Shaik Arshad

Bengaluru

Summary

Over 5+ years of IT experience, including 4+ years of hands-on expertise in SAP Security and GRC (versions 10.0/10.1).
Strong knowledge of SAP GRC Access Control components: ARA (Access Risk Analysis), ARM (Access Request Management), and EAM (Emergency Access Management).
Experienced in user administration tasks such as user creation, password resets, locking/unlocking, and assigning roles.
Proficient in designing and maintaining Single, Composite, and Derived roles using PFCG, with a focus on SoD compliance and audit readiness.
Skilled in troubleshooting authorization issues using SU53, ST01, STAUTHRACE, and generating user/role-level reports via SUIM.
Secured access to sensitive tables using S_TABU_DIS and S_TABU_NAM; maintained check indicators and custom authorization groups.
Worked extensively with role and user tables including AGR_1251, AGR_USERS, AGR_DEFINE, and more.
Supported transport management of roles, performed unit testing, and collaborated with business analysts for role validation in QA and production.
Contributed to internal audit activities, risk analysis, and SoD remediation efforts in coordination with compliance teams.
Recognized for strong communication skills, attention to detail, and ability to deliver secure, scalable SAP access solutions in fast-paced environments.

years of professional experience

VMware

11.2021 - 08.2024

Designed and developed SAP security roles (Single, Composite, and Derived) using PFCG, including manual authorization object assignment and org value maintenance.
Managed full user lifecycle: creation, locking/unlocking, password resets, validity settings, and role assignments via SU01 and User Information System.
Analyzed and resolved authorization errors using SU53, ST01, STAUTHRACE, and SUIM; assigned missing authorizations and verified SoD compliance.
Modified and transported security roles based on business change requests; performed unit testing and collaborated with BAs for QA validation before production deployment.
Protected sensitive tables using custom authorization groups, S_TABU_DIS, and S_TABU_NAM; maintained table-level security policies.
Utilized SAP security tables (AGR_1251, AGR_1252, AGR_AGRS, AGR_DEFINE, AGR_USERS) for audit readiness, role analysis, and user-role reporting.
Conducted periodic reviews of dialog and system users; maintained SAP Service Marketplace credentials for secure SAP OSS connections.
Supported internal and quarterly audits by extracting user access reports and assisting Compliance and Audit teams in SoD violation remediation efforts.
Ensured role changes met segregation-of-duties (SoD) policies and documented access risks as part of governance and compliance protocols.

Collabera Technologies (Client: VMware)

10.2020 - 11.2021

Performed comprehensive user administration: user creation, password resets, lock/unlock actions, and validity date management.
Modified existing roles to add or remove transaction codes, authorization objects, and authorizations based on approved change requests.
Created and maintained Single, Composite, Master, and Derived roles using PFCG, ensuring alignment with business access requirements.
Conducted role-level risk analysis and resolved SoD violations in accordance with compliance standards.
Assigned missing authorizations using SU53, ST01, and STAUTHRACE; suggested appropriate roles to address access issues for end users and business users.
Analyzed and updated SAP security tables such as AGR_TCODES, AGR_USERS, and AGR_DEFINE for role-user mappings and auditing.
Collaborated with IT teams to develop comprehensive cybersecurity strategies, reducing risks from external attacks.
Recommend improvements in security systems and procedures.

Colife Advisory Pvt Ltd

10.2018 - 10.2020

Analyzed and resolved user authorization issues using SU53, SUIM, and ST01; assigned missing authorizations to enable seamless task execution.
Handled full user lifecycle management including creation, deletion, modification, locking/unlocking, and password resets in accordance with business needs.
Created and maintained user accounts, user groups, and role assignments aligned with organizational policies.
Developed and modified Single, Composite, and Derived roles using PFCG, with role changes implemented post-approval and tracked via transport requests.
Performed role maintenance, assigned authorization groups, and ensured compliance with segregation of duties (SoD) principles.
Investigated and resolved authorization issues across modules by tracing user activity and debugging authorization objects via SU53, SU24, and ST01.
Supported audit and compliance requirements through role reviews and controlled authorization provisioning.
Conducted security audits to identify vulnerabilities.

Shadan College of Engineering And Technology

Hyderabad, India

07-2016