Abdul Mohammed

  • SAP Security Administration / SAP GRC Security Consultant
  • San Francisco, CA
  • Member Since May 11, 2023

Candidates About

 

 Abdul Mohammed

SAP GRC Security Administrator

Professional Summary

·         Ambitious SAP Security Administration with over 10 years of experience.

·         I have experience in Implementation of Security Design across multiple SAP Systems which includes SAP 4.6B, 4.6 C, ECC 5.0, ECC 6.0,  SAP HR – HCM 7.0 , BW 3.5 , BI 7.0 ,CRM 7.0, SRM 7.0, SOLUTION MANAGER 7.0, CUA Enterprise Portal 7.0 and GRC  5.3 and GRC 10.0.

·         Experienced in 4 full life cycle implementations of Security/Authorization on various SAP Systems.

·         Worked on 2 upgrade projects from SAP R/3 4.6 B, and ECC 5.0 to ECC 6.0 which includes post-upgrade steps, assessment of authorizations and redesign of the roles

·         Extensive experience in User Administration of SAP Enterprise Portal 6.0 

·         Analyzed and classified SAP Users for SAP licensing issue using USMM and SLAW.

·         I have experience in CUA implementation.

·         Worked with BI Analysis Authorizations, User administration for reporting and Admin Users.

·         Extensive experience in Production support, mass user maintenance using LSMW script.

·         Strong configuration and analysis experience in using Profile Generator in SAP Security.

·         Worked on Implementation and upgrade projects from R/3 Enterprise to ECC 6.0 including upgrade & post-upgrade steps, assessment of authorizations and redesign the roles.

·         Designed the Security for MM, SD, FI, CO, CRM 5.0, SRM 5.0 and HR-HCM modules. Access Problems - Worked on security related problems for MM, SD, FI, CO and HR-HCM (Human Capital Management).

·         Worked with internal and external audit team, which supports real-time compliance to research, remove, and prevent access and authorization risks by preventing Sox violations before they occur.  Provided support and assistance for all Sox testing.

·         Extensively used NWBC for Access Management Components.

·         A motivated individual and a quick learner, committed to teamwork, multicultural experience. Able to communicate clearly with clients, peers and managers.

·         Hands on IDM for User Provisioning & De-Provisioning.

·         I have been involved in full life cycle implementations and upgrades in SAP  ECC 6.0, BI 7.0, CRM 7.0,GRC AC 5.5.3/10.0,virsa tool

·         Production support for SAP ECC 5.0, 6.0, BI 7.0, CRM 7.0

·         Hands on experience on Portals user management and roles.

·         Resolved tickets related to handling production issues in SAP ECC 5.0 and ECC 6.0

·         Good knowledge of security tables, table authorizations, authorization groups and customizing authorization objects.

·         Strong understanding of business issues related to security and communicated effectively with developers and end users.

·         In-depth understanding of SAP Security architecture, configuration, redesign and upgrade.

·         Successfully identifying risks and implementing security solutions for wide range of projects and applications. Adept in risk assessment, project management, and security audits.

·         Skilled in using various security related tables via SE16 for various reports and analysis purposes and knowledge on building SAP query for report needs which are not achievable through SUIM.

·         Creating and maintaining Template roles, Derived roles, Global roles and Composite roles using Profile Generator (PFCG) in SAP R/3 systems.

·         Experience in Implementation Design Security across multiple SAP Components (ECC5.0,ECC 6.0, CRM 7.0, BI 7.x, SCM, HCM Solution manager, PI,GRC 5.3 and Enterprise Portal 6.0)

·         Implemented security in various CRM Modules such as Customer Interaction Centre, Trade Promotion Management, and Trade claims management /Sales/Marketing.

·         Strong configuration and analysis experience in using Profile Generator in SAP Security.

·         Extensive worked on CRM 7.x (CRM UI (User Interface) with full life cycle implementation.

·         Analyzed and classified SAP Users for SAP licensing issue using USMM and SU01.

·         Extensively worked on Profile Generator (PFCG), good understanding of single roles, composite roles, and derived roles.

·         Experience in Role Conflict identification & remediation

·         Experience in generating and maintaining PFCG security roles from navigation built in WEBUI framework.

·         Experience in using LSMW and SECATT scripts for mass user creation and user maintenance.

·         Knowledge of SAP central user administration (CUA) implementation and maintenance.

·         Configured GRC Access Control 10.0 ARA, EAM, ARM, BRM.

·         Configured GRC 10.0-AC includes adhering to the configuration and implementation guides, deploying standard industry content, and integrating processes that will meet expectations. In addition, and as part of integration methodology. I adapt the content (rulebooks, etc) to relate to a specific organization’s risks.

·         I focus expertise on deploying and integrating the following SAP GRC functionality.

