Nagaraju Surepalli                                          Mobile : +1 414 877 4015             

SAP Security GRC Consultant             E-mail: nagaraju.surepalli@gmail.com

Professional Experience

Around 8 years of experience in IT Industry, which Includes as a Position

in Development, maintenance and enhancement projects in SAP Security and GRC.

  Good experience in SAP ECC /BI/CRM/Portal/MDG/FIORI Security

Authorizations for Manufacturing & Pharma Utilities Companies as a SAP Security

GRC Consultant covering several major and complex SAP Security GRC AC projects.

Performed multiple troubleshooting and strategy type engagements around SAP Security Administration / GRC AC Configuration.

Good understating of GRC SOD / SOX / Security Assessment / SAP Authorization / Roles. Work Experience on GRC AC 5.3 and GRC AC 10.1 components. Interfaced with audit team to ensure risk-mitigating controls are in place and operating effectively.

Expertise with Incident managements tools like Remedy, HP SM7,HP ALM/JIRA ticking tools.

ECC Security
 

·  Experience of SAP R/3 ECC Security configuration, design, development, testing, implementation and production support.

·  Maintenance of User Master Records, Profiles, Authorizations

          Role Design, Testing and Implementation.

·  Extensive experience in User Administration and Role Assignment in CUA.

·  TMS and transporting roles between R/3 Clients and Systems.

·  Working on Master – Child Derive role, Enabler Roles, Business Roles

·  Working on CUA child system setup configuration

·  Working on RFC, IDOC issues, Authorization issues, BG Jobs issues

·  Involved in gathering BPO Security Requirement for Role Design

·  Involved in to design Functional specs and technical Design Docs part of Security
 

BI and CRM/HR Security

·   Worked on BI Security auth Objects, Analysis Authorization concepts

·   Worked on Info Provider/Info cubes on BI

·   Worked in CRM 7.0 web UI components configuration and authorizations

·   Role design for Business Roles and connecting PFCG roles for webgui for CRM

·   Working on CRM/BI support and implementation project

·   Good Knowledge on HR security-Position Based Security

·   Working on PFAL/PFUD and PBS settings configuration

·   Working on Position and PERNER mapping for users

GRC AC Configuration and Implementation
 

·   Worked on GRC 5.3 implementation and configuration (GRC RAR, CUP, ERM and SPM)

·   Working on GRC AC 10.1 components and configuration. ( ARM,ARA,EAM and BRM)

·   Experienced with SAP GRC 4.0 ABAP based Virsa Compliance Calibrator, Fire Fighter.

·   Completed UAR Project in GRC 5.3.

·   Working on Post Installation/Configuration steps in GRC 10.1.

·   Experience on GRC AC10.1 Migration Project.

·   Setup PSS toll on GRC AC 10.1

·   Worked on to integrated IDM with GRC

·   Setup/configure EAM- Fire Fighter and ARM/ARA.

MDG and FIORI Security

·   Working on Web Dynpro NWBC roles/Gateway Services for Master Data Governance (MDG)

·   Working on Fiori Mobile app roles/Gateway Service Roles setup

·   Involving/Prepare MDG/Fiori sap roles testing strategy

·   Working on S_SERVICE auth Object IWSG/IWSV services

Enterprise Portal/Solman and HANA Security

·   Working on Portal user management creating Users (UME), Assign portal Roles, lock, unlock, and password policies etc.

·   Worked on UME and Group/role Administration.

·   Configure Hana into GRC 10.1 for  user creation

·   Experience on Hana user creation and Hana roles/types of privileges in Hana Studio

·   Setup Change Management Tool ( QGM Tool)/ Charm Roles in Solman

·   Working with BODS team for Data  Migration

·   Working on to create users in HANA system with HANA Studio

·   Working on HANA Roles/Privileges for end users and IT users

Work Experience

·   Presently Working as SAP Security GRC Consultant in SCE- Southern California Edison since July 2015.

·   Worked as SAP Security GRC Consultant in JCI from Sep 2014 to July 2015.

·   Worked as SAP Security GRC Consultant in Harley Davidson from Nov 2013 to Sep 2014.

·   Worked as SAP Security GRC Consultant in JCI from July 2011 to Nov 2013.

·   Worked as SAP Security GRC Consultant in Philips from Apr 2010 to July 2011.

·   Worked as SAP Security in GSK from Mar 2008 to Mar 2010.

Education Details:

·               B.Tech Computer Information Technology Gradate from in India

Got Project Star Award for outstanding performance in Philips.

Got SPOT AWARD for outstanding performance in GRC project (JCI BE GRC Project).

COBIT 5 Foundation Certified: Control Objectives for Information and Related Technology (COBIT). A Business Framework for the Governance and Management of Enterprise IT

Technical Skills 

Operating systems: Windows 2000/NT/95/98.

