Sap Grc Security

Location:

Paterson, NJ

Salary:

80000

Posted:

June 02, 2025

Contact this candidate

Resume:

**+ years of experience in the SAP modules Security and SAP’s Governance Risk and Compliance (GRC 10.1 and 12.0) application. His experience includes assessment, design, implementations, production support, redesign and upgrade for SAP projects. These projects involved gathering business requirements, building security, designing system configuration and workflow, completing testing, and effectively enabling these applications for production.

Experience working in the SAP GRC segregation of duties space and has built SAP GRC segregation of duties rule set, performed testing of rule set and mitigating controls. SAP S4HANA Role and User Management, SAP ECC Role and User Management, SAP EWM Security Authorizations, SAP BI / BO Analysis Authorization and Role Management, SAP CRM and SRM Security, SAP HR Authorization, SAP Fiori Authorization, SAP HANA Security SAP GRC AC 10.0, 10.1 & 12.0 Quantum (Treasury Tool) and CLM (Content Mgmt. Tool). Worked on extensively on Internal and External Audit for all controls.

Led the team responsible for strategy,design and implementation for GRC 10.1 upgrade and Project activities included developing SAP security and GRC access control work plan and coordinating with project leadership and process teams.

Strong experience in BI Security with analysis authorizations and SAP HR authorization.

Good understanding and working experience on LDAP technologies, Active Directory (AD) includes managing user security with group policies, security groups, distribution and support for problems relating to Active Directory. Experience in IAM security fundamentals and technologies, user lifecycle management, provisioning and reconciliation, auditing, reporting and access certification, SOD, cloud security.

Experience in IAM to deploy, configure and implement its leading Identity Governance (IGA) solution based on customer requirements.

Experience with SAP HANA and its unique security needs to assist the BASIS team as our organization adopts this new SAP Technology.

Hands-on experience in SAP Security and BASIS including R/3, ECC, Solman, BI, HCM, Portal and GRC.

Knowledge with SAP Fiori, SAP Solution Manager, setup/operate CHARM and central monitoring. Understanding of Change management process to migrate changes to production systems.

Understanding on Global Rule set and customized ruleset

experience with SAP security design, build, deployment, and audits for standard role-based security for ECC, S/4HANA, HANA security.

6 years of industry experience in development, customization, configuration, deployment of any Identity Management and Governance products (Saviynt )

Led design workshops with the business to gather requirements for the GRC Access Control tool, Integrated the GRC with Service Snow (SNOW) tool for request submission, build the approval worlflow (MSMP, BRF+), performed testing and cutover, led end user training, and developed end user administrative documentation. Leveraged SuperUser Privilege Management (SPM) to handle all cutover activities and keep an audit trail of all tasks. Utilized Access Risk Analysis (ARA) and led remediation workshops with business end users to resolve SoD conflicts, performed data analysis, conducted role and user access redesign, and worked with internal audit to identify mitigating controls. Established policies and procedures to assist users interacting with the GRC tool to make certain that SoD remediation activities are executed on an on-going basis.

Led EWM Security Aspects of Data Flow and Processes, security aspects involved throughout the most widely-used processes and user administration and authentication aspects, Overview of the user synchronization strategy, RF device as user front end and ICF services. Trace and log files that contain security-relevant information.

Professional Summary

Project: Discount tires (Green field Active Control Implementation)

Payroll: Capgemini Contract

Role: SAP Security Consultant SME

Duration: Aug2023 to till date

Environment: SAP S/4 HANA-2011, GRC 10.1 to 12.0, implemented and enabled Fiori apps for GRC 12.0, ECC, BW, CRM, SCM, SRM, HANA, BPC, GTS, CLM and Quantum (Treasury tool)

Implemented GRC AC10.1, Configured GRC AC Access Risk Analysis (ARA) and Emergency Access Management (EAM) components.

Upgraded GRC Access Control from 10.1 to GRC 12.0 and updated the GRC ruleset accordingly.

