Lakshmi Challagulla

  • SAP Security Admin
  • San Antonio, TX
  • Member Since Jun 02, 2023

Candidates About

 

Lakshmi Challagulla

Summary

·         Over Eight years of extensive experience as SAP R/3 Security Administrator with in-depth knowledge in designing and implementing SAP security solutions, Data security and Authorization concepts.

·         Highly experienced in SAP Security with ECC, SCM, BW, CRM, SRM, GRC, Portal, Hana and Fiori.

·         Strong experience in SAP Security Administration, GRC, User Administration, Change Management ,Portal Security, UME, Authorization Objects, Analysis Authorizations in BI, Roles, Profiles, Trouble shooting and Production Support.

·         Good Experience in full lifecycle SAP implementations

·         Strong understanding of dual rail strategy & it's implications and Dual Maintenance in SAP Upgrade projects

·         Expertise in Sail Point and Identity Access Management (IAM). Created IAM roles and policies. Run Security Audit reports and Managed users for roles.

·         Involved in work load analysis, escalation and deliverables management.

·         Experience in creating analysis authorizations using RSECADMIN.

·         Good repute for my efficient communication with the client; efficient skills in people management and effective knowledge transfer to offshore team particularly during the transition and upgrade phases.

·         Extensive experience in Segregation of duties. Interacted directly with financial directors and local application managers to implement mitigation controls.

·         Troubleshooting via SU53 and system trace (ST01) to record authorization checks for the user sessions and tracing the missed authorization.

·         Used CATT scripts for creating and maintaining users, roles, profiles and authorizations.

·         Created Analysis authorizations using RSECADMIN, troubleshoot analysis authorization problems.

·         Knowledge of IBM Tivoli Identity Management.

·         Producing SoD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using Risk Analysis and Remediation /Compliance Calibrator.

·         Mitigation and remediation of users and roles for SOX using User/Role Analysis in Analysis and Remediation /Compliance Calibrator.

·         Determining and report if any risks will be introduced by simulating the addition of transactions, Roles, or Profiles to a User ID.

·         Responsible for providing customers with Implementation, Development, Enhancement and Support activities for their SAP applications, worked as Solution architect.

  • Creating and providing the FFID Access, periodically generating the FFID log reports.

·         Generating AGR* & USR* reports

 

 

Technical skills

 

·         ERP : SAP R/3 Enterprise 4.7.0d,  ECC6.0

·         SAP Modules:  ECC, BI, CRM, SRM, BOBJ, GRC, S/4 Hana, Fiori and Portal.

·         Databases: Oracle 8i, 9i, SQL, PL/SQL, SQL Server, and MS Access.

·         Programming Languages: C/C++

·         Scripting: Python

·         Operating Systems: MS-DOS, Windows 98/NT/XP/2000, UNIX, AIX, LINUX

 

 

Project Experience

 

Andeavor                                                                                                                                                              San Antonio, TX

SAP Security Admin                                                                                                                                           Oct’16 to till Date

 

Roles & Responsibilities:

·         Gathered requirements for Business and provides security and technical expertise to development of roles to satisfy business requirements.

·         Works with business areas and project teams to troubleshoot issues with security objects and identify and implement appropriate solutions.

·         Experience with ECC, BW, BOBJ HR, BPC, GRC, HANA, Fiori and Solution Manager Modules.

  •  Performed testing authorizations for multiple environments and supported for testing with business and IT users.

·         Experience with GRC Access Controls and had Basic knowledge on GRC configuration

·         Created roles for GRC Access Controls and performed testing of GRC roles

·         Documented the steps of GRC for each Process Area and helped Business with testing

·         Studied the Organization structure, jobs, roles and the SOD matrix for the Security developed in SAP and handled SOD conflicts for Sarbanes Oxley Compliance

·         Working with respective functional heads for SOD & security changes based on SOX violations at T-code level & Object level.

·         Created and managed users in S/4 Hana. Created roles in S/4 Hana and restricted operations on objects.

Granted roles to users in Hana.

·         Worked on SAP HANA DB to grant users privileges and troubleshot  issues related _SYS_REPO and other technical users

·         Created DBMC user in Hana and given privileges. Solved access issues related to object privileges for users.

·         Analyzed issues while connecting to SAP HANA DB through Power BI.

·         Created and maintained users in FIORI through LDAP. Developed roles in Fiori front End system and assigned roles to users in Fiori system and backend S/4.

·         Analyzed issues related Fiori Deal Capture by running trace both in front and Back-end systems.

·         Worked with UX team to solve Fiori config issues.

