Kiran Kumar Beerjala

  • SAP Security & GRC Consultant
  • New York City, NY
  • Member Since May 10, 2023

Candidates About

 

Kiran Kumar Beerjala

______________________________________________________________________________________

Executive Summary

·         Around 11 Years of experience in SAP Security and GRC

  • Strong experience in SAP Security end to end implementation and upgrades
  • Experienced in SAP S/4 HANA and Fiori Security

·         Expert knowledge & experience in GRC 5.3 and 10

·         Expert knowledge & experience in BI/BOBJ Security

·         Expert knowledge & experience in Solution manager/CHARM Security

·         Good knowledge & experience in Portal Security

·         Expert knowledge & experience in SOX compliance tools Virsa, Approva

·         Good knowledge & experience in HR security

  • Experienced in coordination with External Auditors and involved in the SOX Audits, documentation, and process improvements
  • Good knowledge in SAP HANA security including User Management, creating customized roles for all user types.

·         Good knowledge & experience in MDM Security

·         Good knowledge & experience in IDM 7.1

 

Certification:

·         Certified from SAP on SAP Business Objects Access Control 10.0

Awards:

·         “Guiding Light” has been awarded by Cognizant for demonstrating excellent mentoring/coaching within the project team, across the teams

·         Certificate of Recognition for Excellence awarded by Cognizant for the dedication and contribution towards successful delivery of SAP Security implementation for AstraZeneca project.

Trainings attended:

·         Attended training on ADM-950(R/3 Security authorization concepts and Security Auditing) from SAP. 

  • Internal training on GRC 5.3 (RAR, CUP, ERM and SPM) and GRC 10 (ARA, ARM, EAM and BRM)

 

 

Education:

·         Bachelor of Technology

 

Professional Experience:

 

Organization

Industry

From

To

Role

Cognizant Technology Solutions

IT

Jan 2008

Till date

Principal Consultant – ERP

Accenture Services Pvt Ltd.,

IT

Feb 2007

Nov 2007

Senior Software Engineer

 

 

SAP Project Experience:

 

Company: Cognizant Technology Solutions, USA Corp

Client: Purdue Pharma L.P.

Duration: February 2014 to till date

About Client: Purdue Pharma L.P. is a USA based pharmaceutical company committed to improving patients' lives and serving the healthcare community.

 

Project Responsibilities:

 

·         SAP S/4 Hana and Fiori security implementation for Purdue’s subsidiary company Mundi Pharma.

·         SAP Security production support activities which includes user, role administration, fixing missing authorizations

·         SAP Security upgrade for following systems have been performed by proper SU24 adjustments and role remediation’s with merely zero missing authorizations.

Ø  SAP ECC:  ECC 6.0 EHP 5 to ECC 6.0 EHP 7

Ø  SAP BW:  SAP BI 7.0 EHP1 to SAP BW 7.4

Ø  SAP SCM:  SCM 7.0 EHP 2 to SAP SCM 7.0 EHP 3

·         Brough down the SOD risks by thorough analysis at user/role level and by performing role level remediation. This has been achieved by coordination with SAP functional owners & Business owners

·         GRC ruleset has been customized as per Client/Business requirements.

·         Firefighter (Emergency access management) has been implemented at Purdue for multiple SAP modules to grant emergency access in Production systems for audit trail.

·         Successfully rolled out SAP Security up-gradation of solution manager from 7 to 7.1. Part of it, SAP Security roles have been built for approving Change requests at developer, Change manager, IT manager, ISQA, Basis level with in Charm (Solution manager).

·         Primary point of contact for External E&Y Audit at onsite and facilitated the audit for SAP Security module and all other modules.

·         User License Audit has been performed for all DEV and PRODUCTION systems across all landscapes.

·         Frequent SAP User access reviews have been performed quarterly, half yearly and yearly for critical SAP module roles by coordinating with Business owners ensuring end users have appropriate access, considering end users responsibility change and position change.

  • SAP derived roles have been designed, supported Unit/Integration testing, fixed missing authorizations for new Organization (Plant, Sales organization etc..) additions for multiple projects.
  • EWA alerts for SAP Security module have been analyzed and implemented, which includes default passwords standard users, SAP* restriction, ABAP password policy, users with critical authorizations
  • Position based access has been granted in SAP HCM by creating structural authorization (PD) profiles.
  • Critical Basis/Security/ABAP access has been secured.
  • Successful implementation and roll out for Gateway Security for Vinyl project which is a key milestone at Purdue for their benefits enrollment through Vinyl application. Part of this project, script has been developed for mass user role administration
  • SAP Security support has been provided for Arriba project.

