S/4 Hana with Fiori Security / SAP Security/BI-BOBJ Security/Security Upgrade /GRC AC Consultant

ECC, EWM, BI/BOBJ Application Security & HANA security:

Client: Walmart

• Design and document authorization setup for EWM (Extend Ware house Management) and BI/BOBJ (Business intelligence /Business objects)
• Go-Lives of SAP (Confidential - Mexico, Costa – Rica and the United Kingdom)
• Production \ Non-Production Support for R/3, FICO, BI, MM, and Portal systems
• Design and Implement HANA-BI Security & integrate BOBJ Security
• Strong knowledge of designing of roles & authorizations and implementation of complex security framework and role matrix for SAP HANA Enterprise platform
• Worked with team for development of security design document, creation of new roles, modification of existing roles, resolution of security-related issues, coordination with analyst and Basis team members.

Cognizant Technologies (Jan 2016 – August 2016)

IT Internal Audit:

Client: Biomeriux

• Business Process Review and associated risk & controls
• Post implementation review in ERP environment (SAP)
• ERP Audit (SAP Environment)
• Access rights review
• SOD review/analysis in ERP environment
• Review and analysis of systems change management
• Review and analysis of systems development
• Review and analysis of computer operations (Batch processing/Real-time processing/BCP-DRP/Backup Management).

SAP Security/Upgrade Consultant:

Client: Yokogawa

• Analyzed and understand existing SAP security environment and design, business requirements to upgrade from SAP R/3 4.7 to ECC 6.0 EHP6.
• Extensively used Automatic Profile Generator (PFCG) to create and maintain Parent and Child/Derived roles and to Upload and Download of roles.
• Transporting the change requests from the Development environment to Testing/QA environments.
• Created Authorization groups and assigned Tables and Programs to the groups.
• Worked on SU24 to maintain Check Indicators for the Transaction Codes.
• Extensively used tables like AGR_USERS, AGR_TCODES, AGR_1251, AGR_DEFINE etc.
• Extensively Used SUIM (User Information System) to pull various reports for audit monitoring
• Trouble shoot authorization errors using SU53 and by system trace.

Client: Aurizon

GRC Responsibilities:

• Technical Team Member for EAM, ARA, BRM, &ARM Modules.
• Collecting Client requirements about the way GRC is leveraged into their current business structure from workshops.
• Configuration activities of all the 4 processes in AC 10.
• Post Installation activities – Activating Applications, SICF Services, BC Sets, etc.
• Common Configuration Activities – All the connection activities, Parameters, Creating Owners, Sync Jobs etc.
• ARA – Rule set road map implementation, Mass maintenance of Rule Set with mitigations, maintaining related MSMP workflow, and rule set support activities.
• EAM – Creation of FFIDs in backend as designed, FFID admin & Reason codes in GRC Server, Assignment of FFID to owners, controllers, & Firefighters.
• ARM – Activating process ids, actions in it, creation & maintaining number range, Auto Provisioning settings, custom rule id with decision table in BRF+ for customized MSMP workflow
• BRM – Connection strategy, role type settings, role attributes, methodology & related MSMP workflow ROLE_APPR

• Install and configure software and hardware
• Manage network servers and technology tools
• Set up accounts and workstations
• Monitor performance and maintain systems according to requirements
• Troubleshoot issues and outages
• Ensure security through access controls, backups and firewalls
• Upgrade systems with new releases and models
• Develop expertise to train staff on new technologies
• Build an internal wiki with technical documentation, manuals and IT policies