shravan
-
Upload
shravan-kumar -
Category
Documents
-
view
30 -
download
0
Transcript of shravan
SHRVAN KUMAR KODURU Mobile: +91 8019749987
Email: [email protected] SAP GRC AND SECURITY CONSULTANT
Objective:
To secure a challenging position in an organization which encourages career and
enhances growth and polish my human skills to use the same for the growth of the company with
utmost dedication while gaining valuable experience and training.
SAP Security Skill set:
Having 3.8 years of experience in SAP security for various environments like R/3, ECC, HR,
Governance Risk and Compliance (GRC).
Experienced in the areas of User administration, Role management, development and
troubleshooting, Testing and Reports generation in Security environment.
Experience includes analysis, development, and maintenance of SAP Security in SAP R/3,
ECC,HR, & GRC(Governance Risk and Compliance)
User Administration - Includes user creation, deletion, changing user access for different sys-
tems and environments, Mass user administration.
Experienced extensively in using PFCG in creating and modifying Single Roles, Composite
roles and Derived roles.
Working on role changes as per the business requirement.
Maintenance of Derived roles based on the Organizational Values differentiation.
Roles Transportation
Performed User Master Reconciliation for mass roles in bulk.
Making user administration easier by using User Groups.
Maintenance of authorization objects for transactions.
Effectively analyzed trace files and tracked missing authorizations for users access problems.
Expertise in Troubleshoot users access problems.
Proficient knowledge on USR* & AGR* tables.
Having good exposure on HR security.
Experienced extensively in User Information System.
Analyzing system security status and providing recommendations to avoid any kind of vul-
nerabilities and mall practices in the system.
Good enough in using compliance tool like GRC.
[email protected] Page 1
Governance, Risk and compliance Ac 10.0:
Access Risk Analysis.
Emergency Access Management.
Access Request Management.
Enterprise Role Management.
HR Security Exposure:
Position based role assignment and PD profile assignment. Mapping personnel numbers with SAP login id. Knowledge on HR authorization objects & basic info types. Troubleshooting HR issues.
Educational Qualification:
MCA from Osmania University, Hyderabad.
Professional Experience:
Working as a SAP Security consultant with Hora Software solutions from Aug 2012 to till date.
Technical Skill set:
ERP : SAP ECC, HR.
Compliance tools : Governance Risk and Compliance 10.0.
Project -2 Project Nissan southafrica Designation SAP Security and GRC Consultant. Duration Dec 2013 to Till Date
Client Profile: Nissan counties its quest to optimize product development and deliver highly innovative technonolgy. Today, in various countries and regions around the world, we enjoy a stellar reputation for creating truly innovative vehicles and service programs.
[email protected] Page 2
Deliverables
Compliance Activities in GRC :
Risk Analysis and remediation ( RAR ).
Identifying potential SOD conflicts at different levels. Knowledge on Scheduling background jobs to provide organization wide compliance
status report to SME’S as per schedule base. Providing violated transactions authorization to users for specific period of time.
Super User Privilege Management ( SPM ).
Creation of Firefighter id’s. Providing firefighter access to the users as per requirement. Generating firefighter log report on periodic basis.
Access Control 10.0 Support Responsibilites.
Scheduling Background Jobs. Role owner changes. Import role to Grc system. Defining mitigation monitor. Mitigation control maintenance. Performing Risk analysis in simulation mode. Generating Access Rules. Updating Rule set as per the business requirement. Creation of custom risk id’s & functions as per the business needs. Defining Access Control owners. Creation of Mitigation controls as per the Organization Risk management strategy. Designed GRC Roles. Configuration of EAM Application. Creating FF id’s, Owners, Controllers as per the defined strategy. Create BRF+ rule IDs for defining MSMP workflows. Define different types of MSMP workflow as per business requirement. Monitoring ARM on daily basis. Performing Risk Analysis at various levels and taking necessary action on identified Risk. SOD report generation. Trouble shooting access request related issues.
SECURITY. User Administration Role Administration Troubleshooting authorization issues of ECC. Generating various reports Creation of authorization Groups as per the business requirement. Providing table access to the users.
[email protected] Page 3
Transporting Roles. Position based role assignment and PD profile assignment. Mapping personnel numbers with user’s normal SAP login id. Ramping up junior level consultants to deploy them on project engagements. Performing audit on scheduled basis. Interacting with client to understand the business requirement. Providing access to custom transactions. Providing security to custom transactions. Creation of analysis authorizations.
Project -1 Project SPX Corporation Designation SAP Associate Security Consultant.Duration Oct 2012 to Nov 2013
Project Profile : Spx corporation is, along with its subsidiaries, a diversified,global supplier of infra-structure equipment with scalable growth platforms in heating, ventilation and air conditioning(HVAC),and detection and measurement markets,and a strong presence in power and en-ergy markets.
Deliverables:
User administration. Role administration. Creating users and assigning approved roles by SME’s. Understanding user requirements and assigning the suitable authorizations. Assigning proper roles to the users as per the missing access report received. Extending validity periods for the expired users on proper approvals. Creating, modifying , deleting , and assigning single roles , composite roles and derived roles. Working on role changes as per the business requirement. Troubleshooting authorization issues of ECC. Transporting Roles. Providing access to custom transactions. Providing security to custom transactions. Creation of authorization Groups as per the business requirement. Generating various reports. Creation of analysis authorization. Providing table access to the users. Generating various reports.
[email protected] Page 4