 

 

Company: Cognizant Technology Solutions, India

Client: Boots, UK

Duration: August 2012 November 2013

About Client: Alliance Boots based out of UK is a leading international, pharmacy-led health and beauty group delivering a range of products and services to customers.

 

Project Responsibilities:

 

·         SAP Security redesign to meet SOD policies and as per SAP best practices

·         BW analysis authorization implementation and support

·         BOBJ Security implementation including Creating groups/folders and access restrictions

·         Central user administration for Client Heritage SAP systems

·         Trouble shooting authorization issues in ECC, POSDM, PI, SRM and BW systems

·         MDM user and role administration

·         IDM 7.1 support and troubleshooting issues with provisioning jobs in IDM

·         Monitoring the jobs in IDM console, creation of Privileges, Business roles in IDM

·         GRC 5.3 configuration changes and support

·         Role creation and maintenance through ERM (Enterprise role management)

·         Setting up the new work flow in CUP

·         Setting up new rules by creating custom risk/function ids as per Business requirement

·         Firefighter id creation/maintenance

·         Restricting critical and sensitive access in Production systems

·         Performing license auditing

·         Provisioning access to production systems through IDM and GRC and addressing the CUP request generation and provisioning issues in IDM and GRC.

·         Portal user and role administration

 

Company: Cognizant Technology Solutions, India

Client: Implementation of GRC AC 10 for Cognizant internal client (COE)

Duration: June 2012 to August 2012

 

Project Responsibilities:

 

·         BC sets have been activated in GRC AC10

·         Performed post installation steps for ARA, ARM, BRM and EAM in SPRO

·         Installed common component settings for AC in GRC 10

·         Setting up profile parameters for all components of AC10

·         Maintained connectors for back end systems which are connected to AC10

·         Defining the connector group and Assigning the connector to connector groups

·         Assigning Integration Scenario to Connector

·         Maintain Access Risk Levels

·         Generating SOD Rules

·         Generating Alerts

·         Scheduled the synch jobs for Access risk analysis

·         Scheduled the batch risk analysis to enable offline risk analysis and Dash boards for management reports

·         Customized the rule set based on the Global rule set

·         Setting up Organizational unit in NWBC

·         Setting up Access Control Owners in NWBC

·         Creation of custom risk ids and Mitigation control ids

·         Setting up the Firefighter ids, owners, and controllers in NWBC. Assign Owners to Firefighter ids and Controllers to Firefighter ids and assign Firefighter users to Firefighter ids

·         Creating rules in Business Rules Framework (BRF+)

 

Company: Cognizant Technology Solutions, India

Client: Nike

Duration: Nov 2009 to May 2012

About Client: Nike Inc. is the world's largest Sports ware company, has its headquarters in Beaverton City, USA. It has the business widespread across 150 countries and its leading sports ware company. It has its products in Apparel, Footwear, and Equipment

 

Project Responsibilities:

 

·         Task/Enabler model role implementation

·         Creation of single, derived roles and maintenance

·         Portal group/roles creation and maintenance

·         Setting up the initiators in CUP (GRC)

·         Setting up the connectors and maintenance for CUP, RAR and SPM

·         Setting up the back end(SAP) and Portal groups in CUP

·         Role mapping between the back-end roles and portal groups in CUP

·         Role owner changes, Geo-role owner changes in CUP

·         CUP request administration including the request forwarding, cancellation and trouble shooting the risk analysis errors etc.

·         Pulling the reports for CUP requests analysis and log report

·         Working with RAR for security reports

·         Updating the functions at action and permission level

·         Updating the risk ids and rules

·         Firefighter id creation and updating the owner/controller and FF tables in SPM

·         Working with role administration in SCM, SRM, XI, BI and HR landscapes.

