Candidates About

 

Sarbjit Singh 

_____________________________________________________________________________

OBJECTIVE: I am a highly motivated and dedicated individual seeking a position as a SAP Security Consultant that will allow me to utilize my technical skills to better enhance the growth of the organization.

 

 

WORK EXPERIENCE:

v  8+ Years of extensive experience as an SAP ERP consultant.

v  Certified in SAP GRC 10.0

v  Experience in Creation of Master role, Composite roles, Derive roles, Enabler roles for various Streams\Modules such as PTP, OTC, FIN, HR, Solution Manager, Portal, Charm. 

v  Experience in maintaining security on SAP R/3 releases ECC 5.0, and ECC6.0

v  Experience with SAP GRC 10.0 Access Control tools ARA (Access Risk Analysis), EAM (Emergency Access Management) and GRC 5.3 RAR (Risk Analysis & Remediation).

v  Experienced in user administration and role assignment in CUA (Central User Administration), using SU01.

v  Worked on 2 Technical Upgrade projects out of which both projects handled alone. R/3 release 4.6C • ECC 6.0, ECC 5.0 • ECC 6.0. 

v  Designed various types of roles (Master Role, Derived Role, Composite Role and Single Role designing) using Profile Generator (PFCG); while ensuring SAP best practices are followed.

v  Worked with the functional and development teams for role development and strategy.

v  Good exposure on security tables such as TACT, TACTZ, AGR* and USR*.

v  Good Understanding of Tables, TDDAT.

v  Extensive skills in SAP ECC Security troubleshooting (SU53, SUIM and ST01/STAUTHTRACE).

v  Thorough experience in the maintenance of authorization objects with t-code SU24.

v  User Lock and Password maintenance create and assign new user groups using SU01.

v  Experience maintaining illegal password using table USR40.

v  Hands on Experience with LSMW and SAP MACRO script for mass activities such as Role assignment, user creation, and Password reset.

v  Experience in using SQVI transition, which allow you to combine SAP Tables.

v  Used Service now (Mytech) for Incident management, Creating changes, defect tracking and resolution.

v  Well versed in testing and deployment to production and Post Go-Live Support.

v  Good working relationship with functional and technical teams.

v  Excellent problem solving and analytical skills.

v  Very good exposure to give the Custom T-code access to users

 

 

 

 

Professional Experience:

Duration: 08/2016- 11/2016

Client:  At&T, Los Angeles, CA.

Position: SAP Security

Responsibilities:

 

Ø  Assigned Fire Fighter controller to Fire fighter ID

Ø  Analyze root cause of authorization problems and fix the missing authorizations, user support, resolve end user problems on day-to-day basis.

Ø  Created Enabler-roles or value based roles using SAP organizational unit like company code, plant, profit centers etc based on the business blueprint security requirements.

Ø  Worked on User Administration activities such as creation of User ID (SU01), Mass User Creation (SU10), and creation of support User IDs with excess authorizations & assign to Technical Support Users as per approvals.

Ø  Working on helpdesk tickets (BMC Remedy User) for authorization issues and user ID creation requests. 

Ø  Extensively worked on missing Authorizations issues using SU53 report from the user. Monitoring and Providing Table security with Critical authorization objects S_TABU_DIS, S_TABU_NAM.

Ø  Worked closely with the Technical Lead to create and maintain security roles, discuss status 
Reports, policies related to the SAP R/3 system, project timeliness and deliverables.  

 

Professional Experience:

Duration: 01/2015- 09/2016

Client: The Clorox Company, Pleasanton, CA.

Position: SAP Security Lead (Solo) /

 

Responsibilities:

Ø  Participated in weekly steering committee meeting explaining about security change order logged for the week

Ø  Provide daily SAP Security Support as required by business and for end users and project team members

Ø  Involved in designing security policies and production support of SAP R/3

Ø  Leading production support on day-day basis in ITSM and HPQC ticketing system.

 

v  ROLE ADMINISTRATION / UPGRADE

Ø  Created UAT and helped users in testing all new and modified roles.

Ø  Upgraded SAP Application from 4.7 EE to ECC 6.0 by Comparing USOBX_C and USOBT_C Tables and also updated application by using SU25 T-Code 

Ø  Created over 600 job roles through PFCG in SD, FI, MM, WM, PP

Ø  Extraction and loading of data from Sales Stats (0UC_SALES_STATS_02) and Mass Activity.