·         SOD analysis of users, roles, and profiles and user access reviews/access certification

·         Automated provisioning of end user’s security request and password self service functionality

·         Automated provisioning of Emergency access requests and audit documentation associated with transactional usage

·         Configured GRC 5.3 Complaint User Provisioning (CUP) to automate provisioning, tests for segregation of duties (SOD) risks, and streamlines approvals by the appropriate business approvers to unburden IT staff and provide a complete history of user access.

·         Experience with configuring and implementing the GRC Access Control 5.3 tools such as RAR, CUP, SPM and ERM for remediation of Segregation of Duties (SOD) within SAP implementation for audit and SOX Compliance.

·         Worked on Business Objects GRC 5.3 for Sarbanes-Oxley Act (SOX) with section 302 and 404 for compliance of authorization objects to different roles.

·         Excellent communication and interpersonal skills with problem solving abilities, effectiveness in working independently and exceptional team player.

·                           Compliance Calibrator Tools Experiences Summary              

·         Extensively worked with Sarbanes-Oxley Compliance - Strategic Management related to SAP business process; Extensive hands-on experience with VIRSA GRC Compliance Calibrator to identify, analyze and resolve all Segregation of Duties (SOD) and audit within SAP implementation.

·         Analyzing risk analysis through User & Role level.

·         Scheduling background jobs in RAR to find risk analysis.

·         Involved in Post-installation activities of Firefighter.

·         Created FFIDs, FF Owners, FF Controllers and assigned FFIDs to FF.

·         Extracted log reports of FF ID s and sent to Controllers.

·         Practical experience in mitigating and using compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall SAP security strategy

·         Experience in running and simulating risk analysis at user and role Level and applying mitigation controls to users and roles

·         Created and worked with rule sets

·         Worked on re-design of existing role to make it SOD free role thus reducing SOD significantly

·         Provided support or internal and external audits SAP information (table & data) during audits and ran and analyzed user ID traces

 

TECHNICAL SKILLS:

 

Languages

Java, XML, HTML, PL/SQL, C++, C.

Web Technologies

SOAP, WS-Addressing, WS-Secure Conversation, WS-Policy, WS-Security, WS-Federation, WS-Trust, SAML.

Markup Languages

HTML, XML

Programming/Scripting

JavaScript, HTML, XML, SQL, SHELL scripting, WLST

Operating Systems

Red Hat Linux 4.0/5.0/6.0, Windows 2003/2000, Solaris 8.x/9.x/10.x

Databases

Oracle 11g/10g/9i/8i, MS Access, MySql, MS SQL Server

J2EE Technologies

JSP, Servlets, Java Beans Struts, JDBC, JNDI, JMS, XML, RMI, EJB, Web services.

Application Servers

Oracle Application Server, WebLogic Application Server 8/9.2/10.1/11g/12c, JBoss EAP 6, Apache Tomcat 6.x, IIS

Web Servers

Apache-HTTP Server 2.x, Sun One Webserver 6.x

Tools

Jdeveloper, Oracle SOA, ANT, JRockit management Console, Load Runner, Siteminder..

Packages

J2EE, JDK1.4/1.5/1.6/1.7

Version Control

CVS, SVN

Networking & Protocols

TCP/IP, Telnet, HTTP, HTTPS, Ping, FTP, SNMP, LDAP, DNS, ARP, SSL, RMI.

 

 

 

Experience Summary

 

PG&E (Pacific Gas and Electric Company)                                                                  May’ 2013 – Till Date

San Francisco, CA

SAP GRC Security Consultant

 

Roles and Responsibilities

 

