Candidates About
Shushma Myla
Sr. SAP Security and GRC Consultant
- Having around 10 plus years of experience in IT including 9.6 years in SAP as a SAP Security and GRC Consultant.
- Extensive knowledge of all aspects of SAP Security and Authorizations, User Management, Profile Generator, User Administration, Monitoring, Troubleshooting and User Tracing.
- Worked on Hana Security in setting up Users and Repository Roles.
- Worked on SAP HANA BW Security with Composite Providers, with new Object released for BW HANA.
- Worked Extensively in Portal & CE environments in setting up Groups.
- Ability to work alone or in a team depending on the complexity of the situation in pre Go-Live & Post-Live situations of SAP implementations.
- Resolved Security Administration issues and provided support to SAP Core teams and End user Community in DEV, QAS & PRD Environments.
- Preparing Security Cutover plans for moving from DEV to QA, PRD Environments.
- Worked extensively on Finance audit on financial controls.
- Implementing security with reference to SOX Compliance requirements and standards.
- Worked on support and troubleshooting, dealing with SAP security on a day-to-day basis for production support.
- Have the experience in handling errors and issues faced in the GRC 2010 module implementation.
- GRC 10 set up for Workflows, Risk analysis and configuration.
- Performed End-to-End testing for all functions in GRC 10.1.
- Experience in different business scenarios, matrix of SAP roles and functional roles, and creation of single and composite roles for different user groups.
- Worked extensively on BPC, creation of Task Profiles, Data Access profiles and Teams based on the requirement from the Business.
- Good Understanding of business processes, controls, compliances and regulations, and segregation of duty concepts in an SAP ERP environment.
- Created OSS Message, OSS ID, Generating Developer & Object keys, Registering Objects in service marketplace (Service.sap.com).
- Worked on procedures and applications of dual-maintenance of security changes, conversion of manual profiles and implementation of role based security.
- Ability to Define, develop and communicate security project plan with tasks, level of effort, milestones, timeline, and deliverables.
- Experience with CUA (Central User Administration) in maintaining user master records.
- Experienced in Security for SAP R/3 versions 4.6C, 4.7, ECC 5.0, ECC 6.0 with exposure in SRM 5.0 and BW/BI 7.1 and BPC Security.
- Excellent problem solving skills, team player with good communication skills.
- Worked closely with process owners, end users, developers and IT/Business team members to design effective SAP access solutions for ongoing support of the SAP projects & environments.
- Quick learner, efficient communication skills, problem solving and analytical skills.
- Possesses a good overall understanding of systems environments and relevant processes along with sound analytical skills.
- Strong interpersonal skills to work well on cross functional project teams and commitment to tasks.
- Strong experience with Profile Generator of 4.6C, SAP R/3 Security aspects, management and check of special user ID’s and password management.
- Experienced with Activity Group Creation using PFCG, Profile Generator, Master/Derived role Generation, Users Account creation & assigned role/activities to users.
- Managed Service Market Place users, developer and access keys registration maintenance of service connections for SAP access
- Knowledge in client – server programming skills and extensive database analysis designing.
Technical Skills:
ERP
|
|
SAP Tools
|
|
Languages
|
|
RDBMS
|
|
Tools
|
|
Platforms
|
|
TRAININGS/CERTIFICATIONS
- SAP TechEd 2011 – SAP GRC 10.0.
- SAP Security and GRC Excellency Award.
- SAP TAC Team certification.
- Completed training in SAP for GRC 5.2 and implemented GRC 5.3.
- Completed training in SAP Labs for SAP Net weaver Security training in ADM940, ADM950, ADM960.
- Completed Hana Security Training.
- Eminence and Excellence award from IBM Corporation.
PROFESSIONAL EXPERIENCE
Apple Inc , Sunnyvale, CA Apr2016 to Till date
Role: Sr.SAP Security & GRC Analyst
- Responsible for monitoring the production support queue and ensuring timely resolution.
- Working on SAP Process Orchestration (PO) Java stack POC, setting up Groups and Users for Business and Technical Team.
- Worked on Solution Manager Upgrade with pulling SU25 and validating New Objects, and making the necessary changes to the Technical and Business Teams Roles.
- Worked on BW SP upgrade. Worked Extensively with Tech Team for the New Objects and testing.
- Working on Personas.
