM, EAM.
Mapping role owner, FFID Owner and Controller in NWBC
Monitor the status of (email) requests which are sending from GRC system
Monitor FF logs from NWBC in GRC system and compare with audit logs from backend systems worked on EAM Parameter Configuration.
Monitor the requests which falls under the “Auto Provisioning Failure/ Role Owner Missing Requests”
Performed Risk Analysis/Simulation at user level and role level.
Mass roles Import from Plug in systems to GRC system by using templet.
Configured password self-service.
Company – IBM CIC Malaysia Sdn Bhd
Project
IBM Global Security – SAP
Client
IBM Global Account (IBM’s internal customers)
Role
SME Security consultant
Duration
Oct 2014 to Oct 2019 date
Environment
SAP ECC, SAP Portal, SAP BI, SAP CRM, SAP NW and GRC Access Control
Senior team member of 10 located in Malaysia to provide global support for various IBM customers/business (totally 8 customers for about 2.5 Lakh users)
Managed to maintain user access for almost 250K SAP users for all customers in different SAP landscapes.
Performed quarterly health check and employee verification (off boarding)
Performed yearly user access revalidation (Continuous business need)
Activated GRC & GRAC BC Sets and Services in SICF
Performed post-installation steps for ARA, ARM. EAM
Created Connectors and Connector Types for back end systems and also defined subsequent connectors
Maintained Connectors with Integrated Scenarios
Generated rules and rule IDs for Risk Analysis
Configured Access Control settings with required parameters
Maintained auto provision settings
Mass roles uploaded in to GRC system with corresponding backend system connectors.
Centrally Configured Fire Fighter IDs and created control owners in Access Control
FF ID, FF Monitor, Risk approver, Mitigation Monitors owners created in Access Control
Performing risk analysis at user and role level.
Role approver changes
Changing FF-id controllers
Define and document the process as being the process owner for IGS users
Troubleshoot and fix SAP authorization issues
Create, modify SAP roles based on business requirement
Company – NTTDATA Global Delivery Services Ltd
Project
Honeywell Universal Oil Production –Support Project - Offshore
Client
Honeywell Technology Solutions
Role
SAP Security Consultant
Duration
Nov-2010-Sep-2014
Environment
SAP ERP (ECC6 Ehp3), Solution Manager 7.0, GRC 5.3
Roles & Responsibilities:
Day to day Technical support and resolutions of security issues.
Single User Administration Activities like Creation, Modification, Deletion, Lock/Unlock and Password reset using SU01 T-code.
Mass user administration activities using SU10 T-code.
Creation of User Groups based upon functionality.
Adding new roles for existing users based upon the request.
Increasing validity period for the expired users.
Checking missing Authorizations using SU53 and ST01 and provided missing access to users by following proper permissions
Maintenance of Single, Composite and Derived roles with proper approvals.
Worked on Single and Mass roles Transportation.
Maintained table security using authorization groups.
Worked on assigning Query Groups through SQ03 transaction
Checking authorization relevant info object among info objects
Worked with the objects S_RS_COMP, S_RS_COMP1 and S_RS_AUTH
Trainings Provided
Conducted internal training sessions for NTTDATA fresher’s batch on
SAP R/3 authorization concepts (Authorization object based)
SAP GRC Access Control .
Education (Highest Degree on Top)
S.No
Degree
Branch
Year of Passing
Name of the Institution
Name of the University
Percentage
1
B.E
B-Tech(Inform Tech)
May, 2008
Crescent Engineering College,Chennai Tamilnadu
Anna University
67
2
Higher Secondary
(12th Standard)
Mathematics & Biology
March, 2004
Seventh Day Adventist Higher Secondary School, Madurai, Tamilnadu
-N/A-
79
3
SSLC
(10th Standard)
-N/A-
March, 2002
Bharath Vidya Mandir Higher Secondary School, MAdurai, Tamilnadu
-N/A-
84