SAP Security and GRC Consultant
Accenture software solutions Pvt ltd
Keywords
SAP ERP
SAP HANA
SAP Security
Sap Fiori
User Administration
Active Directory
Unit Testing
Cloud Computing
Data Security
Governance Risk Management and Compliance
Skills
Active directory, Backend, cloud users, error log, Data security, ITGC, access management, Integration Testing, IDs, ODATA, Operating Systems, SAP, SAP ECC, SAP Basis, SAP GRC, Hana, SAP HANA, SAP systems, SAP Security, SAP Solution Manager, SAPUI5, Fiori, SAP Fiori, scripting, Application Development, Software Solutions, Unit Testing, User Administration, User management, user provisioning
Project history
06/2022
-
05/2023
2.Project details:
Organization : Accenture software solutions Pvt ltd
Designation : SAP Security and GRC Consultant
Client : HESS Corporation
Duration : Jun 2022 to May 2023
Roles & Responsibilities:
* All GRC AC 12.0 Implement & Support Activities for ARM, ARA, BRM, EAM components.
* SOD analysis, Mitigation, Owner, Controller creation/ assignment, Risk/ Function
creation in GRC Access Risk Analysis
* Provide Firefighter access through GRC Access Request and maintain Firefighter Owner/
Controller, Risk Owner.
* SAP GRC Access Control implementation: Activation of business configuration sets,
Configuration of Connector groups, Synchronization jobs setup and monitoring.
* Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation
controls.
* Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests
* SAP HANA Security Administration activities for User creation, deactivation,
lock/unlock, Password reset, role assignment, validity extension.
* SAP AUDIT: Having auditing activity ITGC & SOX Control lead responsible for internal/
external audits including KPMG.
* CUA: Worked on CUA to manage multiple systems/clients, creating users and assigning
Roles to Users and CUA Configuration steps for SCUA, SCUM, SCUG and SCUL.
* Troubleshoot: Having support experience in SU53, STO1 & STAUTHTRACE activities
* Security SAP Note implementation/ Profile Parameter recommendation to Basis.
* SAP systems Internal clients transport activities to move the changes with help of
SCC1N.
* Support experience For Global Change Management process for Transport Movement through
Charm & Gate Call Activities.
* Supported the resolution of SAP security incidents, investigating and documenting
security breaches and proposing preventive measures.
Organization : Accenture software solutions Pvt ltd
Designation : SAP Security and GRC Consultant
Client : HESS Corporation
Duration : Jun 2022 to May 2023
Roles & Responsibilities:
* All GRC AC 12.0 Implement & Support Activities for ARM, ARA, BRM, EAM components.
* SOD analysis, Mitigation, Owner, Controller creation/ assignment, Risk/ Function
creation in GRC Access Risk Analysis
* Provide Firefighter access through GRC Access Request and maintain Firefighter Owner/
Controller, Risk Owner.
* SAP GRC Access Control implementation: Activation of business configuration sets,
Configuration of Connector groups, Synchronization jobs setup and monitoring.
* Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation
controls.
* Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests
* SAP HANA Security Administration activities for User creation, deactivation,
lock/unlock, Password reset, role assignment, validity extension.
* SAP AUDIT: Having auditing activity ITGC & SOX Control lead responsible for internal/
external audits including KPMG.
* CUA: Worked on CUA to manage multiple systems/clients, creating users and assigning
Roles to Users and CUA Configuration steps for SCUA, SCUM, SCUG and SCUL.
* Troubleshoot: Having support experience in SU53, STO1 & STAUTHTRACE activities
* Security SAP Note implementation/ Profile Parameter recommendation to Basis.
* SAP systems Internal clients transport activities to move the changes with help of
SCC1N.
* Support experience For Global Change Management process for Transport Movement through
Charm & Gate Call Activities.
* Supported the resolution of SAP security incidents, investigating and documenting
security breaches and proposing preventive measures.
01/2018
-
01/2023
Application Development Senior Analyst
Accenture Software Solutions Pvt. Ltd
Worked Client Details:
* YOKOGAWA - Industrial Automation & IT based industry in JAPAN
* HESS - Energy (Petro chemical) based industry in US
* UNILEVER - Consumer Goods service based industry GLOBAL
* ABINBEV(MOONWALK) - Beverage Based Industry GLOBAL
* Toronto Hydro - Electricity Distribution Corporation CANADA
Overall Project Roles & Responsibilities:
* SAP security and GRC implementation projects, providing end-to-end consulting services to
clients across various industries.
* ECC & S/4 Security: Experience in various aspects of SAP Security and Authorizations
including design of Authorization Profiles/Roles using Profile Generator (PFCG), Testing,
User Administration and Transport management, Troubleshooting Authorization issues and
analysis. Business Analysis to translate Functional requirements into technical design of
Security roles.
