Post Job Free
Sign in

Sap Security 4 Hana

Location:
Irving, TX
Posted:
April 29, 2025

Contact this candidate

Resume:

Pramod Thota

Mail: *****.*********@*****.***

Mobile: +1-469-***-****

SUMMARY

•Professional in the areas of SAP GRC AC 12.0 and SAP Security with 7+ Years of SAP Security & GRC Experience. expertise in managing day-to-day IT Governance, Risk and Compliance (GRC) functions such as risk and controls assessments, incident capture and analysis, and scenario analysis and planning; steered the organisation-wide transformation of control & compliance.

•Executed full life cycle implementations of SAP Security projects from design phase to Post implementation phase.

•Experienced in SAP Security Administration in ECC 6.0, S/4 Hana, Fiori, BI and GRC AC 10.1 that includes experience in EAM, ARA, BRM and ARM.

•Experience in SAP S/4 HANA Security using HANA studio - configured Standard, Technical and Restricted Users.

•Successfully created System, Object, Analytic and Package Privileges and assigned to end users.

•Experience in SAP Single Sign on 3.0 (SSO), SAP Enterprise Threat Detection 1.0 (ETD).

•Performed Security on Business Process Monitoring (BPM) using Solution Manager with ECC as managed system.

•Successfully implemented SAP Fiori Security for end user mobile application interfacing with ECC.

•ECC, S/4 HANA Security: Experience in various aspects of SAP Security and Authorizations including design of Authorization Profiles/Roles using Profile Generator (PFCG), Testing, User Administration and Transport management, Troubleshooting Authorization issues and analysis. Business Analysis to translate Functional requirements into technical design of Security roles.

•Experience in Security of Transportation Management (TM) and Event Management (EM) of SCM module.

•Supported SAP security activities throughout project lifecycles, including blueprint, QA, go-live, and upgrade phases

•Designed and implemented SAP authorization concepts in collaboration with business stakeholders and IT teams.

•Strong experience in incident management, with a focus on rapid response and resolution.

•Proficient in BW authorization and access management for secure data provisioning and reporting.

•As a security administrator, has strong expertise in using Profile Generator (PFCG) for creation and maintenance of Roles/Activity groups as required and expertise in Security Administration activities such as creating User accounts, Password resets, locking and unlocking users.

•Effectively handled transport management for security roles and objects across SAP landscapes

•Hands-on experience in SAP GRC Access Control, including Risk Analysis and Remediation (RAR), Segregation of Duties (SoD) analysis, and mitigation/remediation activities.

•Managed SAP user administration tasks in compliance with approved procedures and policies

•Provided high-level support and SAP security troubleshooting across Development, QA, and Production environments, including WebSphere applications.

•Good experience in SAP ECC Security related support projects which include troubleshooting authorization related issues, analysing the risk analysis reports, user and role administration.

•Successfully configured SAP GRC Access Control 10.0/10.1 components

•Successfully defined best practice methods for the usage of security controls for SAP GRC Access Controls.

•Comprehensive knowledge in ITIL best practices coupled with excellent communication skills.

•Experience in documenting monthly audit reports, audit logs, policies, procedures and other tracking documents to monitor health of the system and project.

•Adept in using Quality Center and applying security best practices for requirements management, test planning, defect reporting, defect tracking and ensuring quality standards.

•Enthusiastic and eager to take responsibility and initiative in any given task.

•Self-motivated in handling the work assigned and adhering to SLA deliverables and deadlines.

•Experience working in both team and individual environments and always eager to learn new technologies and implement them in challenging environments.

•Implemented security strategy during a business divestment and developed roles, coordinated with business and testing teams to resolve or mitigate any technical issues during the build, testing and UAT phases.

.

TECHNICAL SKILLS

•SAP R/3 Security, S/4 HANA

•SAP GRC 10.1 (ARM, ARA, EAM, BRM).

•ERP: SAP ECC 5.0/6.0, SAP BW 3.5/BI 7.0/7.4, VIRSA 4.0, GRC AC 5.3/10.0/10.1, SAP S/4 HANA, SAP CRM, SAP PI Java, SAP SRM, SAP SCM, APO, Enterprise Portal, SAP SSO 3.0, Solution Manager 7.1/7.2, SAP Fiori, SAP ETD 1.0.

PROFESSIONAL EXPERIENCE

Client: SrimaTech Pvt Ltd September 2023 – To Date

Role: SAP Security Consultant

Responsibilities:

•Implemented GRC Access controls full suits GRC ARA, EAM, ARM.

