Ganavi Basavaraju

Ambitious SAP Security Lead with over 9 years of experience in the design, implementation and delivery of high-performance SAP Security technology solutions. Skilled in all phases of the project life cycle from initial to feasibility analysis, build and conceptual design through implementation and enhancement within most versions of SAP and SAP bolt-ons.

Over 9 years of SAP SECURITY ADMINISTRATION, SAP GRC 10 & SOX COMPLIANCE EXPERTISE. Well experienced with multiple SAP security lifecycles (Analysis & Conception, Implementation, Quality Assurance & Tests and Rollout). Expertise in remediation of SOX issues, Risk Mitigation and implementing controls. Well versed in implementing central data, business process and change management strategies in complex business environments. Well versed in security implementation for the BI 7.0 Analysis Authorizations concept. Proficient in HR structural authorizations security administration. Well versed in setting up Business Partners and designing position-based as well as territorial-based security. Well versed with SSO solutions such as Kerberos to enable user authentication and integration with Enterprise Portal and all SAP systems. Well versed with security in EP 6.0, 5.0 with NetWeaver 2004 and 2004s. Good understanding of SOX SOD issues and mitigation processes working with internal and external auditors. Quick learner, self-motivated with excellent problem solving skills, good communication skills and team spirit. Forward-thinking Operations Specialist bringing 9 years of expertise in SAP Security for Medical, Sports, Health care, Oil and Gas sector businesses. Cultivates rapport with individuals to optimize project goals and output, resolve complex problems and deliver innovative improvement strategies. Proficient in SAP Security and GRC.

• SAP Security Technical Lead, Wipro Technologies, 06/2012, 2014, Philips, Identified pain & improvement areas needing immediate attention in the SAP Security and implemented process and procedure improvements for all SAP system supported., Developed Security SOP & Guidelines document to act as a single source point of information for SAP Security SLAs, escalation procedures, Adaptive/Correction Change Management., Security Maintenance & Support as part of Legacy System support (R/3 4.7, BW 3.5) and new system implementation (ECC 6.0, BI 7.0), Designed Security architecture for various teams including FI, CO, SD, HR, MDM, BI, CRM & EP., Configured and extensively used Service Manager 7.0 for support tickets, services, Change & SLA monitoring., Configured Audit logs and exercised periodic user & SOD access reviews for OSS system opening, Client opening and TMSADM password reset activity., Defined Authorization assignment & management strategy and Procedures, Train User and Authorization Administrators (On-going user admin support), Functional Teams Job Role Map to Process Steps for each Business Unit to complete Role Design for ORU and MRU for BI systems. Role Analysis & Object level security to build Production security roles., Creation of Business Partner (BP) user in CRM and Assigned BP to the org model(PPOMA_CRM), Analysis Authorizations by Maintaining Characteristics, Attributes, Hierarchies & Variables, Performed extensive QA for new role and role changes before approving change requests.
• SAP BI Senior Security Consultant, IBM INDIA, 03/2012, 05/2012, British Petroleum, Role design, development and assignment (PFCG, SU01)., Authorization checks by assigning reports to authorization classes (RSCSAUTH)., Segregation of Duty matrix (objects level matrix)., Assignment of Authorization Groups to Tables., Authorization groups and tables trace from applications Technical data and SE16., Identity Management- Authorizations using a role-based identity management., Responsible for day-to-day user administration tasks., Resolved many missing authorization issues by analysing the SU53 screen shots.
• SAP Security Consultant, COGNIZANT, 01/2008, 03/2012, Abbott Vascular, Defined Background Job for the Log Reports in SPM., Created and uploaded custom rule set in RAR GRC 5.3, Work with business managers in changing SAP roles and ensuring appropriate work flow in GRC Compliant User Provisioning (CUP), Reviewed critical and sensitive authorizations, implementing improvements to meet audit requirements made suggestion for security policies and standard/best practices., Customized Rule creation for SOX audit tool SAP GRC RAR for action and permission level SOD violations in roles for various business processes and functions., Configured Fire Fighter to capture audit logs and trigger alert., Assign fire-fighter Id’s to support users in order to resolve provisionally broad issue., Mitigation and Remediation of users using User Analysis in RAR., Worked with the SAP Security team and business process owners to identity Fire fighter ID (FFID) controllers, administrators and Owners and mapped these in SAP GRC SPM 5.3., Worked with development and business users to identify authorization requirements. Designed and created authorization roles and created custom authorization objects/groups, Mapped existing 4.7 profiles and user assignments to the new corresponding ECC 6.0 roles., Created user account templates and setup the required System/Service/Communication user accounts for ALE, Workflow and background processing.
• SAP Security Consultant, COGNIZANT, 02/2011, 03/2012, Abbott Vascular, Defined Background Job for the Log Reports in SPM., Created and uploaded custom rule set in RAR GRC 5.3, Work with business managers in changing SAP roles and ensuring appropriate work flow in GRC Compliant User Provisioning (CUP), Reviewed critical and sensitive authorizations, implementing improvements to meet audit requirements made suggestion for security policies and standard/best practices., Customized Rule creation for SOX audit tool SAP GRC RAR for action and permission level SOD violations in roles for various business processes and functions., Configured Fire Fighter to capture audit logs and trigger alert., Assign fire-fighter Id’s to support users in order to resolve provisionally broad issue., Mitigation and Remediation of users using User Analysis in RAR., Worked with the SAP Security team and business process owners to identity Fire fighter ID (FFID) controllers, administrators and Owners and mapped these in SAP GRC SPM 5.3., Worked with development and business users to identify authorization requirements. Designed and created authorization roles and created custom authorization objects/groups, Mapped existing 4.7 profiles and user assignments to the new corresponding ECC 6.0 roles., Created user account templates and setup the required System/Service/Communication user accounts for ALE, Workflow and background processing.
• SAP Security Consultant, COGNIZANT, 01/2008, 03/2012, Abbott Vascular, Defined Background Job for the Log Reports in SPM., Created and uploaded custom rule set in RAR GRC 5.3