* SAP GRC Admin: Expertise with implementation and management of SAP GRC 12.0 Access
Control component
* SAP GRC Access Control Implementation: Activation of business configuration sets,
Configuration of Connector groups, Synchronization jobs, Rule set generation.
* Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation controls.
Firefighter/ Owner/ Controller management in Emergency access management
* Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests,
customization of request screens, Template management. Design of Reports of User, Role
and Risk statistics as per Business input
* HANA DB Security: User management, Role management and privilege assignment to the users
through HANA Studio. Tracing and troubleshooting.
* FIORI / UI5 Security: Gateway role design to include Catalogs, Groups and ODATA. Backend
role design to include T-code, ODATA with Authorizations. Trace error log analysis for
missing Services and Backend authorizations.
* SAP BTP Security: User administration activities, privilege & group assignment to the
cloud users.
* CUA: Worked on CUA to manage multiple systems/clients, creating users and assigning Roles
to Users and CUA Configuration steps for SCUA, SCUM, SCUG and SCUL
* ITGC, SOX/ SOD Controls, Audit/ Process controls. Documentation of Evidence for internal
as well as external audits.
* Experience For Global Change Management process for Transport Movement through Charm &
Gate Call Activities.
* Key resource in implementing SAP Security Framework on Critical Authorization, Profiles,
Transactions, GUI scripting, Password policy, Security Parameter management, Standard
user management, ICF Services, Configuration validation, Data security and RFC Security.
* Basis knowledge in Support pack/ SAP note implementation, Transport Management, OSS
Connections, Parameter and RFC configurations.
* Authorization roles for Change request management and CUA in Solution Manager (SOLMAN).
* Collaborate with SAP Basis and functional teams to maintain user provisioning and
de-provisioning processes, optimizing access management.
* Develop and maintain security documentation, including security policies, procedures, and
best practices.
* Participate in external and internal audits, ensuring compliance with security standards
and regulations.
* Train end-users and IT teams on SAP security policies and best practices, increasing
awareness and adherence to security guidelines.
* Provided support in resolving security incidents, investigating and documenting security
breaches and implementing corrective actions.
* Security Role redesign in support projects to simplify design, Ticket reduction and
better Access control.
* Acted as the subject matter expert (SME) for SAP security-related issues, providing
technical guidance and support to project teams and clients.
* Having experience on SAP System migration Support activities
* Adherence to SLA's and prioritizing issues based on the priority and urgency of the
ticket. Sending end user notifications, in case of a Critical or High Priority issue
* Met tight deadlines and provided exemplary guidance to test teams across the delivered
projects. Accustomed for providing support in 24x7 Environment.
* Dedicated team player with good communication and written skills. Innovative and proven
ability to identify, analyze, solve problems to increase customer satisfaction and
flexibility to learn new applications.
* YOKOGAWA - Industrial Automation & IT based industry in JAPAN
* HESS - Energy (Petro chemical) based industry in US
* UNILEVER - Consumer Goods service based industry GLOBAL
* ABINBEV(MOONWALK) - Beverage Based Industry GLOBAL
* Toronto Hydro - Electricity Distribution Corporation CANADA
Overall Project Roles & Responsibilities:
* SAP security and GRC implementation projects, providing end-to-end consulting services to
clients across various industries.
* ECC & S/4 Security: Experience in various aspects of SAP Security and Authorizations
including design of Authorization Profiles/Roles using Profile Generator (PFCG), Testing,
User Administration and Transport management, Troubleshooting Authorization issues and
analysis. Business Analysis to translate Functional requirements into technical design of
Security roles.
* SAP GRC Admin: Expertise with implementation and management of SAP GRC 12.0 Access
Control component
* SAP GRC Access Control Implementation: Activation of business configuration sets,
Configuration of Connector groups, Synchronization jobs, Rule set generation.
* Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation controls.
Firefighter/ Owner/ Controller management in Emergency access management
* Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests,
customization of request screens, Template management. Design of Reports of User, Role
and Risk statistics as per Business input
* HANA DB Security: User management, Role management and privilege assignment to the users
through HANA Studio. Tracing and troubleshooting.
* FIORI / UI5 Security: Gateway role design to include Catalogs, Groups and ODATA. Backend
role design to include T-code, ODATA with Authorizations. Trace error log analysis for
missing Services and Backend authorizations.
* SAP BTP Security: User administration activities, privilege & group assignment to the
cloud users.
* CUA: Worked on CUA to manage multiple systems/clients, creating users and assigning Roles
to Users and CUA Configuration steps for SCUA, SCUM, SCUG and SCUL
* ITGC, SOX/ SOD Controls, Audit/ Process controls. Documentation of Evidence for internal
as well as external audits.
