
Lokesh Kapireddy
- Sr. SAP Security Consultant
- Warren, NJ
- Member Since Mar 25, 2023
Lokesh Kapireddy
Sr. SAP Security Consultant
SUMMARY
· 10+ years of experience in SAP security administration, configuration, management
· Strong knowledge of multi system landscape architecture and integration aspects between heterogeneous system technologies R/3 ECC (HR, FI, SD, PS, MM, PP, WM), BW, BI, EP, CRM, GRC, SAP Net weaver Gateway, HANA, S/ 4 HANA BI/BOBJ, Bank Analyzer,
· Proven track record in designing and delivering complex SAP Security architecture solutions for global organizations
· Maintaining SAP security policies and documentation, Experienced with project management both for classic waterfall and agile delivery in a hybrid environment
· All administrative tasks related to HANA Security
· Conditioning workshops with Key Stakeholders, IT Leadership, and Business to organize workshops to get the exact security requirements that need to be built from an end user access perspective.
· Organizing workshops with Compliance & Process Team, Change Management and the Technical and functional team members to define custom security solutions across the landscape while establishing SOX and Segregation of Duties by revamping the existing set of internal controls.
· Working on Building custom Security solutions on systems like Business Planning Consolidation (BPC 10.0 ) , Business Objects 4.2 ( setting up access levels and group and folder level security for PFIT reports ) , Bank Analyzer 9.0 , Gateway Systems ( SAP Fiori UI5) and finally setting up user and access administration across HANA DB .
· Instrumental in setting up Transport mechanism ( LCM ) across the HANA database , setting up SSO between HANA DB and BOBJ systems , setting up audit logs and setting up promotion management to transport the BOBJ reports .
· Creating custom roles, object privileges, package privileges, application privileges and analytic privileges for the business users to get restricted access on Data.
· Setting up user access and profiles across Fiori systems to get the application views in the Launchpad.
· Analyzing and troubleshooting authorization issues at HANA DB level by using the Trace and the HANA context viewer.
· Expertise in HANA Database user security and permissions.
· Delivering SAP Security using ASAP Implementation Methodologies. Prepared and executed various phases of Implementation i.e. Project Preparation, Business Blueprint, Implementation, Final Preparation and Go-live & Support.
· Development and promotion of technical controls necessary for all components of SAP infrastructure, application standards, guidelines, policies, and procedures
· Periodic review and revision of application security roles to accommodate the changing needs of the business
TECHNICAL SKILLS
|
Technologies |
SAP R/3 BW, CRM, SRM, EP, BI, BOBJ, HANA, /S4 HANA FIM, BPC, BFC, ICS, SRM, Bank Analyzer, BPC, Solution manger |
|
Ticketing tools |
HPQC, Remedy, HP ALM (defect manger), JIRA |
|
End Client |
Verizon Wireless |
|
Location |
Warren New Jersey |
|
Duration |
Dec 2017 to Present |
|
Role |
Sr. SAP Security Consultant |
|
Environment |
ECC R/3, SCM, IS-Retail, BI/BOBJ4.2, HANA Fiori, PO, GRC 10.1,Solman |
Verizon wireless having more than 1700+ Stores located across USA with a user base of 10000+
Users handling day to day activities in stores, supply chain activities, procurement etc.
· Managing overall Access Control policies across all enterprise level applications ensuring appropriate builds, separation of duties, etc
· Implement security policies, process, audits, SOX, and SOD concepts
· Maintaining, update, and configure applications using risk analysis tools.
· Support on-going audits, providing access to analysis of reports, findings, etc.
· Working on SAP security architecture and role-based authorization models for SAP ECC,Retail SCM, HANA BW/BI, Portals, PI/PO, Solution Manager
· Working on troubleshooting the missing authorization/roles in SCM, BI, BW, HANA
· Working with the Idm team in mapping of roles to positions and user provisioning in production systems.
· Marinating SAP roles and related authorization based on specific to each store, site, location/ area, over all access and reports.
· Security reports in BOBJ , Managing user groups, folders, access levels / custom access levels.
· Securing HANA SQL analytical privileges based on the calculation views and HANA data securing.
· Working on SAP GRC modules such as Access Risk Analysis (ARA), Emergency Access Management (EAM)
· Identifying risk related access and mitigating the risk using GRC tool.
· Managing and leading small teams
|
End Client |
PayPal Inc, |
|
Location |
San Jose, CA |
|
Duration |
Jan 2016 to September |
|
Role |
Sr. SAP Security Consultant |
|
Environment |
ECC R/3, BI/BOBJ4.2, HANA SPS11, Bank Analyzer, NetWeaver Gateway, UI5, Fiori Apps, GRC 10.1, Solman |
Responsibilities
· Implementing SAP security best practices and standards
· Working with ETL team, providing access to ETL system ids, trouble shooting access related issues during data transfer and migration to HANA HDB
· Enabling HANA audit policy whenever required and analyzing the audit reports regarding changes made on schemas/view/tables etc.
