Summary
Overview
Work History
Education
Skills
Project#1
project # 2
Roles and Responsibilities:
Tata Consultancy Services Feb2022-Now
Timeline
Generic

SIVA BILLA

Bangalore

Summary

3.4 years of experience in SAP S/4 HANA Security, GRC AC, and Fiori Security delivering secure and compliant solutions in dynamic environments. Strong background in User and Role Administration across SAP GRC, S/4 HANA, Fiori, and ECC. Skilled in creating Fiori Catalogs and Groups and mapping Fiori app Catalog IDs and Group IDs within security roles to control user access. Proficient in transporting security-specific changes to Quality and Production environments. Experienced in using the SUIM tool to generate customized reports and in managing role creation, authorizations, and Segregation of Duties analysis. Resolve authorization issues post during the critical support phase. Extensive experience in troubleshooting authorization issues in GRC, S/4 AHNA, Fiori, and ECC. Hands-on experience with Role creation such as Single, Composite, Master and Derived roles and maintained authorization objects with values for access management and authorization control. Performed user administration activities such as Creating, Deleting, Locking, unlocking users, resetting passwords, maintaining logon data, and assigning roles to the users. Actively involved in Running risk analysis on role level and user level for risk IDs Clean-Up. Developed various SOD reports for users & roles and cleaned up existing roles with conflicting actions. Experience in creating charm IDs in Solman Charm for role changes and for transport management.

Overview

1
1
year of professional experience

Work History

SAP Security and GRC Consultant

02.2022 - 12.2022
  • Created catalogs and groups in the Fiori system to support role-based access requirements.
  • Mapped Fiori app Catalog IDs and Group IDs within security roles, ensuring users received targeted tile access to relevant apps.
  • Transported security-specific changes for Fiori apps into Quality and Production, collaborating across teams to validate implementation.
  • Engaged with business stakeholders to understand requirements and created roles accordingly.
  • Performed comprehensive User and Role Administration, including user creation, modification, and role assignments.
  • Generated SM20 audit logs to support monitoring and compliance reporting needs.
  • Configured SAP GRC Access Control 12.0 connectors and involved in post-installation steps along with Basis Team like BC Sets and Activation of services (Public, BC and GRC) using SICF T-code.
  • Gained experience in GRC BRM for business role creation and maintenance.
  • Modified ARM workflows and troubleshot MSMP workflow issues, improving workflow efficiency.
  • Managed GRC requests through the entire lifecycle, including creation, approval, rejection, and closure, ensuring adherence to business protocols.
  • Conducted risk analyses on SOD conflicts and submitted approval requests for mitigation as needed.
  • Configured SPRO settings, connector settings, and parameters to align with organizational policies.
  • Activated BC (Business Configuration) sets for GRAC components using SCPR20 and managed GRAC role creation in PFCG based on functionality requirements.
  • Creation of GRAC roles based on functionality using PFCG tool.
  • Created connectors and connector groups, adding them to AUTH, PROV, ROLMG, and SUPMG integration scenarios.
  • Scheduled and monitored synchronization jobs, including Authorization Sync, Repository Object Sync, Action Usage Sync, and Role Usage Sync, and conducted Batch Risk Analysis for Access Risk Analysis Dashboards.
  • Developed custom rulesets aligned with the Global Ruleset provided by SAP, tailoring them to meet specific risk management needs.
  • Created and assigned Mitigation Control IDs to Access Risk IDs, facilitating precise risk mitigation measures.
  • Set up FFIDs in backend systems, mapped them to GRC for user access, and pulled action and FF log reports based on business requirements.
  • Provided production support to S4 Hana and GRC AC including raising access requests for new user account creation, role assignments, and troubleshooting of authorization issues with SU53 and SUIM and Trace.
  • Ensured ticket resolution within SLAs, managing user access with password resets, reactivations, and assignment of authorization groups for table access restrictions.
  • Restrict table access through S_TABU_NAM and table authorization groups with S_TABU_DIS objects.
  • Actively participated in user administrative activities like Password resetting and reactivation of users in Monthly activities.
  • Created Analysis Authorizations in BI, using RSECADMIN to develop custom authorization objects, and assigned them to BI query roles with S_RS_AUTH.
  • Resolved SOD conflicts in collaboration with analysts, assigning roles post-mitigation.

Education

Graduate -

Pace Institute of Technology & Sciences
01.2021

Skills

  • GRC access control
  • Role administration
  • S/4 HANA security
  • Fiori applications
  • Risk analysis
  • Authorization management

Project#1

Client           : Stellantis

Environment: S/4 HANA 2020, GRC 12, Fiori

Designation : SAP Security and GRC Consultant

Duration : Feb 2022 to Dec 2022  

project # 2

Client             : Microsoft

Environment : S/4 HANA 2020, GRC 12.0, and Fiori

Designation  : SAP Security and GRC Consultant

Duration        : Jan 2023 to Present

Roles and Responsibilities:

· Gathered business requirements and built roles in S/4 HANA and Fiori systems, ensuring alignment with user needs and compliance standards.

· Created roles in S/4 HANA embedded and added Catalogs and Spaces to roles provide access to Fiori applications.

· Created catalogs and groups in Fiori using /UI2/FLPD_CUST and Content Manager, and mapped Fiori app Catalog IDs and Group IDs to security roles for specific tile access.

· Resolved Fiori authorization and app-loading issues to support smooth user experience.

· Managed BI-specific authorizations, creating custom Analysis Authorization objects using RSECADMIN, and assigned them to end-user roles with S_RS_AUTH.

· Transport Security specific changes related to designed Fiori app into Quality and production through Solman Charm.

· Involved in Role administration to include Catalogs, Spaces and added OData Services.

· Actively supported in troubleshooting the authorization issue and provided missing services and backend authorizations.

· Experience on GRC EAM End to End implementation.

· Configured GRC Access Control 12.0, including connector setup and connected systems, to streamline risk and compliance management.

· Established and maintained Rule Sets, Functions, and Risks as per business requirements, supporting role-based SOD analysis and risk mitigation.

· Performed GRC Access Risk Analysis, including SOD analysis, mitigation controls, and created Access risk and functions.

· Imported roles from connected systems using GRC templates and managed individual role imports, facilitating structured role provisioning.

· Managed Firefighter (FF) access, mapping users and assigning owners/controllers to ensure secure emergency access.

· Configured and maintained MSMP workflows and set up FF IDs as Service User types in backend systems.

· Assigned FF roles to IDs in backend systems and designated Owners and Controllers for oversight.

· Oversaw maintenance of FF Owners, Role Owners, FF Controllers, Mitigation Controllers, and monitors within the GRC system.

· Created Risk IDs and Functions in GRC, aligning security policies with organizational compliance goals.

· Provided extensive support in GRC like importing the roles, raising access requests.

· Scheduled and managed essential background jobs, including Repository Object Sync, PFCG Authorization Sync, Action Usage Sync, Role Usage Sync, FF Log Sync, and FF Workflow Sync, ensuring efficient system performance and data synchronization.

Tata Consultancy Services Feb2022-Now

Bangalore

Timeline

SAP Security and GRC Consultant

02.2022 - 12.2022

Graduate -

Pace Institute of Technology & Sciences
SIVA BILLA