* Experience For Global Change Management process for Transport Movement through Charm &
Gate Call Activities.
* Key resource in implementing SAP Security Framework on Critical Authorization, Profiles,
Transactions, GUI scripting, Password policy, Security Parameter management, Standard
user management, ICF Services, Configuration validation, Data security and RFC Security.
* Basis knowledge in Support pack/ SAP note implementation, Transport Management, OSS
Connections, Parameter and RFC configurations.
* Authorization roles for Change request management and CUA in Solution Manager (SOLMAN).
* Collaborate with SAP Basis and functional teams to maintain user provisioning and
de-provisioning processes, optimizing access management.
* Develop and maintain security documentation, including security policies, procedures, and
best practices.
* Participate in external and internal audits, ensuring compliance with security standards
and regulations.
* Train end-users and IT teams on SAP security policies and best practices, increasing
awareness and adherence to security guidelines.
* Provided support in resolving security incidents, investigating and documenting security
breaches and implementing corrective actions.
* Security Role redesign in support projects to simplify design, Ticket reduction and
better Access control.
* Acted as the subject matter expert (SME) for SAP security-related issues, providing
technical guidance and support to project teams and clients.
* Having experience on SAP System migration Support activities
* Adherence to SLA's and prioritizing issues based on the priority and urgency of the
ticket. Sending end user notifications, in case of a Critical or High Priority issue
* Met tight deadlines and provided exemplary guidance to test teams across the delivered
projects. Accustomed for providing support in 24x7 Environment.
* Dedicated team player with good communication and written skills. Innovative and proven
ability to identify, analyze, solve problems to increase customer satisfaction and
flexibility to learn new applications.
09/2020
-
05/2022
SAP Security and GRC Consultant
Accenture Software Solutions Pvt Ltd.
3.Project details:
Organization : Accenture Software Solutions Pvt Ltd.
Designation : SAP Security and GRC Consultant
Client : Unilever
Duration : Sep 2020 to May 2022
Roles & Responsibilities:
* User Administration: Complete end-to-end user administration that includes Administer
Authorized Users (add/delete/lock/modify), assigning User Groups, adding of roles to
users. Modifying user authorization access and Analyzing User authorization errors et.
* Build, Testing and Defect Resolution: Derived Single and Composite roles for the new
Business Units with Change management guidelines ensuring system integrity. Coordinated
with Functional Teams during Business Role Unit Testing and Integration Testing resolving
the defects.
* Post Go-live: Primary Support until Steady state period. Prioritize and resolve issues
during the steady-state period and other responsibilities were to finalize the
Organization Level Design, Role Design, Role matrix before the go-live.
* Support experience for Plant wise role creation & profile generation
* Role assignment to user via SU01 record and PA20, PO13 (User Position), Role changes,
Restricting authorization objects, Access Restoration, Role De-provisioning as per the
business requirement.
* Troubleshoot: Having support experience in SU53, STO1 & STAUTHTRACE activities.
* Support experience SOLMAN system administration activities for GCHARM, SOLDOC, BPMON,
TECHMON, ITSM modules
* Defect tracking using HPQC and change management with Charm/ SOLMAN system.
* Role changes through Charm - change management tool with weekly CAB & TAB Meetings.
* Adherence to SLA's and prioritizing issues based on the priority and urgency of the
ticket. Sending end user notifications, in case of a Critical or High Priority issue
Organization : Accenture Software Solutions Pvt Ltd.
Designation : SAP Security and GRC Consultant
Client : Unilever
Duration : Sep 2020 to May 2022
Roles & Responsibilities:
* User Administration: Complete end-to-end user administration that includes Administer
Authorized Users (add/delete/lock/modify), assigning User Groups, adding of roles to
users. Modifying user authorization access and Analyzing User authorization errors et.
* Build, Testing and Defect Resolution: Derived Single and Composite roles for the new
Business Units with Change management guidelines ensuring system integrity. Coordinated
with Functional Teams during Business Role Unit Testing and Integration Testing resolving
the defects.
* Post Go-live: Primary Support until Steady state period. Prioritize and resolve issues
during the steady-state period and other responsibilities were to finalize the
Organization Level Design, Role Design, Role matrix before the go-live.
* Support experience for Plant wise role creation & profile generation
* Role assignment to user via SU01 record and PA20, PO13 (User Position), Role changes,
Restricting authorization objects, Access Restoration, Role De-provisioning as per the
business requirement.
* Troubleshoot: Having support experience in SU53, STO1 & STAUTHTRACE activities.
* Support experience SOLMAN system administration activities for GCHARM, SOLDOC, BPMON,
TECHMON, ITSM modules
* Defect tracking using HPQC and change management with Charm/ SOLMAN system.