Ø  Worked closely with functional team leads to develop templates for R2TM (Role to Transaction Mapping) as well Master/ Single/ Derived/ Composite role design for FI/CO, SD, WM, MM, HR, PS modules, during initial project prep/blueprint/unit testing phases, and go live of ECC end user security roles.

Ø  Work with Functional specialists to help them understand what SAP authorization objects are causing conflicts and what all options exist for mitigating the conflicts.

Ø  Prepared BRD documents and followed SDLC methodologies.

Ø  Worked on critical authorization objects like S_TABU_DIS, S_DEVELOP, S_RZL_ADM, S_ADMI_FCD and S_TRANSPORT. 

Ø  Performed reconciliation of user master record and roles using PFUD and SUPC.

Ø  Changing the Org values based on requirements of business and role owners. 

 

 

v  TROUBLE SHOOTING

Ø  Analyze Root Cause of Authorization Problems and fix the missing authorizations, and resolve end user problems on day-to-day basis using SU53 and ST01

 

v  TABLE SECURITY

Ø  Used SAP tables to collect information needed for authorization ticket analysis and also for security designing (USR02, AGR* tables)

 

v  TRANSPORTS

Ø  Creating and approving Change Requests in CHARM/Solution Manger

Ø  Conducted mass transport/ release of roles as well as transporting from client to another client within the same system using transaction code PFCG, SE10, and SCC1.

Ø  Transported change requests across Dev, QA and Production systems 

 

v  USER MAINTENANCE

Ø  Creation of Users, resetting passwords, locking/unlocking users, Assigning/removing roles from users, copying users and deleting of users & registering Users with SAP.

Ø  Performed mass activities using SAP Macro / LSMW – (user creation, password reset, role assignment, etc)

 

v  GRC 10.0 AND AUDIT

Ø  Ran the risk analysis on Role Level & User level.

Ø  Created & assigned the FF roles for UAT cutover task with the approval of their team leads. 

Ø  Analyze & check for any Segregation of duties (SODs) 

Ø  Created rules books and General rules which comprised of security and segregation of  
duties violations.  

Ø  Generated compliance reports to identify SOD violations and critical authorizations and
created controls to mitigate or resolved risks.

Ø  Worked with business analysts and clean up the security roles to eliminate segregation of duties (SoD) conflicts using GRC Risk Analysis and Remediation tool 

 

Professional Experience:

Duration: 06/2013 – 12/2014

Client: Stub hub, San Francisco, Ca.

Position: SAP Security Consultant

 

Responsibilities:

Ø  Participated in on-call support on a weekly rotation within the team

Ø  Provided excellent communication and customer service to the business and end users

Ø  Found new authorization objects which comes while upgrading and updated roles as per required by Business.

Ø  Updated custom Roles which impacted by upgrade

Ø  Impact analysis done before update and perform post upgrade steps.

 

v  ROLE ADMINISTRATION

Ø  Performed user provisioning, role maintenance, role administration, and security reports/analysis

Ø  Worked closely with role owners and role approvers to analyze and determine the most appropriate and efficient way to deliver authorizations to end-users.

Ø  Used SUIM reports and SE16 security tables daily for role/user information/analysis

Ø  Very good exposure on Authorizations and Authorization concept.

Ø  Upload and download roles and copy role

Ø  Generating the mass profiles for roles using SUPC.

Ø  Created roles through PFCG in PP, MM, WM, PP and transporting them to QA for testing and then to production.

Ø  Performed Mass comparison of roles via PFUD

v  TROUBLE SHOOTING

Ø  Trouble shooting - Identifying the missing authorizations using SU53, ST01 trace and maintaining them in suitable role. 

Ø  Analyzed and troubleshoot security issues using SU53, ST01 and SUIM

v  TABLE SECURITY

Ø  Secured table access by using the authorization object S_TABU_NAM.

Ø  Combined two and more tables using SQVI

Ø  Worked with security related tables such as AGR_TCODES, AGR_USERS and AGR_DEFINE etc.

 

v  TRANSPORTS

Ø  Transported roles using PFCG, Release through SE10.

Ø  Transported roles using PFCG QA for testing and then to production.

 

v  USER MAINTENANCE

Ø  Performed user master maintenance such as creating users, assigning roles, deleting users, copying users, resetting passwords, lock/unlock user id’s using t-code SU01.

