Summary
Overview
Work History
Education
Skills
Certification
Timeline
Hi, I’m

Kiranraj Kaur Chagger

SAP Security consultant
Mumbai,Maharashtra

Summary

SAP R/3 Technical consultant Over 9+ Years in SAP Security & GRC, S4 Hana, Hana Security & BOBJ security . SAP Spanning across 3 implementation, 2 upgrade and 2 support projects. Have gained substantial experience in business process mapping, configuration, enhancements and post implementation/upgrade support in SAP. Role/User administration including role creation/modification/export/import. Complete configuration of (EAM) Emergency access management, Access risk analysis (ARA), Access request management (ARM), Business role management (BRM). Complete S4hana configuration/implementation, Activation of services, post installation steps and creating custom catalog and roles. S4 hana role remediation Skilled at learning new concepts quickly while working well under pressure highly organized and dedicated with a positive attitude. ACCOMPLISHMENTS Received 8 awards for reliability and getting the job done through persistence and strong work ethics. Rewarded as project star, Best Employee, Motivational Team Member. Experienced and enthusiastic Consultant with track record of success across wide range of industries. Possesses exceptional interpersonal, problem-solving and analytical skills to provide advice and expertise to client organizations improving business performance. Experienced in all aspects of operations, strategy and finance.

Overview

16
years of professional experience
1
Certificate

Work History

Ernst And Young

Senior Security Consultant
01.2022 - Current

Job overview

  • Project 1 - AIG insurance (S4 HANA implementation)
  • SAP S4 Security/ FIORI/ GRC/MDG/ARIBA Consultant
  • Responsibilities:
  • · Prepared security strategy document for client
  • · Prepared requirement list for security new design (S4 HANA & MDG)
  • · Reviewed clients ECC current Roles (t codes and authorizations) assigned to users Worked with functional & technical teams to determineS4 Hana new role needs for different entities.
  • · Created role matrixes for assigned functional & technical areas Evaluated the use of critical T-Codes and Authorizations for Ruleset update
  • · Creation of business roles in GRC (BRM)
  • · Administered functional & technical area unit and integration role testing Corrected role defects found during Unit and Integration testing.
  • · Updated SU24 with new authorizations Maintained and Updated newly constructed roles as needed.
  • · Reviewed Segregation of Duties and making tool recommendations to assist with resolving.
  • · Developed detailed Security Analysis of SAP system Reviewed current security strategy related to roles mappings, role conflicts, actual role/profile design, user administration, SOD's, policies, and procedures, change control process, monitoring, as well as support procedures.
  • · Updated ruleset with associated risk and FIORI IDs
  • · Worked on gathering of requirement for MDG Finance and Supplier new roles creation, restriction of roles.
  • · Build MDG roles for Finance and supplier
  • · Go live Support provided for project 1st release phase
  • Project 2 – British Petroleum (S4 HANA implementation & Support)
  • SAP S4 Security/ FIORI
  • Responsibilities:
  • · Reviewed clients S4 current Roles (t codes and authorizations) assigned to users Worked with functional & technical teams to determineS4 Hana new role for new 3 company codes.
  • · Collecting requirements from functional consultants and creating requirement matrix for new company codes.
  • · Using PFCG, created single roles, composite roles, and parent and derived roles based on company requirements.
  • · FIORI role design (ECC to S4hana) to include catalogs, groups and ODATA for FIORI launchpad. Inclusion of transactional apps, facts sheet and analytical apps in FIORI roles. Backend role design to include T code, ODATA, web dynpro with authorization (created catalogs & groups)
  • · Trace error log analysis using /IWFND/ERROR Log for missing services and backend authorizations during hyper care.
  • · Coordinated with functional teams during unit testing & Integration testing resolving the defects.
  • · Provided upkeep for previously released company code:
  • · In various systems, providing user administration, authorization administration, monitoring, and security concepts.
  • · Super user administration was managed, and technical firefighter activity was monitored.
  • · Assisting with role maintenance and user administration.
  • · Using GRC 10.1 tool to assign/remove roles from users
  • · Importing newly created roles with appropriate approvers and functional areas as per business requirements into GRC 10.1 system via BRM
  • · Using authority checks (SU53), system traces (ST01), and STAUTHTRACE transactions, assist users in troubleshooting and identifying authorization issues.
  • · Assigning firefighter ID to support user in order to provide assistance through GRC EAM component.
  • · GRC Firefighter Owners, Firefighters, and Controllers modified/assigned and created as per business requirement.
  • · GRC ARM request for new user creation and role assignment.
  • Project 3 – Glencore (S4 HANA Implementation, GRC & S4 Upgrade)
  • SAP S4 Security/ FIORI/ GRC
  • Responsibilities:
  • S4 Hana:
  • · Solely responsible for all head up/meetings with client on day-to-day basis.
  • · Working directly and reports to client.
  • · Role Redesign of roles for entities to get rid of SOD restricting access to their respective markets in line with business needs.
  • · Business roles for process such as Finance, Record to report/P2P involving modules such as FI/CO, SD MM, PP)
  • · Role remediation of old roles for different entity
  • · ECC to S4 Hana 2022 upgrade done
  • GRC:
  • · Conducted workshops with IT functional teams for SOD risk remediation discussions
  • · Conducted workshops with business for residual SOD risk remediation discussions
  • · Taken remediation actions – role modification/ ruleset changes etc.
  • · Analyzing SOD violations through SAP GRC Access Control (AC) module
  • · Defined mitigation for residual SOD risks
  • · Discussed mitigation controls with business
  • · Assigned mitigation controls to agreed user-risk combinations
  • · Maintaining SOD rule sets and mitigation controls for Access control to identify risk and violations.
  • · Highlight and discuss violations with role owners /business users for remediation
  • · Identify and assign/create mitigating controls to violations that cannot be remediated
  • · Carry out ruleset changes to incorporate custom t code
  • · Verify mitigating controls effectiveness
  • · Make recommendations for correction of noted violations and improvements in operation as per industry standards and best practices.

