Md Shahrik Khan

• Handled and led full life cycle end-to-end SAP S/4HANA Greenfield Implementation including Planning,Design,Build,SIT,UAT,Cutover, Go-Live and Hyper Care phases.
• Worked on design, build and troubleshooting of FIORI Security using Catalogs, Spaces, Pages and Sections
• Also handled the Implementation for 5 countries based on the business requirement by direct interaction.
• Additionally steered discussions for a cleaner role re-designs for legacy systems.
• Experience in Design and build phases of BTP roles specifically tailored for AFC,AFE and custom solutions.

Industry Experience: Vodafone

Security Optimization Service (SOS) Review & Remediation Project:

• Collaborated with project stakeholders and technical teams to address risks highlighted by SAP, resulting in a 20% reduction in identified security vulnerabilities.
• Designed and maintained a comprehensive set of roles (single, composite, master, derived), supporting seamless business processes for 5000+ users.
• Identified and resolved SOX compliance issues, achieving a 95% compliance rate and implementing mitigating controls where applicable.

SAP SuccessFactors:

• Senior Consultant overseeing SAP SF in production and non-production environments, ensuring uninterrupted operations for 1000+ users.
• Resolved 90% of day-to-day user production issues, reducing system downtime by 25% and enhancing user satisfaction.
• Developed and maintained 50+ SuccessFactors Permission Roles & Groups, enabling efficient access management and reducing access-related incidents by 30%.
• Conducted mapping of Permission Groups to Users with 100% accuracy.

Industry Experience:

• Hewlett Packard Enterprise(HPE)
• TECO Energy
• Siemens AG
• C&J Energy Services
• Hitachi Metals
• Anheuser-Busch InBev(AB InBev)

SAP S/4 HANA and Fiori Implementation:

• Demonstrated exceptional client/stakeholder collaboration, conducting comprehensive requirement gathering sessions that resulted in an increase in client satisfaction.
• Designed, developed and maintained a portfolio of 900+ Single, Composite, Master, and Derived roles at various organizational levels (Company code, Plant, Cost center, Profit center, Purchasing Org), enabling efficient access control across SAP modules (SD, MM, PP, HR/HCM, FICO, APO, BI, Solman).
• Achieved a reduction in security-related audit findings by implementing a robust security architecture aligned with SOX regulations.
• Engineered optimized security roles for the Fiori Launchpad, configuring catalogs and groups in task-based roles.
• Conducted extensive security checks on the backend S/4 system and front-end Fiori applications, identifying and resolving 95% of security vulnerabilities.
• Enhanced system performance and user experience by updating SU24 and custom transactions with best business practices, resulting in a reduction in authorization-related system errors.
• Established a comprehensive testing environment for Unit Testing, Integration Testing, and User Acceptance Testing (UAT), leading to a 30% decrease in post-implementation defects and a 20% improvement in overall system stability.
• Leveraged HP Quality Center (HPQC) to efficiently manage and resolve security authorization test defects, reducing defect resolution time.
• Proactively addressed user authorization issues by troubleshooting user roles and utilizing Fiori logs, resulting in a 90% reduction in user-reported security incidents.

SAP BW S/4 Implementation & BOBJ Migration:

• Demonstrated expertise in designing and developing granular access and optimized BI security roles.
• Successfully built new analysis authorizations and updated SU24 as required, ensuring a robust and up-to-date security framework.
• Proactively troubleshooted user roles and standard/custom authorization objects, promptly resolving access issues and maintaining data confidentiality and integrity.
• Developed comprehensive and granular access controls for BOBJ, providing secure and controlled access to reports and data.
• Effectively mapped the granular access controls to BOBJ folders and BW/HANA connections, facilitating seamless navigation and access for end-users.
• Streamlined access management by mapping SAP roles to BOBJ folders, ensuring that users with specific SAP roles had appropriate access to relevant BOBJ content.
• Implemented the mapping of Windows Alias to SAP R/3 Alias, enhancing system integration and simplifying user access across platforms.

SAP Support Project:

• Designed and maintained roles based on client's company code and plant levels, ensuring precise access control.
• Developed process documentation for streamlined security implementation and approval processes.
• Managed HR organizational structures and role assignments to positions.
• Restricted and monitored critical authorization objects (S_TABU_DIS, S_PROGRAM, S_DEVELOP).
• Worked with security-related tables (AGR_TCODES, AGR_USER, AGR_DEFINE).
• Implemented decentralized user administration for efficient user management.
• Conducted authorizations insights and Segregation of Duties (SOD) analysis.
• Provided day-to-day technical support and resolution of security issues.
• Established standards for custom authorization objects.
• Performed user maintenance tasks and ran user administration reports.
• Utilized tools like SU53, ST01, STAUTHTRACE, and SUIM for troubleshooting.

SAP GRC AC:

• Participated in the migration process from GRC 10.1 to GRC 12.0, ensuring a smooth transition and minimal disruption to business operations.
• Played a key role in the design of rulesets and updating risk/function configurations to align with business requirements and compliance standards.
• Conducted comprehensive reviews and testing of MSMP (Multiple Systems Management Process) workflows, ensuring their effectiveness and adherence to organizational processes.
• Reviewed and tested the end-to-end functionality of EAM (Emergency Access Management), ensuring proper emergency access controls and mitigation measures.
• Conducted thorough testing of roles to identify and resolve Segregation of Duties (SoD) conflicts. Collaborated with the business stakeholders to address and mitigate any conflicts identified.
• Managed the uploading and updating of business roles, scheduling user provisioning to ensure timely access provisioning for users.
• Worked on uploading process roles and performed assignments of business roles to process roles, ensuring proper alignment and access controls.
• Configured SAP GRC AC (Access Control) and updated rulesets to ensure a robust and effective security framework.

SAP SOLMAN Upgrade:

• Designed and implemented Charm roles for the Solman system, ensuring proper access control for basis administrators, developers, and change managers.
• Extended the design of Charm roles to satellite systems, controlling access to task and transport release processes.
• Collaborated with stakeholders, including basis administrators, developers, and change managers, to gather requirements and ensure effective support for their responsibilities.

Industry Experience:

•ArcelorMittal

•Galderma

• Creation and maintenance of both technical and business user accounts, including providing emergency access when necessary.
• Creating and managing business roles and IT roles, ensuring compliance with Segregation of Duties (SOD) policies.
• Conducting comprehensive user base audits for critical access using tools such as SM20, STMS History, RSUSR003, TBTCO, and AUT10.
• Utilizing the PPOMA_BBP transaction code for maintaining user attributes in the SRM system, such as approver level, cost center, and catalogues.
• Implementing identity management processes in SRM/HR Portal and SAP backend systems.
• Designing and maintaining analysis authorizations in the BI system using RSECADMIN and incorporating them into roles.
• Utilizing the CSI Tool to run SOD reports and analyze user and role level conflicts.
• Managing the release and transportation of change requests and tasks to Quality and Production environments using STMS_IMPORT and CHARM tool.
• Facilitating access to SAP Service Market Place by providing access keys and developer keys to developers.
• Downloading and applying SAP license keys to SAP systems.
• Scheduling, analyzing, and maintaining background jobs, including monitoring and canceling long-running jobs.
• Creating and maintaining users in the BO system and handling the promotion of universe and folders in BO.
• Performing OS patching in Windows server environments.
• Starting and stopping SAP application servers and dispatches in the Identity Management server as needed.