Kiran Nuthalapati

  • SAP Security and GRC Admin
  • Midland ,MI
  • Member Since May 11, 2023

Candidates About

 

Kiran Nuthalapati

SUMMARY:

Having 10+ Years of Experience in SAP ERP, as an SAP GRC AC and Security/Basis Consultant. Worked in all areas of common Security for SAP R/3, ECC, Net Weaver Enterprise Portal and BI ,BOBJ,CRM ,HR,HANA,Solman systems  and Providing high-level Security using GRC 10.0/10.1 and 5.3, Approva Bizrights, SOX compliance, Basic understanding of business organization functions, Security & Access, Risk and Control activities. Ability to work reliable interacted with clients independently and Support for Production environments.

 

¨       Extensive Hands on Experienceine on SAP ECC 6.0, BI Security,BOBJ,CRM,HANA,Solman,SAP CUA ( Central User Administration) ,GRC Access control 5.3 tools and GRC AC 10.x and Approva BizRights.

¨       Experience in configuration/customization of GRC AC 10.0/10.1(ARA/ARM/EAM & BRM).

¨       Worked in all phases of full life cycle implementation using ASAP methodology including analysis, design development, blue print phase, configuration, Cut-over phase, Testing, Training, GO-Live and Post implementation support.

¨       Extensively worked in various SAP Security implementations including releases  on different SAP systems and have good knowledge of SAP security design and implementation.

¨       Worked for create, maintain, and manage Business Process/Functions and Risks used to generate Rules.

¨       Worked for identifying risks, mitigation control for the risks, generating various security reports using Risk Analysis and Remediation.

¨       Responsible to run Synchronization jobs by weekly basis for user master data synchronization.

¨       Strong Experience in understanding Segregation of Duties and Audit Compliance Standards.

¨       Strong experience with multipleSAPsecurity lifecycles(Analysis & Conception, Implementation, Quality Assurance &Tests and Cutover).

¨       Excellent knowledge in profile-basedsecurity, structural authorizations, Central User Administration,Segregation of Duties (SOD), SAPGovernance Risk and Compliance.

¨       Administered SAP security including project and module implementation, SOD detection and resolution, role creation and maintenance, and user ID creation and maintenance.

¨       Used Profile Generator PFCG for creation, modifying roles, composite roles, global roles, and derived roles

¨      Performed daily, weekly and monthly audit reports in all production systems.

¨       Worked on profile parameters to enforce the security guidelines.

¨       Tracing missing authorizations objects using and recommending appropriate roles for the end users.

¨       Analyzing the User Access Problems and Providing Authorization reports through User Information System.

¨       Performed transports and mass transports of roles.

¨       Performed Monthly maintenance and DR (Disaster Recovery) Activities.

¨       Monitoring the status of Background jobs, Work Process, health checks, analyze system logs.

 

¨       Ability to work effectively in cross-functional team environments and experience of providing training to business users.

¨       Collaborate with other team members and business representatives to ensure that security roles, authorizations, activity levels and settings meet the Client requirements.

 

TECHNICAL SKILLS:

 

 

SAP Skills

 

SAP Security FI, CO, GRC AC 5.3/10.0, Approve Bizrights, SAP R/3 Security , CUA, Authorization, Transport, SOD, Profile Generator

SAP Version

SAP R/3 ECC 6.0, 5.0, 4.7, 4.6C

Operating System

Windows XP. Linux, UNIX, Windows Server 2000/2003

Data Bases

Oracle 10g,11g, MS SQL Server 2005

 

PROFESSIONAL EXPERIENCE:

 

Client       : DOW Chemicals Ltd , Midland ,Michigan                                Apr 17 – Till Date

Role          : SAP Security and GRC Admin

 

¨       Work on Security roll-outs for multiple opco’s as part of COE(center of excellence team).

¨       Extensively worked with various module SMEs in requirement gathering for various releases.

¨       Good experience in working with Work process and enabler roles.

¨       Worked on gathering the requirements from SME’s as part of LION project in merging Corning in to DOW land scape systems.

¨       Worked on role designing for differnrt tenant systems

¨       Creation of single and composite roles as per the requirement. From requirement gathering àRole development àUAT support àCutover à Support in production deployment à Hyper care support as part of LION EMEA and reset of the world Golive

¨       Work on Task group Security Service(TGSS) to assign the roles to users as part CORNING project.

¨       Performed user administration activities such as creating User id’s,Copying user id’s,assigning roles and assigning groups etc..

¨       Worked on clen-up activity of users who are not logged for morethan 90 days

¨       Creation of super ID (OSS ID), New Developer Key Access and Access key in SAP service market place.

¨       Providing access for Support id’s to SAP as per the OSS notes and extending validity dates for support ids.

¨       Providing Debug access and critical authorizations as per the requirement and tracing the user activities.

¨       Creating and maintaining authorization objects for Transactions.