- Worked on APO/SNC Support Pack upgrade.
- Worked on Creating New Analysis Auth Objects in BW, based on Business need.
- Worked on Implementing SAP Notes, suggested by Onapsis, after running the Reports on Onapsis Tool (Worked on Both Monsoon and VMware).
- Configured SAP Systems with Onapsis tool.
- Worked on BPC for creation of Task Profiles, Data Access profiles and Teams based on the requirement from the Business.
- POC for Auditing Requirements/SOX- Pulling reports for auditors and trying to make it compliant. Working on any new SAP recommendations
- Eliminating Security related issues per the Early Watch Reports
- Extensively working on PFCG on designing roles for enhancements related Projects (On-going activity)
- Leading the team of 5 resources and providing support to team.
- Extensively worked on GRC ARA.
- Used Ticketing tools – Service Now, Espresso, RADAR.
- Troubleshooting of user roles, tracing with STAUTHTRACE and STUSERTRACE, the users security authorization objects
- Involved in testing of newly implemented GRC BRM tool, reporting any issues, ensuring it is behaving exactly the same as PFCG.
- Trained on SAP HANA Security.
- Maintained authorization object assigned to tcodes using SU24 to meet the business requirements and to make sure the best practices are followed.
Columbia Sportswear, Portland Mar2015 to Mar2016
Role: Sr.SAP Security Analyst
· Worked on Hana Security, setting up authorization for Composite providers for COPA, GL and inventory Modules, and worked on new authorization objects in BW 7.4 on Hana.
· Implemented and worked on Data level security for SAP BW.
· Worked and Supported GRC 10.1 testing and implementation.
· Designed, developed and implemented role based security for SAP implementations working with process team members to determine roles and responsibilities for multiple functional areas, using profile generator, configuring security tables and parameters for profiles and authorizations for assignment to end users.
· Worked on pulling Audit data for auditors.
· Worked on Change request for Role Changes or new developments.
Working on BPC role Setup at Frontend Task Profile, Data Access profiles, Teams etc.
· Worked extensively with Business users for trouble shooting the issues.
· Worked on SAP BO and CMC for setting up groups and users.
· Proposed a new model for CMC Folder Structure and Group redesign
· Develop segregation of duties (SOD) model and resolve SOD conflicts.
· Worked with functional and business teams to develop new roles and authorizations.
· Worked Extensively on Role design for New Business go-live
- Worked on SAP check indicator defaults and field values, reduced the scope of authorization checks using transaction SU24 and maintained check indicators for transaction codes.
- Troubleshoot security / authorization related problems using SU53, ST01 and SUIM.
- Pulled reports for Auditors.
- Worked on Role Changes for ECC and BW.
· Analyze business roles and mapped them to transaction code according to business processes.
Bank Of America Charlotte NC Aug2012 to Mar2015
Role: SAP Security Consultant
· Designed, developed and implemented role based security for SAP implementations working with process team members to determine roles and responsibilities for multiple functional areas, using profile generator, configuring security tables and parameters for profiles and authorizations for assignment to end users.
- Implemented GRC 10.0. Worked on Configuration Settings, workflow set up and BRF Plus.
· AC 10.0 - Enhanced Access Risk Analysis
· AC 10.0 - Centralized Emergency Access: Firefighter config, FFID assignments, workflow, email set up etc.
· AC 10.0 - Business Role Management: Business role mgmt., role methodology development, configuration of workflows for the BRM
· AC 10.0 - Access Request Management
· Worked on BRFplus creating initiator rule and decision table.
- Working on CUA Administration and maintenance.
- Worked on Creation of Business Roles and Uploading through Role import.
- Working on BI/BW Analysis Authorization Objects creation and maintenance.
- Worked on Info steward and ARM Standalone application.
- Working on Role Maintenance- Composite, Single and Derived Roles.
- Creation of new Mitigation ID based on requirement from Business.
- Working on BPC role Setup at Frontend Task Profile, Data Access profiles, Teams etc.
- Portal user administration - creating portal Groups, group mapping, KM permissions etc….
- Creating Sap Support User accounts and adding authorizations as required.
- Registering Developers and Objects at Service Market Place.
- Responsible for day-to-day technical support and resolution of security issues.
- Work on Role build and design as and when Business need through a Change Request.
- Worked with security related tables (AGR*& USR*).
- Involved with technical team in setting up SAP system for creating mass users, deleting mass users, locking and unlocking mass users.
- Analyzing and evaluating the technical security requirements for SAP R/3 and ECC Security
- Creation of Z Authorization objects, Auth groups etc.
- Accessed User info system (New user, Roles, Authorizations, User, T-Codes etc.) through SUIM regularly.
- Troubleshoot R/3 security problem by using different scenario such as system trace.
- Assist users with access problems and missing authorization using SUIM and SU53.
- Performed troubleshooting existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password reset.
· Worked on CUP, RAR, BRM, and SPM.
· CUP – CUP configuration, Workflow configurations, Administration of requests
· RAR- Risk analysis and configuration.
· SPM/EAM – Firefighter config, FFID assignments, work flow, email set up etc.
· Worked on SOLMAN 7.1 CHARM Tool Security.
· Worked on User Access Reviews.
- Worked on System Measurements for SAP Licenses
· Analyzed and replaced existing roles with new roles accurately matching business needs
· Performed gap analysis, conducted risk assessments, managed issues
· Worked on design and Build role development in ECC ,BW,GRC and Solman Environments
· Very good experience on Upgrading the SAP GRC Access Controls
· Prepared the Audit Reports through Process Control
· Experienced in non –technical security requirement and design build access based on functional requirements
· Worked on Security & Change Management
· Complete configuration of Compliant User Provisioning.
· Mapping Functional Areas to Initiators.
· Create/Maintenance of Automate Provisioning workflow stages and Paths
· Streamline Approvals through CUP Automate Provisioning
· Identifying real time SODs through Automate provisioning.
· Extensively worked with Sarbanes-Oxley Compliance - Strategy management related to SAP business processes, transactions, control infrastructure, financial reporting process. Remediation of Segregation of Duties (SOD) within SAP implementation..
· Develop segregation of duties (SOD) model and resolve SOD conflicts.
- Performed Proactive research regarding advances in technology to develop business case to promote use of technology advances.
· Supported successful internal auditing and document significant processes.
· Resolve issues in unit, integration, and system testing, along with test scripts.
Environment: Environment: ECC6.0, Solman 7.1 (Charm Security), GRC 10, BW 7.0, BPC 10, Remedy and HPQC
Applied Materials, SantaClara, CA Oct2010 to Jul2012
Role: SAP Security Analyst
· Worked with functional and business teams to develop new roles and authorizations.
· Designed and developed security roles in MM, SD and FI for various deployments.
- EHP upgrade for SAP ECC, BI. CRM, SRM, GTS, SCM,PI ,MDM (version Upgrade).
- Identify the potential roles affected due to upgrade and maintain the as is scenario of authorizations.
- Worked with business analysts and clean up the security roles to eliminate segregation of duties (SoD) conflicts using GRC Risk Analysis and Remediation tool.
- Prepared the training materials for End Users and Approvers (Manager, Role Owner).
- Conducted User Access Reviews for semiannual audit. Helped the internal and external auditors for quarterly and yearly audits.
- Performed User Management. Developed / maintained the activity groups and their assignment to users.
- Develop authorizations for the transactions for field level security.
- Monitored access to key authorization objects such as S_BTCH_ADM, S_ADMI_FCD, S_TABU_DIS, S_DEVELOP for debug access and etc
· Analyze all customer programs and transaction codes for authority checks.
- Assist the client in building procedures & processes for Sarbanes-Oxley (SoX) compliance.
- Configuration and Maintenance of Central User Administration.
· Implemented GRC Access Control Suite 5.3 for proof of concept which includes Compliant user provisioning, Risk Analysis and Remediation, Super user Privilege Management.
- Effectively analyzed trace files and tracked missing authorizations for user access problems and inserted missing authorizations manually.
- Worked on SAP check indicator defaults and field values, reduced the scope of authorization checks using transaction SU24 and maintained check indicators for transaction codes.
- Troubleshoot security / authorization related problems using SU53, ST01 and SUIM.
· Analyze business roles and mapped them to transaction code according to business processes.
· Completion of Post Installation Tasks for GRC 5.3.
- Continuously improved security configuration to reflect best practices and prepare for audit.
- Assist the client in building procedures & processes for Sarbanes-Oxley (SoX) compliance.