  • Full lifecycle SAP implementation
  • Developed functional specification documents for ECC 6.0, BI & CRM Security Worked on production support issues from BI System
  • Manage user IDs for unit testing, for performance testing, as well as training IDs
  • Monitor testing & check completion status
  • Proficient with SAP security design & build using PFCG
  • Worked closely with business objects team to resolve reports issue related to security.
  • Activities: Setting up user IDs, assigning roles, resetting password, locking/unlocking users (SU01, SU10, SCUA, SCUL, SCUM).
  • I have designed, implemented, configured and integrated CRM with HCM, and also hands on experience with Employee Interaction Cecter (EIC).
  • I have extensive experience with human Capital Management (HCM) Integration with CRM.
  • Hands on experience with E-Mail Response Management/Notification.
  • Worked on CRM Middleware
  • Complaint, Opportunity and Knowledge Management in CRM.
  • Experience in CTI Integration, Avaya Elite Multi Channel (EMC) solution.
  • Implemented R/3 Security solutions to comply with Audit requirements related to Sarbanes Oxley Act (SOX).
  • Communicated successfully with technology, business and internal and external auditing groups to gather requirements and proposed the best security solutions.
  • Created Single Roles, Composite Roles, Derived Roles and maintained complete documentation of roles.
  • Involved in testing or roles individually and moved to production.
  • Access to Database tables was restricted by authorization object S_TABU_DIS and assignment of authorization groups through SE54
  • Critical reports in the system were restricted by controlling authorization object S_PROGRAM through SE38 and SA38.
  • Creation of transaction codes was done on need to only basis and was carried out through SE93 by following a company set pattern. Maintain check indicators for transaction codes through SU24.
  • Involved in SAP GRC suite implementation meetings with the business users to know about the SOD conflicts at transaction code level
  • Solved issues related to Super user privilege management (SPM), Compliant User Provisioning (CUP), and Risk Analysis and remediation (RAR).
  • Setup Firefighter user id’s for critical tasks which was required to be recorded for Audit purpose and assignment of firefighter roles was given to appropriate firefighter ids.
  • Provided knowledge transfer to SAP IT users about access to firefighter id with t-code /n/virsa/vfat
  • Generate SOD reports and resolved the Segregation of duties as per audit compliance.
  • Extensively used Org management related transactions and implemented HR based security.
  • Created roles, Authorizations, object classes, objects, and assigned roles to user master.
  • Transported profiles between clients within R/3 system and between R/3 systems.
  • Created users, roles and assigned required privileges for the database access.
  • Used (PFCG) Profile Generator for creation, modifying roles, composite roles, global roles & derived roles.
  • Created users using SU01 and maintained user master and established security policies and procedures.
  • Extensively worked on Authorization objects, fields, authorizations, authorization profiles.
  • Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of Significant Processes and controls. Continuously improved security configuration to reflect best practices and to prepare for system audits.
  • Educated client personnel in R/3 Security and general Basis knowledge.
  • Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
  • Resolved all SOX and Audit issues in CRM and R/3 system. Where applicable created mitigation control on some of the issues.
  • Identified custom T-Codes which have SOD violation were not the part of Virsa Rule Set.
  • Worked on Rule Architect and Mitigation control. Extracted Virsa Report to identify Conflicting Transaction and SOD violation.
  • Deleted the expired Users and updated the roles to the User Master Data.
  • Copied, Locked/Unlocked, Deleted, Change Passwords and Renamed the Users through User Mass Maintenance.
  • Created New Users, Reference Users with approval of higher management team.
  • Extensively Used (PFCG) Profile Generator for creation, modifying composite roles, global roles & derived roles.
  • Resolved all SOX and Audit issues in R/3 system. Where applicable created mitigation control on some of the issues.
  • Worked on SAP Check indicator using SU24 for required objects to be check/maintained.
  • Worked with UAT Team and functional folks for roles with new objects and t-codes.
  • Supported extended hours during Cutover, Go Live and Hyper care (Post Go-Live) through on call rotation.
  • Established security testing procedures and tools and educated testing team about how to test security profiles.
  • Generated SOD reports and resolved the Segregation of duties as per audit compliance.
  • Up on ticket request trace a particular user and troubleshoot the problem with ST01 and SU53.
  • Installed and configured OEM Cloud Control in HA mode
  • Extended OEM to support JVMD Engine.
  • Installed OEM Agents and JVMD Agents on target hosts and WebLogic Domains.
  • Designed and implemented security model for managing user access in OEM.
  • Developed dashboards and alerts for OIM domains in OEM.
  • Documented roles redesign, upgraded roles and recorded all security modifications.
  • Maintaining the Security Audit logs and setting the Audit log Parameters.

 

 

Miller Coors - Milwaukee, WI                                                                                                           April’12 -March’13

SAP GRC Security Administrator

 

Roles and Responsibilities

 

·         Implemented R/3 Security solutions to comply with Audit requirements related to Sarbanes Oxley Act (SOX).  

·         Created new roles single roles, composite roles and derived roles as per the requirements for ECC and BI System.

·         Intensive production support for existing R/3 and ECC 6.0 System roles, complete analysis of FI/CO, SD, MM roles to comply with SOX and perform Segregation of Duties on the roles.

·         Documented roles redesign, upgraded roles and recorded all security modifications.

·         Worked on SAP Check indicator using SU24 for required objects to be check/maintained.

·         Worked on Role Comparisons across the systems.

·         Worked with UAT Team and functional folks for roles with new objects and tcodes.

·         Configured and Implemented Central User Administration.

·         Experience in User Administration of SAP Enterprise Portal 6.0 

·         Imported R/3 Roles into Portals and assigned them to users. 

·         Created Portal Users and did User mapping between Portals and R/3 system

·         Worked with the Business Objects team to create authorizations for the financial reporting.

·         Involved in testing crystal reports for the dashboard.