·         Worked on Third Party tools like Vertex, LDAP, AD, Track and HP

·         Review of critical & sensitive authorizations, implementing improvements to meet audit requirements, made suggestion for security policies and standard/best practices.

·         Performed Security tasks for Server Decommissions Monthly

·         Worked on Service Now tickets with necessary role modifications, role assignments and transported roles to Production weekly releases

·         Experience in analyzing critical issues with root cause and coordinating with respective teams to resolve the issue.

·         Troubleshoot missing authorization problems exclusively using ST01 and suggest resolution.

·         Created Local Business objects group and tied it to the LDAP group.

·         Applied an access level to group on the Business objects folder by user security.

·         Secured universes by data classification and applied security. Break inheritance for Internal groups on restricted or confidential universe folders so that it appears as “No Access”. 

·         Maintaining Credentials for OSS ID's in Secure Area.

·         Worked on HR role modification and maintained user Info types in PA30

·         Given KT to Entry Level Security analysts and helped them in Project

·         Participated in Weekly Change Control Meetings and discussed with team regarding Meeting Notes.

·         Modified roles as per the RBA Process with approvals

·         Worked on Analysis Authorization issues in BW and added new Multiproviders in role restricted to particular Info Area

·         Worked with Audit team in getting respective reports as per the requirement

·         Performed Security tasks for Dress Rehearsals

·         Worked on setting up Security tasks for Cutover Activities.

·         Performed Cutover tasks during Go-Live and completed tasks as per the schedule

·         Worked on Hyper care issues after Go-live and supported as Level 2 security for Escalations

·         Worked as  24/7 On-call Support and scheduled meeting with Off-shore regarding Security updates and process

 

 

 

Harley- Davidson Powertrain Operations                                                                                                          Milwaukee, WI

SAP Security Administrator                                                                                                                Dec’14 to Aug’16

 

Roles & Responsibilities:

 

·         Worked with functional team leads financial control teams to define the new transactions.

·         Gathered requirements for the end users for ECC, BW, APO/SCM systems.

·         Secured roles by Company Code, Plant, Cost Center, Profit Center, and Purchasing Organization etc.

·         Analyzing all custom programs and transaction codes for authority checks.

·         Analyzing all business roles and mapped them to transaction code according to business processes.

·         Used PFCG t-code for Role and profile management and additions.

·         Create and maintain user authorization, roles and profiles for SAP ECC, BW

·         Used Derived roles to create new role and to transfer transaction codes from old ones to new ones.

·         Perform user creation, modification, lock/unlock and validity date extension.

·         Transport the generated roles and profiles using SAP transport management system.

·         Identify missing authorizations via trace to use system ids to run custom program as background job in ER- Project.

·         Work with testing team about how to test security profiles.

·         Created Static roles in Identity and access Management with Role Owner details.

·         Also created and Managed IAM polices for IAM roles and assigned suitable SAP roles to IAM policies.

·         Assigned IAM roles to users in DEV, QA and PROD upon Approvals.

·         Managed Services to the IAM policy as per the requirement

·         Run few reports in IAM like Policies Governing a Role, Entitlements granted to an Individual, User and Account Reports and other Custom reports.

·         Created users in LDAP, where user can login with credentials all system Landscapes using Single Sign on.

·         Handle tickets and defects for authorization failures and Additional access issues.

·         Documented the procedure for all SAP tasks process and controls.

·         Identified missing authorizations via trace to use system ids to run custom program as background job in ER-Project.

·         Worked on Authorization objects for securing Master data, Cluster data, Personal planning data, and Payroll data.

·         Assigned roles indirectly in Organizational management.

·         Worked on id administration for a large amount of users in Development, Quality, and Training and Production instances and provided developers key and reset the passwords.

·         Worked with testing team about how to test security profiles.

·         Provided knowledge transfer for SAP ECC, SCM, and BW security environment.

·         Performed trouble shooting on security problems by using system traces.

·         Working in collaboration with application managers to clean up the security Roles to eliminate segregation of duties conflicts

·         Maintained system parameters for password rules through transaction RZ11.

·         Worked closely with Audit team for user-role conflict removal in SAP R/3 and SAP BW.

·         Worked with Functional team to gather required information as part of Blueprint in GT Project

·         Worked with profile generator (PFCG) in creating roles, profiles, composite roles, derived roles, and global roles.

·         Creating new users and maintained users on day to-day basis (Single roles, Composite roles and Derived roles).

·         User master maintenance through Central user Administration.

·         Supported audit team for generating audit reports.