- Configuration and Maintenance of Central User Administration.
· Defined field attributes for user maintenance and transferred users from child to central systems.
· Supported Pre and Post Go-live security authorization issues faced by users.
· Running the Risk Analysis using RAR tool for the users prior to role assignment.
· Performed weekly and monthly job administration with reporting of jobs status to business users.
· Creation of Firefighters and assigning the same to the users for the Go-Live and Post Go-Live.
· Recovered batch jobs on daily basis and escalated calls to respective teams; worked with teams until bug was fixed.
· Performed User Management. Developed / maintained the activity groups and their assignment to users.
· Troubleshot authorization problems using Repository Information System, Profile Generator using PFCG and Tracing authorizations using SU53 and ST01
· GRC Administration (Helping the users in Creating Access requests after the go live).
· Mitigation ID creation for the new risks coming up in the System and assigning it to the users.
· Created BW Authorization Objects and developed roles for power and reporting users.
· Created and modified CRM & GTS roles as per business requirements.
· Performed Licensing audits using Licensing Administration workbench (SLAW)
· Worked extensively on Central User Administration [CUA] for user management
Environment: EHP, ECC6, GRC 5.3 SAP Solman 7.1 R3 4.7 EE, BW/BI, UNIX IBM-AIX, SAP Net Weaver, DB2 9i, Remedy.
Baccini SPA (Acquired by Applied Materials) Mar 2010 – Sep 2010
Role: SAP Security Lead
- Design and creation of Roles based on the functional specs provided by Business.
- Creation of Users and assigning the roles through CUA, prior to Go-Live.
- Running the Risk Analysis using RAR tool for the users prior to role assignment.
- Creation of Firefighters and assigning the same to the users for the Go-Live and Post Go-Live.
- Created required roles for accessing SAP for material management and financial accounting departments.
- Effectively analyzed trace files and tracked missing authorizations for user access problems and inserted missing authorizations manually.
- Modified user access based on requirements for SU53 transaction snapshot after seeking manager’s approval.
- Reviewed critical and sensitive authorizations, implemented improvements that met audit requirements.
- Open SOD removals, if found any in production, post go-live, by Mitigating or remediating.
· Analyzed and fixed root cause of authorization problems.
· Evaluated Central User Administration (CUA), set up SAP R/3 Security environment.
- Supported Pre and Post Go-live security authorization issues faced by users.
- GRC Administration (Helping the users in Creating Access requests after the go live).
- Mitigation ID creation for the new risks coming up in the System and assigning it to the users.
Nestle, Glendale CA May 2009 – Feb 2010
Role: SAP Security Consultant
- User Management: Creation of SAP Users, Renaming, Deleting, validity restricting, user profile maintenance.
- Role creation, Role copy, Derived and Base roles. Composite, Simple, Role creation for functional users and end users.
- Missing authorizations: Analyzing missing authorizations using SU53 and ST01
- Mass user maintenance using SU10.
- Reviewing basis critical authorizations/objects in production servers to analyze and rectify excessive/critical authorizations.
- SAP security Audit data maintenance – Record keeping of critical user creation evidences, approvals etc.
- Configuration of Central User Administration (CUA)
- Role transport, download & upload
- Object level knowledge of basis authorizations.
- Monthly review of critical authorizations
- Active user & Inactive user report preparation using SUIM.
- Various user report generation using SUIM.
- Monitoring the Ticketing Tool and worked on Tickets for Support Team.
- Periodic Interaction with client/functional teams to understand and enhance sensitive authorizations in SAP production servers.
- Preparing standard operating procedures (SOP) for new processes.
Environment: R3 4.7 EE, ECC6, SRM, GTS, GRC, EP, XI/PI, SCM, MDM, ADS, UNIX HP-UX, Win 2003, SAP Net Weaver, Oracle 9i/10g, Remedy, Live link, IXOS, Lotus Notes
Company: Mahindra Satyam Computers Aug 2007 – Apr 2009
Industry: IT services, India
Project Description/Scope: Implemented Security for different clients like – Nestle, Unilever and Centre of Excellence (COE).
- Security implementation for ECC system.
- Changes to the existing design with new role naming convention.
- Role Design and Changes as and when needed by the Business.
- Access restriction to the roles based on the SOD matrix and re-creation of the new roles.
- Extensive use of CUA for