
Lakshmi Sankar
- SAP Security / GRC
- San Diego, CA
- Member Since May 11, 2023
Lakshmi Sankar
SAP Security / GRC Consultant
Career Overview
Highly skilled SAP Security/GRC Consultant seeking a career within an organization to apply my skills and continue my
technical and professional growth.
· Around 7 years' experience in SAP Security and GRC.
· Extensive knowledge in SAP security concepts and User/Role administration across ECC, BW, BI, HR, CRM, SRM and Solution Manager.
· Handled Implementation, Enhancement and Production support projects.
· Experience in Requirement gathering, Design, Build and Test roles for a SAP Roll out project.
· Extensive and hands on experience in Virsa, GRC 5.3 versions.
· Participated in GRC 10.1 implementation (ARM,EAM,BRM,ARA)
· Highly skilled to support security authorization problems in line with segregation of duties (SOD) adhering to Service Level Agreements (SLA).
· Part of SOX IT Controls Team.
· Exposure to Security Weaver Solutions.
· Knowledge on Central User Administration (CUA).
· Worked in Canada and single point of contact (SPOC) for entire North American region on Security related issues.
· Close coordination with client to understand and develop solutions to meet customer business needs.
· Dedicated team player with good analytical skills and delivering excellent customer support.
· Mentor Team member on SAP Security.
Technical Skills
Skills Total Years
SAP Security/GRC 7
Work Experience
KPMG US - SAP GRC Consultant Duration: March 2016 till Date
· Configured and implemented GRC10.1 suite (ARA, ARM, EAM and BRM).
· Configured SOD and UAR Review in GRC 10.1 system.
· Maintained MSMP Workflow Settings for all GRC Access Request, Firefighter log review, Role Management, User Access Review and SOD review.
· Performed post installation activities using SPRO.
· Work with SAP Service Support Team to resolve GRC 10.1 product defects on GRC implementation.
· Testing the whole application depending on the users involved who will be part of SOD /UAR Review process.
· Develop functionality, Testing Scenario’s, and UAT scripts as per requirements and ensure that all test cases are passed.
· Strong Experience in understanding Segregation of Duties and Audit Compliance Standards.
· Document the cutover plan, and coordinate with Release management team for successful implementation.
· Troubleshoot Analysis Authorization
· Created Fire Fighter Roles and Fire Fighter Ids for Super User Privilege Access
· Work with SAP Service Development team, to solve complex integration issues.
· Revisit the SAP GRC configuration parameters for Firefighter and provide a recommendation for effective usage of Firefighter.
Internal Audit Support – SAP Security/GRC
- Assessed clients’ IT general controls for user access. Provided the team with the results of the assessment including identified risks.
- Performing an initial assessment of IT Process, systems and applications.
- Part of ITGC / SOX IT controls testing team performing the testing of the effectiveness of the IT controls and helping the teams in remediation of the exceptions identified.
Infosys Limited – SAP Security Consultant Duration: May 2010 – April 2014
Canada/India
·
· Perform SAP Security monitoring and support.
· Resolved incident tickets as per established process, in adherence with Segregation of Duties(SOD).
· Extensive experience with SAP authorization concept in SAP ECC, BW, BI, HR, CRM, SRM systems.
· Strong knowledge in SAP Security tables, SUIM, SU53, ST01, SU24, SU25 etc.
· Participated in SAP Security analysis, design and Implementation efforts.
· User and Role Maintenance activities implementing SOD tools.
· Managing SOX Compliance Remediation tasks to comply with SOX/SOD requirements.
· Assist in the Annual and Quarterly SOX404 Security Validations, performing segregation of duties (SoD), critical action (CA), critical permission (CP) analysis, and remediation.
· Technical support to functional team.
· Serve as the escalation point for SAP security and Functional issues.
· Maintained transports between development and target systems.
· Position Based Security - Setting up users and positions with appropriate roles and authorizations.
· HR Security - Analyzing Authorization issues with Structural Authorization.
· BI Security - Analyzed and provisioned analysis authorization for reporting users.
· Portal Security - User creation, assigning portal roles and groups to users.
· Experience working with Virsa (Compliance Calibrator, Access Enforcer, Role Expert and Fire) and SAP GRC 5.3 Access Control Components (Risk Analysis Remediation, Enterprise Role Management, Superuser Privilege Management and Compliant User Provisioning).
· Trained and experience in GRC 10.1 (Access Risk Analysis, Emergency Access, Access Request Management and Business Role Management).
· Knowledge in Security Weaver components (Separations Enforcer, Emergency Access).
· Working knowledge in Single Sign on concept (SSO).
· Experience with Central User administration (CUA) - User administration and role assignment to position.
· Setting up OSS user ids for consultants and providing OSS connections.
· Provided high touch and weekend support for major business units Go-Live.
· BW and HR access provisioning via rule sets.
· Assist /Mentor Team Members in troubleshooting issues when problem arises.
· Ticketing tool - HP Open View, Service Now.
· Worked from Canada - Single Point of Contact (SPOC) for entire North American region for all security related issues.
Infosys Limited - Solution Delivery - SAP Security
Chennai, India
· Involved in SAP Security analysis, design and implementation efforts.
· Development, testing, and implement SAP Security roles, profiles and authorizations across SAP system
landscape using Profile Generator.
· Held Role Design meetings with Business and functional teams to gather requirements.
· Implement SAP Security Policies and procedures for customers.
· Worked with Internal Audit throughout design to identify SOD risks and ensure SOX compliance.
· Design, Develop and Implementation of BI Security Roles using RSECADMIN.
· Experienced in adhering to the Change Management Process for transporting roles, security objects and maintaining the change documents.
· Clean up activity of all invalid users in active directory.
· Update roles for major/minor releases with appropriate access based on requirement.
IGate Patni - SAP Security Consultant Duration: Jan 2008 – May 2010
Mumbai, India
· Requirement gathering, Design, Development and Maintenance of SAP applications Security.
· Create Users and assign Roles within SAP.
· Create and modify roles as per the Performa raised by Business Process architect.
· Implement SAP Security policies and procedures for customers.
· Responsible for Development. Testing and Administration of roles in SAP R/3 and BW3.5.
· Transport Management - Transport of newly created roles after successful testing.
· Provided technical support for role Implementation and Redesign of Roles.
· Provide Production support including ongoing support and maintenance of roles.
· Close coordination with other functional teams related to role based transactions authorization verification.
· Perform SOD conflicts and propose options and solution to implement mitigating controls and eliminate risks.
· Coordination with customer basis lead for the business critical requests, approvals.
· Performed Role defect updates in development.
· Performing Role Comparison between Development and production Systems and stabilizing them.
· Maintenance activity for roles during cut over of Systems.
· User administration using Central user administration (CUA).
· Generation of month end reports from SAP system.
· SOD Rollout Summary: This project included redesigning of composite roles based on transactions which are executed by the user.
· Responsibilities: Preparation of Business Blueprints for Security Requirement Gathering Role Design, Build
and Testing.
·
IGate Patni Internal Systems: Maintenance and provided support for all internal SAP systems.
Education
Bachelor of Engineering: Electronics & Communication, 2007
R.M.D Engineering College - Chennai, India