Gangadhar Raju Bachu

  • SAP Security &GRC
  • Portland,​ ​OR
  • Member Since May 10, 2023

Candidates About

 

Gangadhar Raju Bachu

IT Professional with Strong SAP Security &GRC

PROFESSIONAL SUMMARY

  • SAP GRC Certified Consultant with over 12+years of work experience in IT Industry with strong expertise in designing, developing, implementing, and supporting SAP GRC and security systems for large scale projects covering global locations which includes around 9+ years of experience in implementation of SAP security,structures, and controls5.3, 10& 10.1configuration and maintenance activities.

 

  • Experience in managing team sizes of 5 -10. Skilled in effort and budget estimates for project. Excellent communication and verbal skills in handling clients and team members with business knowledge. Act as a liaison between internal and external auditors for smooth and fair auditing.

Working closely with SOX and Internal security controls team in helping and defining controls in line with Sox compliance. Prepared Standard operating procedures (SOP’s) and job aids

 

  • Experience in participating Business proposals, Project kick off meetings along with stakeholders meeting and business process owners to identify project scope and planning.

 

  • Experience as GRC and Security Architect in various phases of ERP and GRC Implementation, Migration, Redesign and Roll-outs, SOX Audit, defining security controls and involved in development of business plans, Blueprinting, strategies, policies, standards, processes, and procedures to enable security and compliance.

 

  • Has involved in System Security Design and Configurations of SAP R/3, ECC, XI/PI, BI, CRM, SRM, BPC, BOBJ Admin, Hana Admin,Ariba, Solution Manager, Fiori,IDM,S4 Hana Securityand Security customstools like CPGRC, Approva, Security Weaver.

 

  • Expertise on various GRC Tools like ApprovaBizrights, CPGRC, Security Weaver and 10.0 Access control suite (Compliant User Provisioning (CUP)/Access Request Management (ARM), Risk Analysis & Remediation/ Access Risk Management (RAR/ARA), Super User Privilege Management(SPM)/Emergency Access and Enterprise Role Management(ERM)/Business Role Governance(BRM) tools.

 

EXPERIENCE SUMMARY

  • May 2017 to Till Date as SAP GRC Consultant at Spectrum Brands US
  • Feb 2016to May 2017 as SAP GRC &Security Consultant Sr. Associate at Cognizant US.
  • October 2012 to Feb 2016 as Tech Lead Security Consultant at Wipro India & US
  • March 2010 to October 2012 as, SAP Security Capgemini India Pvt Ltd
  • December 2007 to March 2010 as Associate Consultant at IBM India Pvt Ltd (Pune)
  • December 2005 to December 2007 as a SAP Security& Authorization, Consultant at Satyam Computers Pvt Ltd

 

EDUCATION & CERTIFICATIONS

·         Master’s in computer science (M.SC)

·         Certified in SAP GRC Access Control 10.0 (80%).

PROJECTS

Client                      : Spectrum Brands, Middleton Wi

SAP Modules          : GRC 10.0, ECC 6.0, SRM, XI/PI, Portal, BPC, CPGRC

SAP Versions           : SAP ECC Net Weaver 7.0

Duration                : May 2017 – Till date

Ticketing Tool          : Service Now

 

About Client: Spectrum Brands: The Company is a leading supplier of consumer batteries, residential locksets, residential builders' hardware, plumbing, shaving and grooming products, personal care products, small household appliances, specialty pet supplies, lawn and garden and home pest control products, personal insect repellents, and auto care.

Ticketing tool Service now

  • Extensive interaction with Business Organization Managers to understand User and Role Mitigations and Critical Transactions

·         Checking RFC destination of the target system on data queuing up and creating the system and communication users as per Business Needs.

·         Creating S- user id and opening the systems at service market place.

·         Removed the Enabler role concept and implemented new Derived role concept

·         Supported user administration for the production, development, and test environments.

·         Updated Licensing for all SAP systems. Compiled Licensing reports to SAP.

·         Under user Administration Analyzed trace fields and tracked missed authorizations for user access problems

·         Reviewing Cleanup of roles for the critical authorizations as per the reports from GRC.

·         Setting up System users as per the new projects for running the background jobs.

·         Creating user group in the CUA system for all the SAP users.

·         Changes to the Roles as per S4 Hana upgrade in OTC and PTP on Premise.

·         Updated the new rule set as per SAP S4 Hana

  • Creating and modifying master/derived roles, using the Profile Generator (PFCG) tool. And Moving roles to QAS & PRD as per the CAB Approval. After testing
  • Reviewed, validated, tested, and transported the generated rule set to QA and PRD
  • Approved GRC requests for provisioning of roles, created mitigation controls, performed risk analysis, checked for critical risks to determine if mitigations are required.

·         Uploaded FFID Owners androle owners and controllers as per the organization.

  • End to End upgrade activities (Re design, build, test, support) of SAP ECC Upgrade
  • Creating Functional and Technical design documents for the new business security roles.
  • Led the Role Redesign project on ECC to address large number of SoDs conflicts within SAP security roles, as identified due to the SOD through GRC
  • Defined and documented SOP's for SAP Security and GRC for day to day operations
  • Involved in Monthly User Access Review activity with the internal auditors
  • Involved in SOX testing and Audit with the compliance team and provided the required reports from SAP. Also provided the evidence for the requested changes
  • Setting up new workflow process for new users as per newly acquired business needs
  • Setting up security roles for newly acquired business
  • Creating new custom functions and risks as per new business requirements

 

Engagement Experience

 

Employee             : Cognizant Technologies

Client                     : PacifiCorp Power Portland, Oregon

SAP Modules       : ECC, BW, BOBJ, SRM, GRC 10.1

SAP Versions        : SAP ECC Net Weaver 7.0

Duration                 : SEP2016 – May2017

Role                           :Sr. Associate

About Client: PacifiCorp is an electric power company in the western United States.

PacifiCorp has three operating divisions:

·         Pacific Power is a regulated electric utility with service territory throughout Oregon, northern California, and southeastern Washington.

·         Rocky Mountain Power is a regulated electric utility with service territory throughout Utah, Wyoming, and southeastern Idaho.

·         PacifiCorp Transmission operates one of the largest privately held transmission systems in the U.S. within the western

Responsibilities: Remedy Tool for processing SAP Security requests are made up of the following: Users Functionality (ECC, BI, BPC, Portal, GRC) Lead, facilitate, coordinate, and track day-to- day activities required to ensure the project is completed on time, successfully, and in a manner consistent with organizational goals, departmental policies, established processes, and/or the standard terms and conditions. Oversees and directs the Security Administrators in the creation and maintenance of required master and derived security roles and the administration of users.

  • Testing with test coordinator while being responsible for managing both Integration testing and UAT test cycles
  • Providing solutions to Break Fix authorization issues in all SAP environments.
  • Proposing best security strategy aligned with SAP Best Practices and the business process requirements.
  • Excellent problem-solving skills, team player with Great communication and interpersonal skills.
  • Designing and maintaining Security in ECC, PI, SRM, HR, Portal, BOBJ, BPC& BI
  • Providing Specific application level access right/permissions to BPC users.
  • Determines what type of activities or tasks a user or team can perform in BPC.
  • Creating the Team Through web Interface and adding to user to enable the access.
  • Creation of a task profile in BPC system.
  • BOBJ User Management, Creation of Access levels&Creation of Groups
  • Assigning the roles in BW ABAP system to the users as BPC users Requirement.
  • Worked extensively with the area of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.
  • Managing assignment of mitigating controls for specific Segregation of Duties (SOD)violations
  • Security Requirements Collection, Re-design of Roles, Administration of Roles, Testing of Roles
  • Acting as a liaison between internal and external auditor for smooth auditing.

·         Review and analyze SOX/GRC and SOD reports and act accordingly.

  • System opening & Maintain the user update at service market place,
  • Creating user & License Key at service market place.
  • Performed SU25 activities after SAP Upgrade for ECC and BW Systems.
  • Performed post installation tasks such as Client copy validation, Activated the GRC AC applications in clients,
  • Checked and activated ICF services, activated BC sets and generated standard SAP profiles
  • Setting up Approvers and alternate approvers in GRC for roles
  • Involved in Monthly User Access Review activity with the internal auditors
  • Worked extensively in area of Firefighter implementations (EAM)
  • Mapped the FFIDs to Owners and Controllers
  • BEx queries to simulate/validate of user administrator

Employee                  : Cognizant Technologies

Client                         : Sony Music Entertainment Rutherford, New Jersey

SAP Modules            : ECC, BW, BizrightsApprova,BOBJ Admin,Hana Admin

SAP Versions            : SAP ECC Net Weaver 7.0

Duration                  : Feb2016 – Sep 2016

Role                           : Sr. Associate

 

 

About Client: Sony Music Entertainment (SME) is an American music corporation managed and operated by Sony Corporation of America (SCA), a subsidiary of Japanese conglomerate Sony Corporation. In 1929, the enterprise was first founded as American Record Corporation (ARC) and, in 1938, was renamed Columbia Recording Corporation, following ARC's acquisition by CBS. In 1966, the company was reorganized to become CBS Records. In 1987, Sony Corporation of Japan bought the company, and in 1991, renamed it SME. It is the world's second largest recorded music company, after Universal Music Group.

 

Responsibilities:

·         Design and build security roles for SAP systems like ECC, BI, BO, Portal, SOLMAN and SRM systems, adjust SU24 check indicators for initial setup, maintain the security profile parameters per existing domain policy.

·         Responsible for Security administration. Defining the roles and providing authorizations as per the functionalities of all the ECC Financial & BI associates single roles, derived and composite roles.

·         Mapping financial transactions through the business processes defined. Tested transaction codes for their authorized functionalities and resolved defects through configuration changes.

·         Maintained and configured Internal Controls for business, authorization object restriction controls via creating and changing roles within SAP systems as perrequirements

·         Created SOX roles for all the Finance related roles

·         Created Enabler role as per the Authorization object access

·         Involved in role administration of specialized custom product which is known as Royalty Ledger. This product involved 2 major components as Artist Ledger and Copyrights Ledger

·         Assigning authorized access/roles to user accounts in SAP systems as per the Matrix in ECC/Approval

·          Design and document for the new projects with Roles and Users

·         Updating the roles as per SOX compliance

·         Performing the UAT Testing of security roles to ensure proper implementation and accuracy of security roles

·         Worked on Role build for SAP BW on Hana for security related.

·         Worked on Role design for BPC and user creation from the Backend.

 

Employee                  : Wipro Technologies

Client                         : Marathon Petroleum Corporation Findlay Ohio

SAP Modules            : ECC, BW, CRM, Fiori, GRC

SAP Versions            : SAP ECC Net Weaver 7.0

Duration                  : September 2015 – Feb2016

Role                           : SAP Security and Authorization, Tech Lead

 

About Client: Marathon Petroleum Corporation is a United States based petroleum refining, marketing, and Transportation Company. The company was formed as a subsidiary on September 1, 2005, from the former Marathon Ashland Petroleum, LLC,[2] and is based in Findlay, Ohio Marathon Petroleum operated as a subsidiary of the Marathon Oil Corporation until becoming a standalone company on July 1, 2011.

 

Responsibilities:

·         Creating new roles and modifying existing roles based on new requirements.

·         Provides user administration support in all SAP systems and landscapes; daily processing of user requests through Remedy Ticketing tool.

·         Communicates with the IT and business users globally to facilitate questions, resolve issues, and request feedback on access issues.

·         Resolve end-user production support security issues in a timely and accurate manner; monitor and self-assign incoming tickets related to security and user administration.

·         Creating and adjusting roles within SAP systems as per business requirements and security guidelines

·         Assigning authorized access/roles to user accounts in SAP systems (Java, Portal, Data Services)

·          Assist in design, document, and continually enhance SAP security administration policies, processes, and procedures for the SAP environment

·         Participate in the implementation and support of SAP GRC (Governance Risk & Compliance) Access Controls 10.0 including ARA and EAM; assist with technical deployment of future rollouts.

·         Setup Emergency Access Management for auto firefighter provisioning, setup Firefighter IDs in GRC and SAP systems. Enable configuration settings for Access Risk & Analysis, User Access Management, Emergency

·         Access Management and Business Role Management as per functional specification and technical design document.

Employee              : Wipro Technologies

Client                      : Federal Mogul, Detroit, MI

SAP Modules         : CRM, APO, Fiori.Ariba

SAP Versions            : SAP ECC Net Weaver 7.0

Duration                 : February 2015 – August 2015

Role                           : SAP Security and Authorization, Team Lead

 

About Client: Federal-Mogul Corporation is an American developer, manufacturer and supplier of power train components and vehicle safety products. The company’s wide variety of products are used by numerous original equipment manufacturers around the globe, as well as servicers of automotive, commercial, aerospace, marine, rail and off-road vehicles; and industrial, agricultural and power-generation equipment

 

Responsibilities:

 

·         Primarily responsible for requirement gathering, design and implementation in SAP Role Design, Creation of Users in CRM ,APO

·         Understanding the business requirements and functional specifications of the client.