¨       Restriction of Org and Non-org authorization values in Master and Derived roles

¨       Maintained authorization groups for all the required tables in the table TDDAT

 

 

¨       Involved in preapring SAP security templates i.e SOP (Standard operating Procedural document).

¨       Worked on Export Controls

¨       Extensively worked on BOBJ in securing different in content folder and applications by providing correct access rights.

¨       Invloved in securing Custom program using RSCSAUTH program

¨       Enforced users to maintain authority checks for newly created transaction codes.

¨       Troubleshoot R/3 Security problems by using different scenario such as system trace ST01, SU53 and SU56.

¨       Extensively Used SUIM (User Information System) to generate various reports for audit monitoring.

¨       Worked with security related tables.

¨       Performed daily, weekly and monthly audit reports in all production systems.

¨       Built Analysis Authorizations using the transaction RSECADMIN.

¨      Troubleshoot authorizations related problems using RSECADMIN

¨       Worked on portal administartaion i.e UME Users,UME roles and UME groups creation

¨       Maintenance of Access Owners & Emergency Access Management

¨       Scheduling background jobs to synchronize data (auth sync, repository object sync, Action usage sync, Role sync).

¨       Performed Access Risk analysis at Role level and User level

¨       Mitigation control maintenance and Access Control owners maintenance

 

Client       : AbbVie    - Chicago,Illinois                                                              Feb 16 – Feb-17

Role          : SAP Security and GRC Consultant

 

Key Deliverables:

 

·         Experience in configuration/customization of GRC AC 10.0/10.1(ARA/ARM/EAM & BRM)

·         Configured Pre-installation & post-installation activities of AC 10.1

·         Created and Maintained RFC connectors

·         Documented all changes in GRC Production systems

·         Maintenance of Access Owners & Emergency Access Management

·         BC sets activation, Designed Customized Rule set

·         Performed Pre-and post-installation steps of Access Risk Analysis, Emergency Access Management, and Access Request.

·         Monitored and Raised few GRC AC 10.1 open issues on Daily access assignments and communicated to SAP Tech upgrade team.

·         Extensively worked in various SAP Security implementations including releases  on different SAP systems and have good knowledge of SAP security design and implementation

·         Troubleshoot R/3 Security problems by using different scenario such as system trace ST01, SU53 and SU56.

·         Extensively Used SUIM (User Information System) to generate various reports for audit monitoring.

·         Performed reconciliation of user master record and roles using PFUD.

·         Worked with security related tables.

·         Creation of single and composite roles as per the requirement. From requirement gathering àRole development àUAT support àCutover à Support in production deployment à Hyper care support.

·         Working with Derived Role concept, maintaining the master and child roles.

·         Enforced users to maintain authority checks for newly created transaction codes.

·         Downloading and Uploading of roles, generation (mass) the profiles through SUPC.
Scheduling background jobs to synchronize data (auth sync, repository object sync, Action usage sync, Role sync).

·         Performed Access Risk analysis at Role level and User level

·         Mitigation control maintenance and Access Control owners maintenance.

·         Configured Emergency Access Management component.

·         Firefighter Users creation, Assignment of owners to FFID, assignment of FFIDS to Controllers and Firefighters Created Reason codes

·         Executed reports like Risk Analysis Reports, EAM Reports, Audit Reports, etc

 

 

Client       : HEINEKEN , New York                                                                    Sep 14 – Feb 16

Role          : SAP Security and GRC Admin

 

¨       Experience in configuration/customization of GRC AC 10.0/10.1(ARA/EAM)

¨       Created and Maintained RFC connectors.

¨       Good knowledge and exposure to UCON framework to secure RFM’s .

¨       Good working experience on SAP solution Manager

¨       Maintenance of Access Owners & Emergency Access Management

¨       Scheduling background jobs to synchronize data (auth sync, repository object sync, Action usage sync, Role sync).

¨       Performed Access Risk analysis at Role level and User level

¨       Mitigation control maintenance and Access Control owners maintenance.

¨       Role Maintenance in Business Role Management using Role import.

¨       Configured Emergency Access Management component.

¨       Firefighter Users creation, Assignment of owners to FFID, assignment of FFIDS to Controllers and Firefighters Created Reason codes

¨       Executed reports like Risk Analysis Reports, EAM Reports, Audit Reports, etc.

¨       Worked on Re-designning of PARC (Powerful Access Rights Controlled) project role redesigning for IT users.

¨       Hands on experience in maintaining system priveles,analytical priveleges,Object priveleges,Packaged priveleges using HANA Studio

¨       Hands on experience in maintating User admin activities using HANA studio.

¨       Extensively worked on BOBJ in securing different in content folder and applications by providing correct access rights.

¨       Involved in preapring SAP security templates i.e AID (Application information Document).

¨       Worked with system security audit logs using STAD and  SM20

¨       Work on Security roll-outs for multiple opco’s as part of COE(center of excellence team).

¨       Enforced users to maintain authority checks for newly created transaction codes.

¨       Provided SAP security support for SAP upgrade project from 4.6C to ECC 6.0

¨       Extensively worked with various module SMEs in requirement gathering for various releases.