Implemented the end-to-end security process (configured, testing, troubleshooting & support) for S4Hana 2011.

Implemented the strategy of creating /updating the existing business roles to new roles to transaction matrix which involved detail analysis of updating the SU24, SE93, PFCG and Security tables.

Updated the existing business processes by replacing the obsolete transactions to new SAP S4Hana version transaction after the approval from business process owners. IT manager and SOX team.

Worked with ABAP developers for the unit and compatibility testing for all the custom t-codes with the new S4 Hana version.

Customize SAP Fiori roles and updated and assigned to user per the department requirement.

Design and build plan for unit testing of SAP standard and custom transaction codes.

Updated the existing GRC 10.1 Ruleset (Functions) with the new transactions, objects and fields, field values and program to newer version to reflect the new and existing SODs analysis.

Set up security by Info Area, Info-Cube, Info-Object, QUERY and WORKBOOKS.

Configured roles and authorization objects to secure reporting users.

Limiting the Query access within the BEX Analyzer.

Implemented Info Object Security (field-level security) for Reporting Users and also created custom reporting authorization objects.

Securing the data presented in Queries by Hierarchy node.

Maintaining authorizations for Hierarchies.

Experience in IAG Security

Folder, Universe, Applications, Connections and Category level security implemented in BOBJ

Worked on HANA Roles/Privileges for end users and IT users

Worked on HANA Security roles on HANA Editor for Run Time roles activation

Imported the backend roles into BOBJ and mapped the respective groups.

Maintained Customer Tables for Coupled Transaction (Ztcodes)

User and authorization Management like Creation of profiles, granting authorizations.

Authorization traces and Analyzing SU53, ST01 screen shots to debug Authorization problems.

Direct contact with functional counterparts collecting current R3 security requirements

Post maintenance of Missing Authorization.

Experience in SU25, SU24

Experience in Cyber security

Add/maintain users and authorization profiles.

Experience in BTP Administration

Daily System health check and sending the Daily and weekly report to the clients.

Performing Transports on a daily basis.

Applying Support Packages and SAP Notes to the servers.

Project: Nokia Corporation, TX (Brownfield Implementation)

Duration: August 2018 to June 2023

Payroll: HCL Technologies (Full Time)

Role: SAP Security Consultant SME

Environment: GRC 10.1 –Access Control, Process Control, ECC, BI, HANA

Role: GRC Access Control and Security Lead

Responsibilities:

Implemented GRC AC10.1, Configured GRC AC Emergency Access Management (EAM), Access Risk Analysis (ARA) and Access Request Management (ARM) components.

Configured MSMP workflows for addressing various user request types in Access Request Management.

Successfully integrated LDAP active directory with SAP GRC Access control system.

Configured the MSMP Firefighter log report workflow for getting the logs to firefighter controllers.

Successfully implemented various MSMP Mitigation control workflows like mitigation control setup and assignment.

Configured various BRF+ rule kinds like Initiator rule, Agent rule, Routing rule and Notification and variable rule.

Successfully configured User Access Reviews (UAR) for assessing the user’s access in all production environments.

Implemented GRC Process Control 10.1 and Gathering inputs from Business for designing of automated controls.

Configuring the Process Control system as per the client requirement.

Building of Data Sources and Business Rules which included sub scenarios like Configurable and ABAP Reports.

Creating of Master Data – Regulations, Business Process Hierarchy, Organizations, Risk Templates

Used MDUG for mass uploading of Master Data into the system.

Experience in IAG.SSO and IDM

Experience in CyberArk Administration

Worked on First Level and Second Level Authorization concepts

Project: Japan Tobacco USA Inc, NJ

Duration: April 2017 to August 2018

Payroll: HCL Technologies (Full Time)

Role: SAP Security Consultant SME

Environment: GRC 10.1 –Access Control, Process Control, ECC, BI, HANA

Role: GRC Access Control and Security Lead

GRC Responsibilities: