Re: SAP Security Consultant available for Project anywhere in United States

Thread: Re: SAP Security Consultant available for Project anywhere in United States

Search this list only Search all lists
Re: SAP Security Consultant available for Project anywhere in United States
	2007-07-11 23:32:11

Hi, I am ravi, having exp in .net 3yrs. i am planning to move to SAP NetWeaver ... please can give me an idea scope of SAP NetWeaver ... ravi   On 7/9/07, leena < jazdgngmail.com">jazdgngmail.com> wrote: Contact: jasleendgntechnologies.com">jasleendgntechnologies.com Phone: 480-704-4582      SAP Security Consultant_ SUMMARY ·       Overall seven years of experience in  IT Industry, with subject to SAP security including R/3 Security is around 5 years & 2 years in Oracle Applications Release. Extensively worked with Sarbanes-Oxley (SOX) Compliance - SAP business processes, transactions, control infrastructure and financial reporting process. Performed role remediation and user remediation under Segregation of Duties (SOD) and Profile Generator (PFCG). ·       Other work areas involved role, profile creation/maintenance, user administration, access control using authorization objects, user reconciliation, CATT scripts. · ;     Experience as SAP Security Administrator integrating SAP technologies ·  ;   Performed regular project progress assessments and produced status reports to the client, highlighting any risks and presenting a plan for proactive risk reduction. ·       Developed SAP security profiles and authorizations. ·    ; Configuration of SAP Security parameters and privileges. ·     Monitors SAP access compliance and violations. ·     Worked with SAP Central User Administration (CUA) and maintained user master records ·       Collaborated with other team members and business representatives to ensure that security settings met the requirements of the business and aligned with the defined controls and standards ·       Prepared the transaction grouping strategy based on general access, general functional/display report access and specific functional access ·    ; Secured day to day background jobs based on user logon date, password change, role assignment, authorization changes and changes to master records ·  ;   Designed security related to tables for roles and role definition, transactions assigned to role, user role assignment, organizational values assigned to roles, authorizations in role with field values. ·       Set up Profile Generator, roles/authorizations/profile, operation modes, user master. TECHNICAL SKILLS: SAP Skills:    SAP Security and Sales and Distribution module SAP version:    SAP R/3 ECC6.0, ECC 5.0,4.7, 4.6C,4.6B Specialization: Security(R/3 and SD/MM), CUA, Profile Generator, User ;       Maintenance, Authorization. Office Tools ;   MS OFFICE(MS-Word,MS-Access,MS-Excel,PowerPoint) Databases:      SQL, Ms- Access 2000/97, Ms-Sql Server2000 Languages:     Visual Basic 5.0, Visual Basic 6.0, C, C++,PL/Sql, Web Services, Web Servers:  Windows 2000 Professional server, Windows 95/98 WORK EXPERIENCE: Currently Working Apr-06 - Tilldate    ; Hillyard, Inc. St. Joseph, MS   Security Analyst Environment - SAP R/3 ECC 6.0. ·      Made custom objects security relevant and checked for the appropriate info cubes. Naming convention to secure queries. · ;     Created workbook roles and added workbooks and web reports to it. Supported and maintained R/3 and BW security. ·       Day to day technical support and resolution of security issues on roles · ;     Extensively worked with Sarbanes-Oxley Compliance Strategy Management related to SAP business processes, transactions, control infrastructure, financial reporting process. · ;      Remediation of Segregation of Duties (SOD) within SAP implementation, VIRSA Systems VRAT tool (Compliance Calibrator 4.0), Profile Generator (PFCG), Developing Roles and Profiles, User Administration. ·     Converting Profiles to different types of Roles (Single, Derived and composite) · ;     Worked with Profile Generator in creating single roles, profiles, composite and derived roles ·  ;   Perform reconciliation of user master record and roles using PFUD and SUPC. ·      For analyzing and applying new system security parameters ·       Adding new transactions representing additional functionality to the roles ·     Cleaning and adapting the roles (Merging, Renaming and Testing all the new roles with the functional and key-users) ·       Ensuring that all existing reports, transactions and authorizations still function as expected in the new release of SAP. ·      Creation of Authorization Groups to restrict the R/3 table access and program access and review and correction of sensitive authorizations (S_TABU_DIS, S_USER_TCD etc.), including assignment of authorization for sensitive tables. ·  ;   Review and adjust the validation process (add transaction, unlock user, assign roles, etc) ·      Assist users with access problems and questions using SUIM and SU53. ·  ;   Involving project teams and key-users in the upgrade process ·  ;   General design, process map analysis, detailed design. ·  ;   Writing of all security procedures and the policies. ·       Evaluated Central User Administration functionality and feasibility. ·  ;   Resolve user's daily problems (lock, unlock, and reinitialize passwords, no access to a transaction.) · ;   Responsibilities included running security reports for critical transactions and objects and for passive users. · ;     Involved in the identification of Key controls, Risks and SOD issues. ·     Implemented and established standards for custom authorization objects ·       Troubleshoot security/authorization related problems using SU53, ST01, RSSM (for BW) and SUIM ·      Responsible for day to day technical support and resolution of security issues ·    ; Scheduled security background jobs that generate reports Aug-05 - Mar-06 US AIRWAYS, PHOENIX. AZ Security Analyst Environment - SAP R/3 4.7, SD, MM. ·      R3 authorizations : put in place security policy and construction of roles · ;     Participation to the new projects and extensions, design the new roles as necessary ·     Support functional teams in resolving Security & Control Issues ·    ; Provide diagnosis and troubleshooting when an issue is raised, liaising with key users ·      Regularly check the situation by running needed control programs, checking logs, etc · ;     Created and maintained custom Parameter transaction codes for programs using SE93 ·      Performed troubleshooting for security/authorization related problems using T-codes like SU53, SUIM, SU24, ST01 ·    ; Performance tuning of all R/3 Instances , Performed memory management on Instances when necessary. ·       Performed comprehensive SAP security Implementation with Profile generator. Configured all R/3 system for use of profile generator. ·   ; Activity group maintenance and configuration. · ;     Generating and maintaining authorization profile when necessary. ·       Assigned users to position in the organization plan. ·      User master record update, Setup organizational plan. ·  ;   Transport activity groups, authorization component. performed update on user master record. ·  ;   Managed & secured table access for end user through SE16 ·      Responsible for day-to-day support issues in Access Control- Authorization Groups (SM30, TBRG table) ·    ; Role design and security policy strategy · ;     Performance Troubleshooting existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets. SEP-04 - AUG-05 Symbios Logic , Santa Clara, CA SECURITY ANALYST Environment- SAP R/3 4.6C, SD, MM. ·      Evaluated the SU24 based authorization maintenance procedure and made enhancements to include custom programs, tables and transaction codes ·    ; Perform regular system audits to detect deviations of established procedures, role mapping, and unauthorized changes to the SAP security and report finding to management. ·     Involved in the identification of Key controls, Risks and SOD issues ·    ; Evaluation and recommendation of SAP menu vs. user menus. ·    ; Followed the established standards and naming conventions as dictated for the Clients security schema. ·  ;   Involved in trouble shooting R/3 security problems by using different scenarios such as system trace, parameter change, buffer reset, SU53 and SU56 ·      Created new and edited the existing Activity Groups as per the requirements coming from Help desk which involved the inclusion of transactions in the menu tree ·      Established security testing procedures and tools ·      Resolve issues arising from testing using system traces and dumps ·  ;   Cleaned up and optimized security Roles ·      Worked on procedures and applications of dual-maintenance of security changes. · ;     Conversion of manual profiles and implementation of role based security, including IM department. Evaluated and used SAP standard roles as templates for custom roles. ·    ; Complete overall support including design and implementation for all security needs on R/3 for all User ID and Role builds for SOX compliance ·      Worked extensively with Profile Generator (PFCG) for creation and maintenance of single roles, composite roles, derived roles and template based roles and profiles · ;     Carried out a detailed analysis of Segregation of Duties (SOD) Matrix for the security developed in SAP and resolved SOD conflicts for SOX compliance ·       Worked on User maintenance (User creation/deletion/lockdown/password management) JUN-02 - AUG-04 Unocal Energy, Sugar Land, TX   SECURITY ANALYST         ;   EnvironmentAP R/3 4.6B SD · ;     Developed CATT scripts for mass user creation and role assignment ·       Worked with Business Process Owners to restrict sensitive transactions and security authorizations and ensured segregation of duties across business areas. Created segregation of duties and single critical transaction policies for IT security · ;     Analyzing and evaluating the technical security requirements for SAP R/3 Security. ·     Extensively interacted with the functional teams in the process of creation of roles Matrices for SD/MM the modules. · ;     Worked on CUA administration and maintenance. ·   ; Worked on SAP Check Indicator Defaults, Field values, and maintained check indicators for Transaction codes using (SU24). ·  ;   Extensively used Profile Generator (PFCG) to create single roles and derived roles profiles for various modules such as FI, MM, and SD. · ;     Extensively worked on Authorization objects, fields, authorizations, authorization