¨       User Administration: User ID creation, modification, termination, password resets, lock and unlock, checking validity.

¨       Worked on clen-up activity of users who are not logged for morethan 90 days

¨       Creation of super ID (OSS ID), New Developer Key Access and Access key in SAP service market place.

¨       Providing access for Support id’s to SAP as per the OSS notes and extending validity dates for support ids.

¨       Providing Debug access and critical authorizations as per the requirement and tracing the user activities.

¨       Good knowledge in creating Enterprise roles and mapping Priv’s using IDM tool.

¨       Restriction of Org and Non-org authorization values in Master and Derived roles

¨       Restriction of critical authorization object at activities level in various designations

¨       Troubleshoot R/3 Security problems by using different scenario such as system trace ST01, SU53 and SU56.

¨       Extensively Used SUIM (User Information System) to generate various reports for audit monitoring.

¨       Worked with security related tables.

¨       Performed daily, weekly and monthly audit reports in all production systems.

¨       Built Analysis Authorizations using the transaction RSECADMIN.

¨       Providing BI reporting access for the required queries with S_RS_COMP & S_RS_COMP1

¨       Assigned the Analysis Authorizations to the role using the object S_RS_AUTH. 

¨       Troubleshoot authorizations related problems using RSECADMIN.

 

Client       : COCO COLA Enterprises – CCE , Atlanta GA                             Jan 13 – Aug 14

Role          : Sap Security & GRC Consultant

 

Responsibilities

¨       Extensively worked in various SAP Security implementations including releases  on different SAP systems and have good knowledge of SAP security design and implementation methodology

¨       Extensively worked with various module SMEs in requirement gathering for various releases.

¨       Involved in various SAP Security release projects including TCO and BCOs activities

¨       Familiar with various types of testing involved in the SAP Security implementation and execution of tests in HP Quality Center

¨       Extensively worked on new SAP roles creation based on BPDs and Security blue print in the implementation phage

¨       Followed Sarbanes-Oxley Guidelines (SOX) & Segregation of Duties (SOD) for SAP-Security in Critical SAP-Process

¨       Expertise on analysis, design and implementation of brand new roles

¨       Responsible for designing authorisations in BPC.

¨       Involved in the preparation of SAP Security process related documents

¨       Expertise in creation of eCATT scripts & using for Mass activities

¨       Have worked on creation of Business, IT, OSS & RFC users across all the Land Scapes

¨       Analyzing and providing missing authorization access to users

¨       Create derived roles for region specific countries i.e. APSSO, ESSO,NA & LA etc

¨       Creation of super ID (OSS ID), New Developer Key Access and Access key in SAP service market place.

¨       User Administration: User ID creation, modification, termination, password resets, lock and unlock, checking validity.

¨       Providing access for Support id’s to SAP as per the OSS notes and extending validity dates for support ids.

¨       Worked on portal administartaion i.e UME Users,UME roles and UME groups creation

¨       Providing Debug access and critical authorizations as per the requirement and tracing the user activities.

¨       Worked on Mass user Administration activities using SU10.

¨       Troubleshoot R/3 Security problems by using different scenario such as system trace ST01, SU53 and SU56.

¨       Proposing Roles for missing access to Users to raise the request through SRDB and IDM tools.

¨       Extensively Used SUIM (User Information System) to generate various reports for audit monitoring.

¨       Performed reconciliation of user master record and roles using PFUD.

¨       Creating and modifying Single Roles, Composite roles and Derived roles as per change request.

¨       Worked on critical authorization Objects like S_TABU_DIS, S_DEVELOP, S_TABU_NAM,

¨       Performed transports and mass transports of roles via Rev-Track tool.

¨       Profile Generator Authorization Table Maintenance via SU24

¨       Worked with security related tables.

¨       Performed Monthly maintenance and DR Activities.

¨       Participated in system Refreshment activities.

¨       Performed daily, weekly and monthly audit reports in all production systems.

¨       Handling incident, change requests, Service request tickets based on SLA’s.

¨       Built Analysis Authorizations using the transaction RSECADMIN.

¨       Providing BI reporting access for the required queries with S_RS_COMP & S_RS_COMP1

¨       Troubleshoot authorizations related problems using RSECADMIN.

 

Company : Infosys , Hyderabad, India

Client       : Daimler-Chrysler, Mexico                                                               May 12– Nov 12                                                                                                  

Role          : SAP Security& GRC Consultant

 

Responsibilities:

¨       Creating and maintaining user master data according to the security policies and procedures.

¨       Worked on Mass user Administration activities using SU10

¨       Tracing and Assigning missing Authorizations as per User requirement using SU53 and ST01.

¨       Creating and modifying Single Roles and Derived roles as per change request

¨       Performed transports and mass transports of roles.

¨       Extensively Used SUIM (User Information System) to generate various reports for audit monitoring.

¨       Assigning Controllers, and Owners to Firefighter IDs

<span style="font-size:11pt;font-family:Symbol