Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Other Interests
Timeline
Generic
Bhavya Reddivari

Bhavya Reddivari

SAP Security and GRC Consultant
Hyderabad

Summary

Comprehensive experiences within all aspects of SAP Security and compliance Served as a subject matter expert in technical aspects of R/3 and GRC Access control, Process Control and Risk Management. Worked with clients to gain insight and develop solutions to meet customer and business needs across the entire SAP landscape. Experienced in GRC implementations, Access control and Process control automation configurations and Issue Handling, ECC Security User access management, Risk Identification and Mitigation Controls, Complete Structural authorization analysis and Issue handling. Have been in onsite Brisbane (Australia) for 9 months from April to Jan 2013. Was leading the team in SAP Application Security Support.

Overview

18
18
years of professional experience
6
6
years of post-secondary education
2
2
Certifications

Work History

SAP GRC Consultant

IBM
Hyderabad
01.2024 - Current
  • Worked on GRC S4 Implementation and Migration project, helping client to understand new Fiori Apps, build roles relevant to Fiori Front End, Back end roles, build role for Gateway users.
  • Worked hands on creating Fiori Apps and adding Apps authorization to roles, worked on Transactional and URL related apps.
  • Trouble shooting Fiori App authorization issues.
  • Worked on configuring GRC to Fiori apps enabling users to request and approve GRC requests through Fiori.
  • Worked on AMS Support for two Singapore Clients providing continuous support to the projects as SAP Security and GRC consultant.

Data and Compliance Analyst

PepsiCo
Hyderabad
08.2020 - 03.2023
  • Lead SAP GRC Access control, Process control implementations and configuration.
  • Have worked on MSMP workflow configurations for various MSMP processes.
  • Maintenance and monitoring of MSMP workflow.
  • Maintaining stage level workflow settings.
  • Creating and assigning BRF+ rules.
  • Configuring master data for enabling process control automations.
  • Designing manual and automated controls, monitoring and reporting.
  • Reviewed audit and monitoring reports related to consumer and client activities.
  • Stayed current with latest changes to applicable regulatory standards and company procedures.
  • Assisted investigation and risk management teams with fraud investigations and risk identification.
  • Prepared documentation and records for upcoming audits and inspections.
  • Performed deep audits of Compliance reports.
  • Supported and trained customers on compliance-related issues.
  • Have tried to implement automated solutions using PowerBi and Alteryx, Tableau to avoid Manual work spent in extracting data and preparing reports.
  • Have worked in saving over 50 hours of manual work per month and have contributed to annual savings.
  • Extracted and interpreted data patterns to translate findings into actionable outcomes.
  • Analyzed transactions to build logical business intelligence model for real-time reporting needs.
  • Tested data prediction algorithms based on historical data.
  • Utilized data visualization tools to effectively communicate business insights.
  • Collaborated with business-unit leaders to identify and prioritize problems.
  • Used statistical methods to analyze data and generate useful business reports.

