Sap Security Consultant

Sindhu Vuppu Email: ***********@*****.***

SAP Security & GRC Consultant Mobile: 425-***-****

Summary:

Over 10 years of experience in SAP applications security (ECC, S/4 HANA, BW, HCM, Portal) & GRC Access Control with good problem-solving skills. Worked on full life cycle implementation, upgrade, and support of various SAP applications. Possess knowledge in querying SQL databases and generating dashboards using Microsoft Power BI.

Education:

Bachelor of Technology in Computer Science Engineering.

Technical Skills:

Worked on full life cycle implementation of SAP security projects from design phase to post implementation phase.

Worked on GRC 10 Access Control (Access Risk Management, Access Risk Management, Emergency Access Management and Business Role Management)

Defining Workflows for Access Request, MSMP configuration with standard and customized workflow.

Configuration of Access Risk Management. User level, Role level and profile level risk analysis.

Review Risk analysis reports. Handled SOD issues by remediation or mitigation.

Expertise in SAP Security, Authorization, CUA, GRC, FIORI. Understanding of requirements such as ITAR and SOX and assist with coordination and tracking of SOX IT control activities (Internal Audit).

Hands on experience on GRC 5.3 (Risk Analysis & Remediation, Compliant User Provisioning, Super User Privilege Management and Super-User Privilege Management)

Extensively used Fire Fighter 5.2 for creating Fire Fighter IDs, designing, and assigning Fire Fighter roles and monitoring Fire Fighter logs.

Maintenance of FIORI groups, catalogs, applications and related objects and authorizations.

Creation and updating of Fiori tile permission (catalogs, groups, or custom transactions)

Worked extensively with Profile Generator (PFCG) to create/maintain Single roles, Composite roles, Parent and Derived roles, Authorization Groups, Custom Authorization Objects & Fields.

User creation & management through Central User Administration (CUA).

Good working knowledge of AGR* tables, USR* tables, T* tables, and Change document tables.

Performed reconciliation of user master records and roles using transaction code PFUD.

Collaborate with other team members and business representatives to ensure that security roles, authorizations, activity levels and settings meet the Client requirements.

Troubleshoot security/authorization related problems using SU53, ST01 and SUIM.

Scheduling and monitoring the background jobs using SM36 and SM37.

Good working knowledge on using SU22, SU24 and SU25 Tcodes.

Have good knowledge on transport requests using Tcodes SE01, SE09, SE10, SCC1 and STMS

Created Analysis Authorizations in BI security. Mapped Analysis Authorizations to roles.

Resolving BI authorization issue by taking trace through RSECADMIN and analyzing it.

Worked on BI security for restricting the reporting users on Info area & Info cube levels.

Good understanding on S_RS_COMP, S_RS_COMP1 and S_RS_FOLD authorization objects in BI.

Used objects S_USER_AGR & S_USER_TCD to save workbooks into roles.

Work experience summary

Currently working in 3D systems, Rock Hill, SC since Dec 2019.

Worked in Privacera, Fremont, CA in 2019.

Worked as SAP Security Consultant in TATA Consultancy Services, Hyderabad from 2014 to 2016.

Worked as SAP Security and GRC Consultant in Yash Technologies, Hyderabad from 2010 to 2014.

Professional Experience:

Project: 3D Systems Dec 2019 – Till Date

Roles and Responsibilities:

Assigning missing authorizations as per the user’s requirement.

Generate and maintain authorizations and authorization profiles as per the requirement.

Copying and Modifying SAP-Provided User Role Templates and create a set of custom user role templates. Secure Tables and Programs by creating custom Transaction codes.

Monitoring the critical transaction codes and ensure that they are assigned to the concerned users.

Creation and maintenance of Single, Composite, Master and Derived roles using Profile Generator.

Respond to requests, gathering all the requirements needed for functional team & business and prepare SAP security reports based on management & department needs.

Make changes in SU24 transaction and maintain object and their values as per the requirements.

Create variants and schedule security related background jobs. Configuration of System parameters.

Serves as the subject matter expert and point of contact to Internal and External Auditors, managing user login parameters and password parameters.

Daily and monthly reporting of SOD (Segregation of Duties) activities from SAP GRC in support of meeting applicable compliance objectives.

Assist with the creation of effective remediation solutions.

Created mitigation controls and added functions to business processes.

Assist with the successful completion of the quarterly UAR (User Access Review) audit process.

Project: Privacera Jan 2019 – Dec 2019

Roles and Responsibilities:

Worked on role administration using PFCG in creating, modifying and deletion of roles.

Maintained check indicators for Transaction codes using SU24.

Generated developer keys in SAP Market place for the developers.

Created OSS IDs for SAP and maintained the credentials in secured area in SAP Market place.

Opened connections in SAP Market place for SAP team to login into SAP systems.

Performed daily activities like termination and monitoring of daily background jobs in GRC.

Performed monthly activities like user audit reports, SAP_ALL audit reports and upload of text objects into GRC system.

Performed Role level Risk Analysis and Simulation for SoD conflicts.

Worked with SoX team to perform semiannual review of roles assigned to the users and removal of roles with additional access.