* Role changes through Charm - change management tool with weekly CAB & TAB Meetings.
* Adherence to SLA's and prioritizing issues based on the priority and urgency of the
ticket. Sending end user notifications, in case of a Critical or High Priority issue
06/2019
-
08/2020
SAP Security and GRC Consultant
Accenture Software Solutions Pvt Ltd.
4.Project details:
Organization : Accenture Software Solutions Pvt Ltd.
Designation : SAP Security and GRC Consultant
Client : ABInBEV
Duration : Jun 2019 to Aug 2020
Roles & Responsibilities:
* User Access Provisioning using CUA for ECC and Non ECC systems. Mass Creation of User
Master Records; troubleshoot issues with Users Authorization, assignment of Composite and
Single roles (Position based security and User Based Security).
* Handled Role administration covering various plant wise role creation for master/derived,
single roles, composite roles.
* Handled troubleshooting authorization issues using the SAP transactions like SU53, ST01.
* Worked on CHARM process for all role changes.
* Handled Compliance process & Global Changes request (GCR).
* Worked on auditing activity for SSF, ITGC, MICS controls implemented in SAP systems.
* Good Hands-on Experience in GRC 12.0 Access Control Support for ARA & EAM modules.
* Handled risk analysis using User & Role level simulation in Access Risk Analysis (ARA).
* Providing Access to Solve Emergency issues using EAM.
* Checking SU53 screen shot and assigning roles as per user request.
* Creating firefighter ID's. Request and assign to the user.
* Firefighter log report extraction.
Organization : Accenture Software Solutions Pvt Ltd.
Designation : SAP Security and GRC Consultant
Client : ABInBEV
Duration : Jun 2019 to Aug 2020
Roles & Responsibilities:
* User Access Provisioning using CUA for ECC and Non ECC systems. Mass Creation of User
Master Records; troubleshoot issues with Users Authorization, assignment of Composite and
Single roles (Position based security and User Based Security).
* Handled Role administration covering various plant wise role creation for master/derived,
single roles, composite roles.
* Handled troubleshooting authorization issues using the SAP transactions like SU53, ST01.
* Worked on CHARM process for all role changes.
* Handled Compliance process & Global Changes request (GCR).
* Worked on auditing activity for SSF, ITGC, MICS controls implemented in SAP systems.
* Good Hands-on Experience in GRC 12.0 Access Control Support for ARA & EAM modules.
* Handled risk analysis using User & Role level simulation in Access Risk Analysis (ARA).
* Providing Access to Solve Emergency issues using EAM.
* Checking SU53 screen shot and assigning roles as per user request.
* Creating firefighter ID's. Request and assign to the user.
* Firefighter log report extraction.
11/2018
-
06/2019
SAP Security and GRC Consultant
Accenture Software Solutions Pvt Ltd.
5.Project details:
Organization : Accenture Software Solutions Pvt Ltd.
Designation : SAP Security and GRC Consultant
Client : Toronto Hydro (TH-AMS)
Duration : Nov 2018 to Jun 2019
Roles & Responsibilities:
* Worked on User creation and BPC Teams assign to the user in BPC environment.
* Worked on configuration of CUA (Central User Administration) and good in usage of tables
to get the reports and having experience in SUIM & Tables.
* Handled Role administration covering various roles viz. Single role & composite.
* All the User administration request fully handled on CUA
* Working on SCUA, SCUM and SCUL
* Worked on SSO administration process by using HRUSER, HRUSERSYNC and PA20
* Handled troubleshooting authorization issues using the SAP transactions like SU53, ST01,
STAUTHTRACE.
* Worked on Role based Firefighter access provide to the user.
Organization : Accenture Software Solutions Pvt Ltd.
Designation : SAP Security and GRC Consultant
Client : Toronto Hydro (TH-AMS)
Duration : Nov 2018 to Jun 2019
Roles & Responsibilities:
* Worked on User creation and BPC Teams assign to the user in BPC environment.
* Worked on configuration of CUA (Central User Administration) and good in usage of tables
to get the reports and having experience in SUIM & Tables.
* Handled Role administration covering various roles viz. Single role & composite.
* All the User administration request fully handled on CUA
* Working on SCUA, SCUM and SCUL
* Worked on SSO administration process by using HRUSER, HRUSERSYNC and PA20
* Handled troubleshooting authorization issues using the SAP transactions like SU53, ST01,
STAUTHTRACE.
* Worked on Role based Firefighter access provide to the user.
Certifications
SAP Certified Technology Professional - System Security Architect
SAP
2023
SAP Certified Application Associate - SAP Access Control 12.0
SAP
2023
Local Availability
Only available for remote work