Databases: ORACLE 9i, 10G

Languages: C, C++, Oracle Apps, .Net

GUI Tools: SAPGUI 6.20. SAPGUI 7.10

Tools & Utilities: Lotus Notes, Remedy Incident Management, SM7     service Manager 7, ZUM, V-SED, URWF tool, ITInbox Tool, E-Ticket Tool.

Domain Knowledge: SAP Security and Authorizations and Full SAP GRC.

Project:

Description:

                       Southern California Edison (or SCE Corp), the largest subsidiary of Edison International (NYSE: EIX), is the primary electricity supply company for much of Southern California, USA. It provides 14 million people with electricity across a service territory of approximately 50,000 square miles.

Roles & Responsibilities:

As a SAP Security GRC Track Lead, I have involved in

·   Working on SAP CRM Security Implementation Project

·   Working on SAP GRC AC 10.1 Configuration (EAM Tool)

·   Working on SAP NW Gateway Services Security Roles

·   Working on ECC –HR Position Based Security Configuration.

·   Working on SSO-SAML 2 Configuration

·   Working on ITIM IDM Tivoli Provision Policy Setup

·   Working on Security Testing Documentations

·   Working on to create users in HANA system with HANA Studio

·   Working on HANA Roles/Privileges for end users and IT users

·   Prepared End user training documents

·   Working on Design SAP Security Strategy Documents and KT plan document for team members

·   Working on HPALM /Remedy Tools

·   Working with Incident Management teams to resolve high priority issues

·   Good knowledge on ABAP development, with work in custom development, including IDOCs, BADs, LSMW, ABAP workbench, reports and SAP Script, Smart forms,, New enhancement framework, ALE / IDOC framework              

·   Experience on Translate functional specifications into technical specifications

·   Experience on troubleshooting, testing and debugging skills in ABAP and Security side

·   Experience in writing technical documentation

Project:

Description:

Project:

  Description:

                 Harley-Davidson (NYSE: HOG, formerly HDI[4]), often abbreviated H-D or Harley, is an American motorcycle manufacturer. Founded in Milwaukee, Wisconsin, during the first decade of the 20th century, it was one of two major American motorcycle manufacturers (Indian being the other) to survive the Great Depression. Harley-Davidson also survived a period of poor quality control and competition from Japanese manufacturers.

Roles & Responsibilities:

As a SAP Security onsite Project Team Lead I have involved in

•Working in HRF SAP HR Functional implementation project.

•Coordinate offshore team and implement SAP HR roles in ECC system

•Involved in client requirement phase and all phase of project

• User Administration (Creation, Management, Profile Modification, Validity Extension and Termination)
• Role Maintenance (Role Creation , Modification and Transporting)
• Profile Management (Maintaining Org Levels, Addition of TCodes)

• Worked on HRF (SAP HR) implementation Project.
• Maintain RFC (Creation of RFC, Maintaining RFC’s and Common Errors)

• Good knowledge on ABAP development, with work in custom development, including IDOCs, BADs, LSMW, ABAP workbench, reports and SAP Script, Smart forms,, New enhancement framework, ALE / IDOC framework              

• Experience on Translate functional specifications into technical specifications

• Experience on troubleshooting, testing and debugging skills in ABAP and Security side

• Experience in writing technical documentation

• Implemented GRC AC 10 components.
• FireFighter – Creation and Maintenance on GRC AC 10

Project:

Description:

Project:

  Description:

                 Philips Electronics India Limited, a subsidiary of the Netherlands-based Royal  

  Philips Electronics is the leading Health and Wellbeing Company. Today, Philips is a   

  Simpler and more focused company with global leadership positions in key markets of 

  Healthcare, Lighting and Consumer Lifestyle, addressing people’s Health and wellbeing   

  needs and aspirations as its overarching theme.

 Responsibilities:-

As an S&A consultant I was responsible for:-

·   Support calls executions which were created in HP Service Manager SM7 tool.

·   Worked in all sectors on areas like R/3, BI, MDM, Portal systems.

·   Creating user ids and assigning roles in R/3, BI, MDM systems.

·   CUA creation of user ids and assignment of roles to respective child systems.

·   Troubleshooting missing authorizations based on SU53.

·   Creation of roles like single, composite and derived roles and generating profiles.

·   Transportation of roles from Development to Production systems using Solution manager.

·   Troubleshoot missing authorizations issues in BI through Rsecadmin.

·   Worked on various support related projects like ERP4M Project, PIM Portal project, Year End Closing project etc.

·   Worked on MDM system which is only specific to Philips HR data by creating users and assigning payroll organization roles for all countries.

·   Creating roles in MDM stack and restricting them for various payroll organizations by putting constraint.

·   Also performed SOD checks as a part of  ICS activities for various users when they are assigned with some critical roles in R/3

·   Working on GRC 5.3 configuration and support work

·   Involving Redesign Rule set in Philips organization

·   Updating Functions, Action values in RAR.

·   Support work for CUP configuration.