•GRC 12.0: Implementation of GRC Access control full suite GRC Access Risk Analysis

•(ARA), Emergency Access Management (EAM), Access Request Management (Arm),

•and good knowledge of Business Role Management (BRM).

•Configured EAM administration, which includes assigning FF IDs to ID Owners & Controllers,

•maintain the configuration table.

•Implementation experience across multiple modules of SAP S/4HANA. Preferably on the SAP modules such as PP, QM, SD, MM, FI, CO, EWM

•Expertise in SAP role design, administration, and analysis, including profiles, user IDs, and custom authorization objects

•Responsible for the integration of SoD-compliant processes and conducting thorough authorization validation.

•ECC, S/4 HANA Security: Experience in various aspects of SAP Security and Authorizations including design of Authorization Profiles/Roles using Profile Generator (PFCG), Testing, User Administration and Transport management, Troubleshooting Authorization issues and analysis. Business Analysis to translate Functional requirements into technical design of Security roles

•Creation of Reason codes and Critical Transaction codes.

•Assist the client in building processes &procedures for managing users &roles as per SOX compliance.

•Worked with business analyst to clean up Roles from Segregation of Duties (SOD) conflicts using ARA.

•Performed User Level &Role level Risk Analysis for SOD conflicts using offline and onlinenanalysis.

•Involved in design, configuration, testing and deployment phase of SAP Single Sign on 3.0 (SSO) implementation and performed analysis of the security solution.

•Implementing authorizations in SAP Fiori

•Hands-on experience designing and developing new roles and authorizations in S/4HANA, HANA database, and GRC Access Control and Risk Management modules.

•Under Access Risk Analysis, User &Role analysis performed to identify existing SOD violations risk.

•Created various background jobs to generate different reports in Access Risk Analysis.

•Maintained mitigation control owners and monitors for remediating and mitigating risks.

•Creation of mitigation controls and the assignment of users.

•Helped in defining Risks and Rule set For the Organization.

•Performed analysis to find out the risks/SOD violations against user or role.

•Collaborate with Business Process Owners and Senior Management on mitigation and remediation of SOD conflicts.

•Created Mitigation controls and assigned it to users as a part of company procedures.

•Configured automated user provision using MSMP workflow and BRF+ rule configuration.

•Troubleshooting/problem analysis of user authorization and modifying user authorization access.

•SOX and Audit: Running risk analysis and generating the reports of audits in risk analysis

•Remediation (RAR), Ensuring Segregation of duties (SOD) exist in the SAP Systems,

•Performing self-audit, audit preparation and remediation. Granting privileged and

•compensatory controls, providing access in controlled environment using Fire-Fighters.

Client: Willsys Infosystems, India April 2015 – April 2021

Role: SAP Security

Responsibilities:

•Day to day technical support and resolution of security issues.

•GRC 12.0: Implementation of GRC Access control full suite GRC Access Risk Analysis

•Performed user maintenance tasks, user creation, deletion, lock down, activation, password management tasks and ran various user administration reports.

•Designed, Developing, Testing and Implementing SAP Security Roles, Profiles and Authorizations for various landscapes using PFCG as per Business requirements Performed transport and mass transport of roles.

• Work with PFCG in Creating roles, profiles, composite roles, derived roles, and global roles.

•Support on user access and authorization problems.

•Scheduling PFUD job on daily basis for removing expired profiles.

•Troubleshoot security /authorization related problems using SU53, ST01 AND SUIM

•Effectively analyzed trace files and tracked missed authorizations for user’s access problems and inserted missing authorizations manually.

•Analyzing User master record for roles and authorizations using SUIM and AGR*/USR*

•Tables to assign proper roles in case of authorization failure and SOD conflicts.

•Maintenance of standard settings of authorization objects/field and their proposal in SU24 as per Business requirements.

•Developing various kind of roles (Master/Derived/Composite role concept) with different organization levels as per Business requirements for different projects using PFCG and

•Segregation of Duties (SOD) analysis for users and roles and advising Business owners for role assignment.

•Executing Risk Analysis under user and role level.

•Assigning FFIDs to users and pulling log reports

Education Details

•Master’s in information technology in Management – 2023, St Francis College, NY, USA.

•Master’s in computer science from Kakatiya University -2013, Warangal, India.

•Bachelor’s in computer science from Kakatiya University -2009, Warangal, India



Contact this candidate