Project: Ericsson Sep 2014 – Aug 2016

Organization Tata Consultancy Services

Project Support

SAP Environment BI 7.0, ECC 6.0

Roles and Responsibilities:

Creation/Maintenance of Analysis Authorization. Restrict access to queries, workbooks, info cubes etc

Troubleshoot authorizations related problems using RSECADMIN, RSRT, SU53 and ST01

Built Analysis Authorizations using the transaction RSECADMIN, securing queries down to Info Objects

level (Company code, Plant, Sales Org etc.)

Restricted the access to users based on their reporting hierarchy

Assigned the Analysis Authorizations to the role using the object S_RS_AUTH.

Made the info objects 0TCAACTVT, 0TCAIPROV, 0TCAVALID "authorization-relevant" in the info object maintenance tool RSD1.

Assignment of AA’s to user based on requirement

Resolved several authorization issues in BI Security by RSECNOTE report analysis.

Assigning missing authorizations as per the user’s requirement

Creating the Developer Keys for the developers and OSS ID’s for SAP Users from SAP Service Place and extending their Validity for OSS notes.

Worked on ticketing tool to resolve the issues & problems in different Sap Security modules.

Collaborate with other team members and business representatives to ensure that security roles, authorizations, activity levels and settings meet the Client requirements.

Generated and maintained authorizations and authorization profiles based on existing roles.

Performed transports and mass transports of roles.

Maintained check indicators for Transaction codes using SU24.

Used the Transport Management system to transport the objects and roles from Development system to production system.

Extensively used Profile Generator (PFCG) to create single roles and derived roles/profiles for various modules such as FI, CO, MM, WM, PP, SD.

Project: Stanley Black and Decker, Inc June 2013 – Sep 2014

Organization Yash Technologies

Project Support

SAP Environment ECC 6.0, BI 7.0, GRC 5.3 and GRC 10.

Roles and Responsibilities:

Worked on user administration using SU01 and SU10 (mass changes) in creating, copying, deleting, locking, unlocking users and provisioning roles.

Worked on role administration using PFCG in creating, modifying and deletion of roles.

Maintained check indicators for Transaction codes using SU24.

Comparison of roles and production sync of roles with the lower landscape.

Performed trouble shooting to investigate authorization related issues using SU53 and ST01.

Created OSS IDs for SAP and maintained the credentials in secured area in SAP Market place.

Opened connections in SAP Market place for SAP team to login into SAP systems.

Performed daily activities like termination and monitoring of daily background jobs in GRC 5.3

Performed weekly activities like 30/45 locking users and license review.

Performed monthly activities like user audit reports, SAP_ALL audit reports and upload of text objects into GRC system.

Modified analysis authorizations by adding additional characteristic info object like company code, country, and sales org.

Modified analysis authorization by addition of new infocubes.

Performed trouble shooting in BI using RSECADMIN trace.

Creation of analysis authorizations and addition of them to the roles through S_RS_AUTH.

Performed Role level Risk Analysis and Simulation for SoD conflicts in GRC 5.3 and 10.0.

Updating functions with new tcodes and authorizations and then generating ruleset.

Worked with SoX team to perform semiannual review of roles assigned to the users and removal of roles with additional access.

Created daily and monthly background jobs in GRC 5.3 system.

Extensively used Service Now ticketing tool to manage support tickets such as change requests, incidents and service catalog requests.

Project: Empire Feb 2013 to June 2013

Organization Yash Technologies

Project Implementation

SAP Environment ECC 6.0

Roles and Responsibilities:

Role creation from role matrix and user creation in development, quality and production systems.

To find out the NBPR roles containing the required transaction codes and creating custom roles.

To find minimum number of roles that can be assigned to users for required access.

Extraction of reports related to user/roles and testing.

Profile generation and handling authorization issues.

Tracing and analyzing trace files to track missing authorizations for user and provide required access.

Project: Red Spot Aug 2012 to Feb 2013

Organization Yash Technologies

Project ECC 6.0 Implementation

Roles and Responsibilities:

Resetting passwords of standard users SAP*, DDIC, SAPCPIC & EARLYWATCH.

Deactivation of standard user SAP* by changing profile parameter.

Checking users having SAP_ALL profile and removing it from all dialog users.

Creation of custom roles. Accommodating required access through custom roles to users who lost necessary access with removal of SAP_ALL.

Extracting reports to determine users having critical access & check the transaction usage.

Critical authorization objects such as S_TABU_DIS, S_PROGRAM, S_DEVELOP, S_USER_GRP were restricted.

Project: Chemtura July 2010 to Aug 2012

Organization Yash Technologies

Project ECC 6.0, GRC 5.3 Support

Roles and Responsibilities:

To check and resolve SOD issues of all existing users (SOD clean-up). Mitigating users with SODs upon approvals.

Creation of mitigation controls and generating periodic Audit reports in Compliance Calibrator.

Giving fire fighter access and extending the access (VFAT).Handling requests in Access Enforcer and proving access to users.

Identifying potential SOD issues before assigning new roles to the users.

Locking and unlocking user accounts through CUA, maintaining user master records.

Handling tickets & Analyze the user problems using SU53, SUIM.

Restrict table access through authorization groups and doing role modifications based on proper approvals.

Role maintenance and creating transport request for newly created roles/modified roles.

Analyze trace files and track missing authorizations for user and insert missing authorizations manually to resolve access issues of users.

Contact this candidate