Cognizant Technology

Senior Project Associate
10.2021 - 01.2022

Job overview

  • Project 1- KAUST (S4 HANA implementation)
  • SAP S4 Security/ FIORI/ GRC Consultant
  • Responsibilities:
  • · Working on S4 HANA implementation 2020 version (Embedded)
  • · Created roles with new edition of Pages and Sections concept.
  • · Worked on focus build tool to upload test cases and execute same
  • · Configured UAR review & SOD review
  • · Configured EAM component
  • · Added FIORI Apps in custom ruleset
  • · Configured LDAP integration with GRC AC

Accenture

Security Application Development Senior Analyst
04.2021 - 09.2021

Job overview

  • Working on S4 Hana implementation project
  • Primary responsibility was to gather requirement from functional consultants and preparing high-level Security Design document
  • Derived Single and Composite roles for new Business Units with Change management guidelines ensuring system integrity
  • Coordinated with Functional Teams during Business Role Unit Testing and Integration Testing resolving defects
  • Trace error log analysis using /IWFND/ERROR LOG for missing Services and Backend authorizations
  • Activation of ICF and ODATA services
  • FIORI / UI5 Gateway role design to include Catalogs, Groups and ODATA for FIORI
  • Launchpad
  • Inclusion of Transactional apps in FIORI Roles
  • Backend role design to include T code, ODATA, with Authorizations
  • User management, Role creation, View and Schemas at Analytic privileges, Objective
  • Privileges in Role through HANA Studio
  • Tracing and troubleshooting
  • SAP authentication in CMC.
  • Communicated directly with project stakeholders, providing timely updates on project advancement.

SAP, Capgemini Consulting India Pvt Ltd

Security Senior Consultant
11.2019 - 04.2021

Job overview

  • Singapore Power Services (ECC upgrade)
  • Remote Support for initial Go-live for S&G Customer with upgrade of ECC EHP 7.0
  • Performed Role/Defect Updates in development during Realization phase
  • Validated ECC critical Objects and transaction pre-Go Live
  • Tracing missing authorization objects and recommended appropriate roles for end users
  • Interfaced extensively with clients to gain insight and develop solutions to meet customer business needs across entire SAP landscape
  • Creating & maintaining customer & support team profile/roles
  • Creation of test IDs for different test scenarios as per client requirement
  • Created all necessary documentation per project and audit requirements
  • Design and Develop technical roles based on inputs from business teams
  • Conducted workshops to gather requirements for functional and organizational role build for entire organization
  • Involved in all phases of Project Life Cycle from Blue Printing to Post Go Live phases for Upgrades, Role-Redesign and both Fresh and Re-Implementations using Solution
  • Manager
  • Created Mass Transports for all Business and Technical roles in ECC6.0 to upgrade to EHP 7
  • Resolved Authorization/Security Issues during Business Acceptance Testing, GO-
  • LIVE and post GO-LIVE
  • Updated/Modified roles using Profile Generator with Transactions and auth- objects new in EHP 7 in Development System and transported them to QA to perform unit testing and then to Production
  • Updated Profile Parameters using RZ10/RZ11 according to new EHP 7
  • Security standards
  • Developed and Maintained RFC user’s Naming convention for Solution Manager
  • Post Go-live: Primary Support until Steady state period
  • Prioritize and resolve issues during steady-state period.
  • Prioritized projects and project tasks depending upon key milestones and deadline dates.
  • Analyzed problematic areas to provide recommendations and solutions.
  • Developed custom solutions based upon clients' strict requirements.
  • Exceeded customer requirements with accurate and deliverable solutions.

