Overall, 11.9 years of experience A highly adaptable, resourceful experienced SAP Security & GRC Consultant with 5.2 years of hands-on experience in SAP Security administration across ECC, S/4HANA and Fiori systems, 1.4 years of experience as a SAP end user and 5.3 years of experience as a Quality control analyst Proven expertise in role design, user provisioning, SoD risk mitigation, and compliance. Skilled in SAP GRC Access Control modules (ARM, ARA, BRM, EAM) and experienced in handling audit processes, upgrades, and security testing. Adept at trouble shooting access issues and implementing security best practices to minimize risk across SAP landscapes, including Fiori application security.
Overview
12
12
years of professional experience
Work History
Sap Security & GRC Consultant
Dr. Reddy's Laboratories Ltd
10.2021 - Current
Administered user access, roles, and licenses across the SAP landscape, ensuring role assignments matched business job functions.
Created, modified, and tested Single and Composite roles using PFCG; implemented role-based access controls (RBAC) to meet business requirements.
Utilized SU24 to maintain check indicators for transaction codes and align authorization defaults with security standards.
Worked with key role/user management tables such as AGR_USERS, AGR_TCODES, AGR_1251, and AGR_DEFINE for audits and reporting.
Executed SUIM based queries to support user access reviews, audit traceability, and reporting.
Conducted regular system audits and delivered landscape-wide audit reports to support compliance and internal controls.
Ensured Segregation of Duties (SoD) compliance through proactive role testing and by identifying conflicting authorizations using SAP GRC Access Control.
Performed GRC-based risk analysis (ARA) during user provisioning to detect and mitigate SoD conflicts before role assignments.
Collaborated with functional teams to update GRC rule sets and mapped critical actions to ensure ongoing compliance.
Supported user provisioning workflows in GRC, including approval routing and audit logging for access requests.
Ensured Segregation of Duties (SoD) compliance by testing authorization objects, profiles, and role assignments.
Troubleshot and resolved authorization issues through detailed analysis using SU53, SU56, and ST01 trace results.
Collaborated Cross-functionally with Functional, BASIS, and Network teams to resolve critical and complex access issues.
Managed user accounts by creating, updating, and deleting users; assigning roles; and maintaining login/password parameters.
Monitored and maintained user data using User Information System (SUIM) and generated audit and compliance reports.
Managed Firefighter (FF) access: created and assigned Firefighter IDs, monitored usage, and reviewed Firefighter log reports for audit compliance.
Sap security & GRC Consultant
Biological E limited
12.2018 - 10.2021
Administered user accounts including creation of login IDs, password resets, user role assignments, and lock/unlock activities.
Created and modified Single and Derived roles using Profile Generator (PFCG) in alignment with business and compliance requirements.
Performed in-depth analysis of missing authorizations using SU53, ST01, and authorization trace tools.
Interpreted SU53 screenshots submitted by users and recommended appropriate role assignments or modifications.
Conducted user access reviews and reporting via SUIM to ensure accurate and secure access provisioning.
Executed mass user locking/unlocking in production systems during maintenance periods to protect system integrity.
Utilized SAP GRC Access Control to conduct risk analysis and remediation (RAR) for users and roles to prevent SoD violations.
Generated Access Risk Analysis (ARA) reports and collaborated with business owners to resolve critical access risks.
Assigned and monitored Firefighter IDs, extracted usage logs, and supported audit reporting via GRC Firefighter (EAM).
Participated in GRC workflow configuration for access request approvals and escalations to streamline provisioning.
Performed transport management and troubleshooting using SE01, SE09, and SE10 for role and object migrations.
Conducted Risk Analysis and Remediation (RAR) to identify and mitigate SoD conflicts across users and roles.
Creation of new lot inspection in SAP for sample analysis.
Preparation of manual training for end user.
Releasing of Batches in SAP.
Entering the results & usage decision in SAP.
Verifying the inspection lots which are created in SAP on daily basis.
Planning of quality control samples to the team members in the absence of group leader.
T Codes used QA32, QA11, QA01,QE11,QM02,QM03,QM01,QA01,QP01.ZQMROA.
Initiation, investigation and closing of QMS elements like Change controls, Laboratory incidents, OOT, OOS etc.
Review of analytical reports, specification, Standard testing procedures, Standard operating procedures and Certificate of analysis.
Quality control Analyst
Dr. Reddy's Laboratories
02.2015 - 12.2018
Analysis of all in-process, process validation and finished product for oral dosage forms like tablets, capsules, oral suspensions.
Handling of instruments like HPLC, Dissolution apparatus, Hardness tester and Karl fisher titration.
Follow the safety precautions while analyzing the samples.
Online regular support to cross functional departments like production and engineering.
Quality control Analyst
Aurobindo pharma limited
09.2013 - 02.2015
Analysis of all in-process, process validation and finished product for oral dosage forms like tablets, capsules, oral suspension.
Project Management Associate &Licensing Specialist at Dr. Reddy's LaboratoriesProject Management Associate &Licensing Specialist at Dr. Reddy's Laboratories