SAP Security Analyst

Accenture Technology Services Ltd
Hyderabad
10.2013 - 07.2020
  • Architected SAP solutions by prioritizing simplicity, appropriate scale, resiliency and maintainability.
  • Multitasked and managed multiple deliverables and projects concurrently and facilitated use of SAP for enterprise resource planning.
  • Documented and maintained technical specifications for SAP applications.
  • Security related task and Implemented Security policies and procedures.
  • Have been appreciated for maintaining targets and meeting team's metrics consistently.
  • Hands on Experience in GRC 5.5 tools like Compliance calibrator, Fire Fighter.
  • Understand compliance and importance of emergency access and firefighter logins.
  • Expertise in SAP Security and Authorizations which includes User Management, User Administration.
  • Creation of roles (PFCG) and assigned to users using su01 and su10 tcodes, authorizations and profiles to user ids, setup security for developers, according to business requirements.
  • Assigned many common roles to users by using SU10 and generated profiles using PFUD.
  • Worked with SAP Security team and business process owners to identity Fire fighter ID (FFID) controllers, administrators and Owners and mapped these in SAP GRC SPM 5.3.
  • As SAP Security GRC team member responsible for analyzing and resolving problems related to SECURITY application within specified time frame.
  • Implement VIRSA Access Enforcer 5.2 for user provisioning.
  • VIRSA Fire Fighter audit.
  • VIRSA Fire Fighter log in notification, Coesia - Italy, Nissan - UK, Microsoft.
  • Responsibilities as security consultant include: Took part in GRC 10.1 Implementation During Access Risk Analysis (ARA) implementation, responsibilities involved configuring custom Rulesets for Risk, Functions (Actions & permissions), creating new Risk Owners and Monitors.
  • Took part in Segregation of Duty (SoD) and Sensitive Access clean-up project soon after ARA go-live.
  • Did end to end implementation of Emergency Access Management (De-Centralized model) including IMG Configuration, Building EAM security roles in ECC and GRC, Defining Firefighter Owners, Controllers, Creation of Reason code and scheduling daily synchronization jobs.
  • Experienced in working for Full Life Cycle Implementation, Go-Live, Post Go-Live, and Production Support projects.
  • Broad experience in maintaining single, composite, and derived roles using Profile Generator (PFCG).
  • Extensive experience with resolving ticket issues and troubleshooting security authorization problems while adhering to Service Level Agreements (SLA).
  • Maintained Assignment of Authorization Objects (SU24).
  • Created custom Authorization Classes and Authorization Objects (SU21).
  • Maintained program authorization groups (Report RSCSAUTH) and table authorization groups (SE54) to protect access to programs and tables.
  • DDIC, SAPCPIC) were set-up as system or background users with passwords changed (monitoring using report RSUSR003) in all SAP systems.
  • Creating Mass roles and Users using SECATT and LSMW scripts.
  • Trouble-shoot authorization problems using Repository Information System and tracing authorizations using SU53, SU24 and ST01, STAUTHTRACE.
  • Hands on Experience on HR/HCM Security, Structural Profiles, Organization Structures PA, PD, Payroll, Time, Travel, E-Recruiting and ESS and MSS Modules.
  • Served as Lead S/4 Security Analyst for OTC / PTP / UX workstreams in plan, design, build and test phases of project.
  • Designed and built security roles and authorizations for OTC (SD, MM, FI) and PTP (MM, FI) end to end business process, leveraging latest S/4 HANA security transactions and authorizations for simplification and optimization.
  • Designed deployment automation solutions to expedite implementation of SAP solutions.
  • Traveled to client locations to implement SAP solutions and offered post-installation support services.

Senior Software Engineer

Infosys Technologies Ltd
Hyderabad
06.2007 - 10.2013
  • Architected SAP solutions by prioritizing simplicity, appropriate scale, resiliency and maintainability.
  • Traveled to client locations to implement SAP solutions and offered post-installation support services.
  • Configured and customized SAP modules to align with client business processes.
  • Executed and managed over 5 successful SAP implementation projects for large enterprises.
  • Delivered SAP training, user support and knowledge transfer at end of project and followed up to verify successful implementation.
  • Trained and mentored junior staff on SAP system operations and functionality.
  • Conducted research and analysis to determine current and future SAP trends.
  • Documented and maintained technical specifications for SAP applications.

Education

12th -

Vignanadeepthi Jr College
Chittoor, AP
06.2001 - 04.2003

Bachelor of electronics and Communication Engineering -

Sri Venkateshwara University
Tirupati, India
06.2003 - 04.2007

Skills

Tableau

PowerBI

undefined

Certification

SAP Certified GRC Consultant - Business Objects Access Control 10.0, 2016

Accomplishments

  • Have built a complete Alteryx workflow Solution similar to SAP GRC Risk Assessment where the workflow identifies all the risks in the system automatically without manual intervention.
  • Have worked with PowerBI to visualize large data from various sources like SAP Hana, MS Sharepoint etc.
  • Built Security for various business processes that encompasses Sub process area's such as Billing, Credit Management, Receivables Management, Retail Operations, Retail Contracts, Strategic Procurement, Operational Procurement, Inventory Management, Accounts Payable, HR process and Employee Data.

Other Interests

I am enthusiastic about Painting, Am currently learning Carnatic Music. I am also passionate about Sports participating in Masters Athletics and Badminton tournaments.

Timeline

SAP GRC Consultant

IBM
01.2024 - Current

Data and Compliance Analyst

PepsiCo
08.2020 - 03.2023

SAP Security Analyst

Accenture Technology Services Ltd
10.2013 - 07.2020

Senior Software Engineer

Infosys Technologies Ltd
06.2007 - 10.2013

Bachelor of electronics and Communication Engineering -

Sri Venkateshwara University
06.2003 - 04.2007

12th -

Vignanadeepthi Jr College
06.2001 - 04.2003
Bhavya ReddivariSAP Security and GRC Consultant