·   Working on SPM tool for getting FFID log reports.

Experience on SAP GRC Access Control 5.3

Risk Analysis and Remediation

·         Risk Analysis by executing analytical reports, estimate cleanup efforts, analyzing roles and users, modifying the rules based on analysis and setting alert mechanism.

·         Determination of alternatives for eliminating risks, present analysis and select corrective actions, Document approval of corrective actions.

·         Mitigation on the basis of alternative controls to mitigate risks and educate management about conflict approval and monitoring, document process to monitor mitigation controls.

·         Risk Analysis, Risk Identification, classification with reference to Business Process Owners, Identifying the Critical Tcode with in Business Processes, taking the Industry recognized Tcodes.

·         Knowledge on Configure Risk terminator in the backend system for support continuous compliance.

·         Configure IGS software.

·         Maintained Risk Analysis Parameters values as per the organization standards.

·         Monitoring Background Job (User sync, Role Sync and Profile Sync) and perform Management reports and schedule jobs.

Firefighter (FF) or Super user Privilege Management SPM

·         Configurations settings thus making super users to perform emergency activities within a controlled and auditable environment.

·         Ensure users assigned to specific firefighting IDs with defined authorizations and validity dates and Separate logon is required, as well as documentation regarding reason for use.

·         Connection SPM to a back end system.

·         Maintain Configuration settings in Backend system.

·         Maintain Owners, Firefighters, Controllers, Reason Code, Configuration, Critical Tcode tables in back end system.

·         Retrieve the FFID logs from the backend system and frontend..

Access Enforcer (AE) or Complaint User Provisioning CUP

·        Working on Work flow to create users in ERP system, assignment, change, lock, unlock and delete users in SAP system and configuration of alert mails mechanism.

·        Defining the Approval system, configuration on the basis of organizational policies and business process.

·        Maintaining the work flow for Request, process, stages and escalation process, integration for risk analysis and mitigation capabilities keeps the system clean – compliant provisioning.

·        CUP Workflow configurations, Creating New Accounts, Lock & Unlocking, Change & Delete accounts, Roles Assignment, Maintaining approval stages.

·         Connection CUP to a back end systems.

·         Full work Knowledge on CUP Application tabs (My Work, Informer, Configuration)

Project:

Client: Glaxo SmithKline, UK.

Role: SAP Security Access Control Team Member

Period: Mar 2008 to Mar 2010

Description:

GSK is a world leading research-based pharmaceutical company with a powerful

Combination of kills and resources that provides a platform for delivering strong growth

in today's rapidly changing healthcare environment.

GSK landscape is basically a SAP implementation with all major SAP application like R3, BW, SRM, SEM, APO systems. SAP R/3 has been implemented with modules FI, CO, WM, MM, SD, PP, PS. There are more than 10000 business users and 200 support users.

Responsibilities

·               Creating and maintaining template roles, derived roles, single roles and composite roles using Profile Generator in SAP R/3 systems.

·               Complete user administration in SAP R/3, BW, APO and Enterprise Portal systems (creating, modifying, and deleting, locking, unlocking and resetting passwords).

·               Maintaining organizational values as and when required while creating / modifying single or global roles.

·               Understanding and implementing the Change Control process to for any enhancements or operational changes required.

·               Analyzing and solving the missing authorizations and day-to-day security issues that are being raised by the users using Remedy ticketing tool.

·               Modify /create various authorization profiles related to various system operations for restricting / facilitating users for smooth and secure system operations.

·               Prepare and process the authorization changes for the roles & profiles

·               Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks using transaction SU24 and maintained check indicators for Transaction codes.

·               Worked on GRC 4.0 transaction ABAP based tool.

·               Run risk analysis in Compliance Calibrator and FFID usage.

·               Worked with SAP GRC tool Firefighter.

·               Worked extensively with SAP GRC tool Compliance Calibrator.

·               Complete Knowledge in BW authorizations (RSECADMIN).

·               Completed BEBOP Shift and Lift project under client guidance.

·               Completed ICERPS support role clean-up Project under client guidance.

·   User creations, Assigning Missing authorization to the users.

·   Processing the user requests using ZUM tool i.e. custom Central User Administration (CUA) implemented by the client.

·   Raising user requests in the URWF (User Request Work Flow) tool and working on it.

·   Preparing the SUIM reports to find out the security violations in the production systems.

·   Assigning ORG Unit Values to the SRM users.

·   User and role assignment report for all GSK landscape.

·   Audit specific requirement reports for all GSK landscape.

·   SM20 log generation and change documents evidences.

·   Level 2 repair for SRM users.

·   90/180 day inactivity Users check.

·   Generate Leaver’s process Report.

Personal details:

Name: Surepalli Nagaraju

Date of Birth: 03-Jun-1985

Passport No: G3220560

Contact Numbers: +1 414 877 4015

VISA: H1B

Current Location: Los Angeles, California.