SAP, TATA CONSULTANCY SERVICES

Security & GRC consultant
08.2012 - 09.2019

Job overview

  • Extensively used SU53 and SUIM to assign missing authorizations to users
  • Tracing missing authorizations objects using SU53 and recommended appropriate role for end users
  • User administration (Creating, maintaining, deleting user accounts and assigning roles)
  • Comprehensive use of Profile Generator to generate roles and assign roles to end users
  • Configured and Implemented GRC Access Control Suite 10.0
  • GRC implementation experience with GRC ARA, EAM, ARM, BRM
  • Under risk analysis and remediation, performed user and role analysis to identify existing
  • SOD violation risks
  • Using ARA produced Analytical reports on user, user groups, roles and profiles
  • Performed remediation and mitigation against various risk associated with roles and users
  • ARA has simulation features to allow you to access impact of potential remediation activities on reported conflicts prior to making actual change
  • Experience in creating and assigning FFID and extracting fire fighter logs
  • Configured workflow, actions and rules
  • Configured scheduled background jobs (2 jobs)
  • Experience in using ARM to configure workflow for user access review and SOD review.
  • User master record creation/modification using SU01
  • Mass user creation using SU10 & LSMW
  • Mass password reset for users using LSMW & BAPI tool
  • Role creation/ modification using profile generator (PFCG)
  • Ensured accuracy and segregation of duties through comprehensive testing of all profiles and authorizations
  • Expertise in resolving authorization issues by analyzing authorization checks
  • Troubleshooting user access through authorization error analysis (SU53, SU56) and system trace (ST01)
  • If needed, worked with Basis & ABAP team to troubleshoot complex access problems (to check at programme level)
  • Monitor and maintain user ID through user information system (SUIM) – created monthly audit reports
  • Worked extensively with SE01, SE09 & SE10 in managing mass transport
  • When in need helped on audit logs SM18, SM19 and SM20
  • Proficient in working with the tables USR & AGR.
  • Produced and filed reports to inform senior management of current activities and progress with investigations
  • Produced and filed reports to inform senior management of current activities and progress with investigations.

WNS Global Services

Business Process Associate
05.2008 - 04.2011

Job overview

  • Creating PNR in
  • Working live on Amadeus for changing/creating PNR
  • NA watchlist (Doing watchlist for northern American region)
  • Maintaining user feedback and complaints in BA holidays portal
  • Price comparison of flight tickets/hotel rooms
  • Updating gift voucher of passenger on BA holidays portal
  • Adding entries in PNR
  • Waiving of excess baggage
  • Managed over 50 PNR per day
  • Performed data entry operations to update database with customer responses
  • Supervised processes to eliminate weak points or bottlenecks in business operations

Education

Frankfinn Institute
Mumbai

Bachelor of Aviation from IATA
08.2008

University Overview

V.G VAZE College
Mumbai

Bachelor of Arts from Sociology
03.2004

University Overview

Skills

  • Security domains:
  • S4HANA/GRC, MDG
  • Client facing exposure
  • Excellent Analytical and problem solving skills
  • Ability to lead and shape client expectations
  • Strong organization and time management skills
  • Ability to communicate effectively (both Oral & written)
  • Multi-tasking skills, detail oriented
  • Talent for identifying creative solutions
  • Customer service issue to ensure satisfaction
  • Technical Skills
  • SAP Security R/3, SAP ISU
  • SAP GRC Access Control (ARA, ARM, EAM, BRM)
  • S4hana, FIORI
  • MDG

Certification

  • P_SECAUTH_21
  • CISM

Timeline

Senior Security Consultant
Ernst And Young
01.2022 - Current
Senior Project Associate
Cognizant Technology
10.2021 - 01.2022
Security Application Development Senior Analyst
Accenture
04.2021 - 09.2021
Security Senior Consultant
SAP, Capgemini Consulting India Pvt Ltd
11.2019 - 04.2021
Security & GRC consultant
SAP, TATA CONSULTANCY SERVICES
08.2012 - 09.2019
Business Process Associate
WNS Global Services
05.2008 - 04.2011
Frankfinn Institute
Bachelor of Aviation from IATA
V.G VAZE College
Bachelor of Arts from Sociology

Similar Profiles

CREATE PROFILE
Kiranraj Kaur ChaggerSAP Security consultant