· Working with the testing cycle phases SIT/performance /UAT testing phases, preparing test cases.
|
End Client |
Marathon petroleum corporation, USA |
|
Company |
Wipro |
|
Location |
Bangalore, India |
|
Duration |
Sep’ 2014 – Sep’ 2015 |
|
Role |
Technical Lead |
|
Environment |
ECC R/3, HR, BI, BOBJ, HANA, SRM, Solution Manager |
Responsibilities
· Worked as technical lead for a large implementation and post go live support involving ERP ECC, SAP BW/ BI, BO SRM, CRM, MDM , Roles & Authorizations
· Worked on role Enhancements, maintenance of authorizations and work bench requests (Su24 Changes)
· Performed transports and mass transports of roles and CATT scripts for mass user creation.
· Find out missing authorizations using SU53 report and trouble shooting
· Setting up SAP audit logging, and performed periodic review of logged activity
· Perform annual SAP licensing administration and liaising with SAP Basis Support
· Initiated Re-design and related strategy for audit issues and preparing RCIS documents
· Leveraged SOX tools like GRC 5.3, GRC 1.0 access control and SAP Customer Activity Repository
· Validation of GRC access control and Risk reports on bi-weekly and monthly
· Assisted in Annual and Quarterly ICS security validations, performing segregation of duties (SOD), Critical Action (CA), Critical permission (CP), analysis and remediation.
· Strong SAP Implementation and Administration experience with Governance Risk and Compliance (GRC) Access Controls for SAP applications (ARM, ARA, SPM and BRM)
· SAP GRC 10.0 or 10.1 implementation and support
· Involved in SOD Assessment and Remediation Process and Role maintenance in Sun IDM dashboard
· Preparation of estimates for role build activities and testing
· Mapping of users to user groups, roles to users in SAP Enterprise portal systems
· User authentication, maintain User groups, access levels, custom access levels, access to folders and users creation in CMC
· Migration of report objects, folders, groups, connections, using promotion management across landscape
· Designed Restrict and Control authorizations for HANA DB objects and Packages/Contents based on System Privileges, Objects Privileges and Analytic Privileges for various Schema Users
|
End Client1 |
Lloyds Banking group (U.K) Jul’ 2012 – Sep’ 2014 |
|
End Client 2 |
GE Energy USA (M& CS) Dec ‘2011 – Jun’ 2012 |
|
End Client 3 |
Department of Corrections, (NZ) Apr ‘2010 – Nov’ 2011 |
|
Company |
HCL Technologies |
|
Location |
Bangalore, India |
|
Duration |
Dec ‘2011 – Jun’ 2012 |
|
Role |
Consultant |
|
Environment |
ECC R/3, BI/BOBJ, CRM, SRM, GTS, GRC, BPC GRC 5.3, GRC 10.0 |
Responsibilities
· Designed role matrix across system landscape.
· Created SOD matrix
· Performing SOD Conflict Analysis
· Organizational level authorization fields and derived role design and maintenance
· Working with analysis authorization using RSECADMIN tool
· Creating and assigning analysis authorization to users in BW, BI/BOBJ
· Involved in different phases in UAT
· User groups, and users creation in CMC
· Migration of report objects using promotion management across landscape.
· Marinating the BO servers in CMC
· Assigning groups to users and setting up alias in BO 3.1 and BO 4.0
· Authentication of users in BOBJ, ICS, BI4 and FIM environment
· Creating of data access groups, filters in application
· Analyzing and solving access related issues to reporting users like power users, end users and developers in BOBJ, BI4.
· Resolving of authorization related defects raised by users for BI, BOJ, BPC, FIM BI4 and FIM applications
· Worked with Business process owners to understand business processes in order to determine Security requirements
· Analyzed and creation of role matrix for GTS 10.0
· Designing and creation of Single, Master and Derived Roles
· Object level maintenance in SU24
· Extensively used Su53 and ST01 Transactions in Trouble Shooting Authorization Check and Interface Checks, custom transaction
· Performed transports and mass transports of roles and Used CATT scripts for mass user creation
· Re-designed role as per the compliance check
· Worked on GRC GTS access control process
· Assisted users in testing phases like UAT and SIT
· Used traces and display authorization checks reports for resolving the end user problems during UAT phases.
· Coordinated with super users and users on testing unit test cases.
· Simulated User based, Role based background jobs in RAR Tool to Identify Any SOD issues.
· Prepared process documentation, identified process control owners and reduced the gap
· Migrated SOD ruleset from other system to GRC
|
Client 2 |
Tata Capital Mach 2009 to Mar 2010 |
|
Client 2 |
Sahara Petro Chemicals Aug ‘2008 to Mar 2009 |
|
Company |
Tata Technologies |
|
Location |
Dhamam, Saudi Arabia |
|
Duration |
Aug’ 2008 - Mar’ 2010 |
|
Role |
SAP BASIS Consultant |
|
Environment |
SAP ECC R/3, Solution Manger, BW, CRM, MDM,EP |
Responsibilities
· Role matrix design analysis/creation,User Access control, Extensive User of SUIM and PFCG
· Carried out testing of roles assisted testing team in UAT phases
· Maintain SAP security policies and documentation
<tr style="height:13.45pt
|
Client |
Surana |
|
Company |
Trutech |