·         SAP Security and Authorization management.

·         Creation and management of roles in SAP systems

·         Assigning authorization objects to roles

·         working with business to define role design

·         SAP Fiori Setup of admin and developer roles

·         SAP APO Create and Change user roles and assignment of new roles to existing and new business users

·         Created composite role by selecting the Module specific (DP, SNP, PPDS, CIF)

·         SAP ECC Create and Change user roles and assignment of new roles to existing and new business users

·         User administration in SAP systems.

·         Ariba user management LikeUser creation using UI process

·         Creating the users for CSV export/Import

·         Creating groups in Ariba for Contracts and Auctions Users

·         Planning the test activities and preparation of test scenarios as per customer requirements.

·         Identify customer process gap, provide recommendations in security area to get clean chit from Audit.

·         Develop enhancements, system documentation, and production support and implement procedures for quality

·         Improvement and development. Managing & Mentoring team of 4 Security and Authorization consultants

·         Creating new roles and modifying existing roles based on new requirements

 

Employee                  : Wipro Technologies

Client                         : National Grid

SAP Modules            : SAP ECC, BI &GRC

SAP Versions            : SAP ECC Net Weaver 7.0

Duration                  : May 2013 – January 2015

Role                           : SAP Security and Authorization, Team Lead, Worked in UK &US

 

About Client: National Grid, National Grid owns and manages the grids to which many different energy sources are connected. In Britain National Grid run systems that deliver gas and electricity across the entire country. In the North Eastern states of the US, National Grid provides power directly to millions of customers.

 

Responsibilities:

·         Involved in implementation and support of SAP GRC (Governance Risk & Compliance) Access Controls 10.0 including ARA, ARQ and EAM; and Worked on Fiori for ESS and MSS Tiles Configuration assist with technical deployment of future rollouts and Upgrade of ECC.

·         Implementation and Testing of SAP GRC Access controls 10 including RAR (Risk Analysis & Remediation),

·         CUP (Compliant User Provisioning) and SPM (Super User Privilege Management) Â Responsible for Complete end-to-end implementation & deliverables of GRC Access Control 10.1 Handling client meeting and Gathering business requirements

·         10.1 (ARA, ARM, and EAM). Design technical landscapes and configuration of workflows in SAP GRC. Perform Risk Analysis user level and role level in SAP GRC 10.1. Create Business owner, Risk Owner, and Mitigation Owner to manage access risk. Manage Access Risk, Provision and Manage Users, Design and Manage Roles, and Centralized Emergency

·         Expert in performing User administration, role development using Profile Generator (PFCG)

·         Worked on creating Tile configuration for ESS and MSS users in Fiori Catalog

·         Activating the OData Services and creating the roles with selecting the Fiori Templates.

·         Configuring Roles with Launchpad Start Authorizations.

·         Assigning the Groups for Fiori Users through LDAP.

·         Configured the Parameters for USERS Setting only in Fiori System.

·         Providing solutions to Break Fix authorization issues in all SAP environments.

·         Proposing best security strategy aligned with SAP Best Practices and the business process requirements.

·         Excellent problem-solving skills, team player with Great communication and interpersonal skills.

·         Designing and maintaining Security in ECC, PI, SRM,HR, Portal & BI

·         Worked on SAP Check Indicator Defaults and Field values

·         Worked extensively with the area of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.

·         Managing assignment of mitigating controls for specific Segregation of Duties (SOD)violations

·         Security Requirements Collection, Re-design of Roles, Administration of Roles, Testing of Roles

·         Expert in Automated scripts to update Org levels.

·         Periodic reviewing of assignment of Business roles to IT users

·         Part of internal Audit controls team in periodic reviewing of security controls

·         Acting as a liaison between internal and external auditors for smooth auditing

·         Review and analyze SOX/GRC and SOD reports and act accordingly

 

Employee                  : Wipro Technologies

Client                         : Philips, Consumer Products, Lighting, Healthcare Products &manufacturing

SAP Modules            : SAP ECC, BI/BW, CRM, APO

SAP Versions