·         Worked closely with the business teams to fix authorization on Business Objects, Advanced

Analysis and Dashboard.

·         Build security and successful testing of various objects related to Dashboard.

·         Fixed errors while UAT and raised issues related to existing roles, redesign of roles, SOD conflicts and made compliant to SOX for Auditing purpose.

·         Suggested and Implemented PFUD Job runs periodically to avoid user comparison PRD Issues.

·         Analyzed and classified SAP Users for SAP licensing issue using USMM and SU01.

·         Created mass users and assigned roles using LSMW.

 

 

 

Harley-Davidson, Milwaukee, WI                                                                                             Jan’11 – April’12

SAP GRC / CRM Security Consultant.

 

Roles and Responsibilities

 

·         Implement and configured GRC Access Control 5.3.

·         Worked closely with business objects team to resolve reports issue related to security.

·         Implement and configured Super user privilege management (SPM), Compliant User Provisioning (CUP), and Risk Analysis and remediation (RAR).

·         Setup Firefighter user id’s for critical tasks which was required to be recorded for Audit purpose and assignment of firefighter roles was given to appropriate firefighter ids.

·         Worked on CSI tool for SOD remediation

·         Performed quarterly ICS Control for SAP Security

·         Worked with internal and external Auditors

·         Generate SOD reports and resolved the Segregation of duties as per audit compliance.

·         Worked with functional and business team to set up common roles and additional roles as per the designations for SAP CRM 7.0 with Adobe flex as front end

·         Involved in Adobe flex integration with CRM and achieving security from front end and back end.

·         Documented security roles with all the business tasks, reports, Adobe UI Screen fields, objects, custom objects, and z table

·         Used BP and PPOMA_CRM, extensively in CRM system to assign user ids to Business partner and assign position to Org structure and debug user issues.

·         Configured and Implemented Central User Administration (CUA). Created and maintained User IDs in CUA.

·         Developed functional specification documents for ECC 6.0 & CRM Security.

·         Worked on production support issues from CRM system.

·         Created, maintained Security roles in CRM 2007.

·         Used transaction RSECADMIN for creating custom authorization objects and S_RS_AUTH for assigning authorization objects for BI query end user roles.

·         Worked on BEx analyzer using transaction RRMX and restricting the users to see the queries using S_RS_COMP and S_RS_COMP1.

·         Worked on SAP Check Indicator Defaults and Field values, reduced the scope of authorization checks using transaction SU24 and maintained check indicators for transaction codes

·         Used Central User Administration (CUA) to handle User Administration/maintenance activities : setting up userIDs, assigning roles, resetting password, locking/unlocking users (SU01, SU10,SCUA,SCUL,SCUM).

·         Work extensively with to restrict the CRM Master Data – Product Hierarchies, products, Territories, Wholesaler, Root Organization, Employees, Contacts, Accounts

·         Created single role, composite role and derived role as per organizational structure in ECC 6.0

·         Derived roles from parent roles using PFCG and assigned that derived role to different organizational levels.

·         Part of the implementation for Customer Interaction Center module in CRM

·         Created Custom Auth Objects for CRM as per business requirements.

·         CRM Web client-based security.

·         Analyzed the Org Model and created relevant security design.

·         Coordinated with the CRM configure to understand PFCG roles to Business Role mapping.

·          

·         Environment: ECC 6.0, CRM 7.0, ADOBE FLEX, XI PI, EP 6.0, Solution Manager, GRC 5.3

 

 

 

Genworth Financials - Rancho Cordova, CA                                                                          Jan’08 – Nov’10

SAP Security Consultant

 

Roles and Responsibilities

 

·         Work with profile generator (PFCG) in creating roles, profiles, composite roles, derived
roles, and global roles.

·         Using ECATT script for mass generation of roles and User assignments.

·         Created Transaction codes for the programs and ran the transactions.

·         Configured Profile Generator and transported settings to all clients, setup security for the developers

·         Created users and maintained user master and established security policies and procedures.

·         Extensively worked on Authorization objects, fields, authorizations, authorization profiles.

·         Performed transports and mass transports of roles.

·         User maintenance (User creation/deletion/lockdown/activation/Password management).

·         Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones.

·         Extensively worked on Authorization objects, fields, authorizations, authorization profiles.

·         Performed transports and mass transports of roles. Tracing missed files and authorizations for user’s access problems and inserted missing authorizations manually.

  • Created users, roles and assigned required privileges for the database access. Used Profile Generator for creation, modifying roles, composite roles, global roles, derived roles.
  • Generated authorizations using Profile Generator and assigned to authorization profiles and assigned to activity groups. Activity groups are assigned to user master.
  • Used Derived activity groups to create new activity groups and to transfer transaction codes from old ones to new ones. Transported the generated roles and profiles using SAP transport management system.