·         Studied the Organization structure, jobs, roles and the SOD matrix for the Security developed in SAP and handled SOD conflicts for Sarbanes Oxley Compliance

·         Worked with process experts & head of departments for SOD conflicts and assigned appropriate roles to the users.

·         Developed custom Authorization Objects for queries developed by the users.

·         Knowledge of IBM Tivoli Identity Management.

·         Worked on Creating TR using CHARM and QGM tools.

·         Worked on Assigning Firefighter access to user upon Approvals.

·         Handled critical and high issues during Integrating Testing and Cutover

·         Supported Hyper care issues after GO_LIVE

·         Given KT to our Off-shore support team to handle issues further.

 

Environment: ECC 6.0, 4.7 Enterprise Edition enabled   3- System Landscape, Oracle 9.2.0.6.0, HPQC, and Windows NT/2000                     

Tools: GRC, REV-TRAC, ITIM

 

 

 

Johnson Controls                                                                                                                                               Milwaukee, WI

SAP Security Analyst                                                                                                                                            July’13 to Nov'14

 

Responsibilities & Roles:

 

·         Led SAP Security Support for SAP BI Upgrade Project from BW 3.5 to BI 7.0(Both Technical (Analysis Authorizations) and Functional Upgrade).

·         Marked info objects Authorization relevant from RSD1.

·         Created new analysis authorizations using RSECADMIN as per the requirements and restricted by company code and plants.

·         Restricted data by Multiproviders instead of cubes to reduce maintenance.

·         Worked on Authorization trace through transaction codes like RSSMTRACE, RSSMQ, RSUDO, RSSM, analysis and identifying Info Areas Info cube, and created custom authorization objects

·         Recommended implementation of info object level BW security.

·         Designed BW roles and went through complete phase from designing the roles, supporting unit and integration testing, going live and post go live support.

·         Responsible for all SAP Security tasks, role design, development, configuration, troubleshooting, resolution, and documentation of all Production, Test, Development Systems of all SAP landscapes.

·         Worked on Sail Point Identity and Access Management. Expertise in Password Management, Single Sign - on, Access request and Provisioning Roles.

·         Analyzed the effects of system upgrades on the Security Access.

·         Led Role Redesign Project to reduce number of Composite roles assigned to users to one composite and redesigned single role’s in composites to eliminate redundant authorizations assignments.

·         Worked with the business in creating new roles – single roles and composite roles per requirements

·         Coordinated the Functional Unit testing (FUT), and Integration testing.

·         Worked on preparations for cutover, go-live  and post go live security activities

·         Analyzed the traces files and ABAP dumps to provide the appropriate access to the dialog as well as system users.

·         Maintained check indicators, authorization values for authorization objects for the SAP transaction codes through SU24 and transporting to the other SAP Systems.

·         Created BI analysis authorizations via RSECADMIN to implement field level & hierarchy security for org levels - company code, profit center and sales organization.

·         Worked with SRM team for maintaining the users & roles in the SRM Org Structure.

·         Worked on creating the SAP Profiles, Roles, Authorization Security for SRM Module.

·         Extensively worked on creating SRM derived roles from master roles and maintaining the SRM & PPS roles for the catalogs, shopping carts, bid invitation, buyers,

·         Work with SRM team for giving tcodes, authorizations for SRM Shopping Cart, Catalogs.

·         Created the Users & Roles in the portal system and assigned the Portal based roles, user groups to the users in DEV, QA, and PROD portal System for Single Sign ON (SSO). 

·         Worked on the Portal, SAP Roles and Portal Sync Program for the user’s access in the SAP portal & SAP backend system

·         Preparation of SoD Matrix for the Risk analysis and remediation in GRC.

·         Producing SoD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using RAR in GRC.

·         Mitigation and remediation of users and roles for SOX using User/Role Analysis

·         High Level solution/design formation and verification of solution with client

·         Managing all phases in the project life cycle- Design, Execution, Testing, UAT, Production delivery

·         Quality Management and Analysis during all phases in the project life cycle

·         Manage day to day team activities and provide technical & functional guidance to the team

·         Understanding the business process of our client and designing their SAP security roles

·         Manage customer Relationships – Obtain feedback and responsible for customer satisfaction

 

Environment: ECC 6.0, 4.7 Enterprise Edition enabled   3-  System Landscape, BI 7.0 ,BOBJ, GRC 10,SRM

Tools: GRC

               

 

 

Cardinal Health                                                                                                                                              Hyderabad, India                                                   

SAP Security Consultant                                                                                                                                     Oct’11 to Apr’13

 

Responsibilities & Roles:

 

·         Security related support on New Dimension products like BW/BI.