profiles. ·       Developed control and strategy with focus on SOX. ·      Working with respective functional heads for SOD tools & security changes based on SOX violations at tcode level & object level. · ;     Responsible for the developing roles, Composite Roles and derived roles using the Profile Generator (PFCG). ·  ;   Assigning transactions in roles as per business requirements and setting up authorization fields. ·       Used Profile Generator to effectively restrict user access to specific Business Areas. ·    ; Performance Troubleshooting existing user roles, security objects and authorizations to resolve security conflicts, supporting users, setting up new accounts, password resets. ·  ;   Designing and documenting security administration policies and procedure for the production environment. ·   ; Troubleshoot security/authorization related problems using user information system (SUIM) and Display Authorization Data (SU53). ·  ;   Used System Trace (ST01) to record authorization checks in different sessions. · ;     Work with Functional specialists to help them understand what SAP authorization objects are causing the conflicts and what all options exist for mitigating the conflicts. ·       Knowledge of Context based authorizations. ·      Used Transport Management System (STMS) to perform transports between clients within R/3 system. ·  ;   Worked with SAP Check Indicator Defaults and Field values, reduced the scope of authorization checks using transaction code SU24 and maintained check indicators ·       Used derived activity groups to create new activity groups and performed transfer of transaction codes from old groups to new groups ·    ; Created new and edited the existing Activity Groups as per the requirements coming from Help desk which involved the inclusion of transactions in the menu tree ·      Worked with Profile Generator in creating single roles, profiles, composite and derived roles. ·    ; Created users and maintained user master and established security policies and procedures. · ;   Effectively analyzed trace files and tracked missed authorizations for user access problems and manually inserted missing authorizations · ;     Assisted in SAP system audit and documentation of Significant Processes and controls · ;     Continuously improved security configuration to reflect best practices and to prepare for system audits ·    ; Created and maintained authorization groups for tables and programs using SE54 and SUCU ·      Resolved many missing authorization issues by analyzing the SU53 screen shots ·      Established security testing procedures and tools ·      Evaluated Central User Administration functionality and feasibility · ;   Distributed user master records including migration of existing users · ;     Documented procedure for different security processes such as creating table and program authorization groups, adding transaction codes to company menu, change user authorization request form, new user request from and security profile maintenance procedure. Apr-00 - Jan-02        Dell Inc, Round Rock, TX     ; TECHNICAL ANALYST Environment:-  Oracle Modules 11i INV, PO, Order Management WIP, BOM, AP, AR, GL, Oracle Alerts, System Administration. ·      Provided Production Support for  Oracle Manufacturing modules (INV, PO, BOM, WIP, Order Management) & Oracle Financial modules (GL, AP, AR). ·       Troubleshoot user issues and problems on a daily basis. ·    ; Provide users with prompt solution. ·       Coordinate issues on TAR's to oracle support and analyze patches required to fix issues. ·       Provide technical and functional regression tests in light of patch application to production copy. ·      Deploy Oracle Alerts to proactively monitor system. ·  ;   On-call and month-end support to Production Database. ·     Provide development or enhancement of custom objects to accommodate custom process and its testing as per the user requirement. ·   ; Provide System Administration functions such as Setup custom responsibilities and menu structures as per the guidelines of Sarbanes- Oxley. ·  ;    Perform Purge & Archive of obsolete data using a combination of Oracle standard API and custom code. ·      Monitor system performance from System Administration and build alerts to notify abnormal activity. ·     Support Physical Inventory activity. Prepare and maintain documentation of regression tests, custom development and change control. ·      Roles to Implement AR, GL and FA and few part of AP End · ;     User training & Preparation of Documentation relating to modules,Preparation of User manual for end user, Preparing Functional Documents for Report Customizations EDUCATION: Bachelor of Commerce - Accounting GNIIT - Systems Management Oracle DBA Training Oracle Financials Training References:   Available upon request. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "C# Developers" group. To post to this group, send email to CSDevelopersgooglegroups.com To unsubscribe from this group, send email to CSDevelopers-unsubscribegooglegroups.com For more options, visit this group at http://groups.google.com/group/CSDevelopers -~----------~----~----~----~------~----~------~--~---

[1]

about | contact Other archives ( Real Estate discussion Medical topics )