·         Analysis authorization creation and maintenance using RSECADMIN in BI security

·         Restricting the info objects at value level and hierarchy node level

·         OSS id creation/maintenance and opening the connection to SAP

·         Assigning the Organization units to user ids in SRM using users_gen

 

Company: Cognizant Technology Solutions, India

Client: AstraZeneca

Duration: Feb 2009 to October 2009

About Client: Singapore is the hub for AstraZeneca(AZ)Asia Pac. AstraZeneca discover new medicines that are designed to improve the health and quality of life of patients around the world - medicines which are innovative, effective and which offer added benefits such as reduced side effects or better ways of taking the treatment.

 

Project Responsibilities:

 

  • Involved in end to end security implementation for AstraZeneca India
  • Involved in security redesign for other Asia Pac countries of AZ
  • SAP Security has been implemented based on organizational restrictions such as company code, plant, shipping point, storage locations, sales office etc.
  • Implemented release strategy for material management based on the purchasing groups and release codes.
  • Implemented Derived role and composite role strategy.
  • Protected critical t-codes and critical authorization objects against unauthorized access.
  • Provided production support for various modules like SOTC, RTR, MTD and PTP.
  • Maintained object level changes globally using su24 where ever necessary.
  • Implemented user exits with the help of developer for some fields which can not be restricted by std sap.
  • Trouble shooting missing authorizations using SU53 and ST01.
  • Working with various security tables and reports during and after implementation.
  • Opening OSS connections for SAP environments in Service Market Place.
  • Administer OSS access accounts and privileges includes Creating/Adding new OSS ID, Deleting expired OSS ids
  • Administrating authorization privileges for OSS ID & OSS Messages

·         Registering Developer Key & Object key etc

·         Trouble shooting the missing authorizations in BI using the RSECADMIN

·         Working with PD profiles in HR

·         Working with org unit assignment of personal ids using PO13 and PO12

 

Company: Cognizant Technology Solutions, India

Client: APCI (Air Products and Chemicals)

Duration: Jan 2008 to Jan 2009

About Client: Air Products and Chemicals, USA based Inc. is the world's third largest producer of industrial, specialty, and medical gases such as oxygen, nitrogen, argon, and hydrogen. It serves customers in industrial, energy, technology, and healthcare markets worldwide.

 

Project Responsibilities:

 

  • Working with SOX compliance tool Approva (Bizrights) to grant production access and performing simulations.
  • Provided level 1 production support (high severity issues) for all R/3 modules and BI 7.0
  • Creating & Modifying portal users
  • Mapping Portal User ID’s to SAP User ID’s

·         Analyzing backend connectivity & Authentication issues in Portal

·         Importing bulk users into portal etc.

  • Opening Connections to SAP
  • Involved in Creating Roles, Generating profiles, SU24 changes to Authorization Objects
  • Adding Reports and Queries to BW Roles as per the specifications.
  • Experienced in setting up the Audit Information System to facilitate internal and external audits

 

Company: Accenture, India

Client: CIO Organization

Duration: Feb-2007 to Nov-2007

About Client: The CIO Organization is an award-winning IT organization that provides innovative IT solutions to Accenture people in 49 countries. The CIO Organization provides a wide range of IT services across the company, including design and development of business applications.

 

Project Responsibilities:

 

  • Creating & updating users in R/3, BW & CRM environments via Access Enforcer
  • Uploading Roles into Virsa, Setting up the appropriate SAA’s (System Access Advisor) for each Business Locations/Sites in Virsa
  • Performing Virsa administration
  • Creating SIR’s (System Investigation request) for Security Development which includes creating change control forms (CHG) and Object migration (OM) predecessors (An OM is similar to a Transport Request)
  • Performing Peer Reviews for Security Development work in dev test client.
  • Building the new roles Single, Derived and Composite for all the streams.
  • Expertise in SAP Security and Authorizations which includes User Management, User Administration, Monitoring, User Tracing and Troubleshooting.
  • Production support during Go-Live for SAP security. Performing Assembly Testing of Role in Quality (Test) and Staging Conversion system.
  • Creation of users in various Development, Test, Staging & Conversion and Production Systems as per the SR (Environment change request).
  • Assignment of Authorization Groups to Tables (TDDATA, VD_DATA).
  • Worked on 3 Releases for SAP providing SAP Security support to the Global release team.
  • Experience:
    11 Years
  • Birthday:
    12/31/1969
  • Education Level:
    Bachelor

Contact Us

This website requires cookies to provide all of its features. By using our website, you agree to our use of cookies. More info