Ø  Used SU01 to create all types of users for various purposes.

Ø  Creating the user groups and maintain user as per the module.

Ø  Used SU10 to implement mass user changes.

Ø  Maintain OSS user Id, providing developer Keys, object access keys, and maintain service connections in SAP service market place.

 

v  GRC 10.0

Ø  Performed Role simulations within GRC access management for any role changes to analyze risks/impact involved, and any SOD violations created; communicating all risks to role owners.

Ø  Report if any risks will be introduced by simulating the addition of transactions, Roles by using GRC 10.0 (Risk analysis and Remediation) 

 

 

 

Duration: 07/2010 – 05/2013

Client: Autodesk, Inc. San Rafael, CA

Position: SAP Security Consultant. 

 

Responsibilities:

Ø  Used Change Request Management extensively to create change request in Solution Manager to Control, track and record all changes.

 

v  ROLE ADMINISTRATION

Ø  Worked with the functional teams to fill in all missing authorization values in security roles, based on their transaction task instructions performed in the development system prior to design

Ø  Worked on SAP Check Indicator Defaults and field values, reduced the scope of authorization checks using transaction SU24 and maintained check indicators for transaction codes.

Ø  Worked with Profile Generator (PFCG) in creating roles, profiles, composite roles, and derived roles. 

Ø  Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes as recommended by SAP best practices.    

Ø  Assessed and reviewed the use of the authorization object S_TABU_DIS and the table authorization classes (TDDAT) to determine whether all system tables are assigned an appropriate authorization class related to their job

Ø  Creating the Security Policy/Group Policy (SECPOL) for various purposes.

 

v  TABLE SECURITY

Ø  Worked with security related tables such as AGR_TCODES, AGR_USERS, AGR_AGRS, USR02, AGR_1251, AGR_1252, etc. 

Ø   

v  TROUBLE SHOOTING

Ø  Trouble shooting R/3 Security problems by using different scenarios such as system trace, parameter change, buffer reset, SU53 and SU56. 

 

v  USER MAINTENANCE

Ø  Following client process while user creation. Change user, Deactivation of users,    

Extended/Long leave.

 

v  AUDIT

Ø  Performing Audit activities by monthly and quarterly

 

 

Duration: 01/2008- 06/2010

Position SAP Security Consultant

Client: Lam Research, Fremont, CA

 

Responsibilities:

Ø  Completed change request tickets using the SAP Service Desk application on all systems for development, integration testing, and production support

 

v  USER MAINTENANCE

Ø  Performed user administration using the CUA (Central User Admin) tool across all systems, which include new hires, temp workers, contractors, and terminations

Ø  Locking and unlocking of users and user groups on specified systems when patches or refreshes need to be done using SU10 for mass lock

 

v  ROLE ADMINISTRATION

Ø   Created single/composite/master/derived roles using PFCG for project and business users 

Ø  Conducted single Role modifications to transaction codes and Authorization objects through T-code PFCG, while also monitoring Organization values

Ø  Maintained the existing roles and modified it upon request by business users (PFCG

Ø  Performed various security Role clean-ups in the R/3 system to ensure compliancy and tighter security.

 

v  TRANSPORTS

Ø  Single transport and Mass transport of roles through PFCG/SE10

v  TABLE SECURITY

Ø  Used T-code SE16 and analyzed security tables such as AGR* and USR*.

 

v  TROUBLE SHOOTING

Ø  Investigated user access problems and questions using trouble-shooting tools such as SUIM, ST01, and SU53.

Ø  Troubleshooting the authorization issues

Ø   Performed Trace and analyzed SU53 dump from Business/Functional team to resolve Authorization issues 

 

v  GRC & AUDIT

Ø  Performed audit logs activities (SM19 and SM20)

Ø  Created Mitigation Controls as per required by Business process and evaluated strategy to remediate and if in case remediate not possible worked closely with Business folks to Develop Mitigation Controls

Ø  Created Custom Rule sets by coping Standard GRC Rule sets and adjusted Custom rule sets as per Business needs and Generated Rule sets 

 

 

 

 

Education:

v  B.A., Computer Information Systems and Business Administration, DeVry University, Sacramento, CA.       

v  SAP Certified Application Associate – Sap Business Objects Access Control 10.0- Certificate ID: 0015776552