Sufyan Syed Mubeen Ashraf
SAP Security
Hyderabad,TG
Summary
To be associated in a progressive organization that gives me space to update my knowledge and skills in accordance with the latest trends and be part of a team that dynamically works for the growth of the organization and gives satisfaction.
With 5 plus years of extensive experience for SAP Security, S4 HANA Security and GRC professional expertise provides an efficient and effective structure for ensuring security integrity, accuracy and availability for enterprise information. SAP Security Consultant, GRC Analyst with extensive experience in security strategies, processes and implement the security controls to quality standards with highest standards of delivery. Detail Oriented, organized, customer focused individual, with strong professional integrity, Ability to establish and maintain customer confidence, business relationships with excellent skills technical and functional. Strong experience in developing, implementing and maintaining application security using Profile Generator (PFCG) for SAP modules such as FI/CO, MM, PP, SD, HR, PS, CRM, and BI/BW. Worked closely with client IT Personal in mentoring SAP Security features and the industry features. Expertise Compliance Security policies, procedures and controls.
Overview
4
4
years of professional experience
Work History
SAP Security Consultant
Nivid Technologies
09.2022 - 10.2025
- I initially started working as an L1 support help desk consultant, which includes locking and unlocking users as per customer requirements, preparing audit reports via SM20, monitoring background jobs, and monitoring the L1 support queue in ServiceNow ticketing tools.
- Responsible for day-to-day technical support and resolution of security authorization issues, troubleshooting SAP R3, ECC, S4, and BI-related security problems.
- User administration involves creating users, modifying users, copying users, deleting users, and assigning roles and profiles using SU01.
- Creation and maintenance of single, composite, and derived roles.
- Role building for various markets restricts the user’s access to their respective markets in line with the business needs.
- Building roles for processes such as order to cash, procure to manufacture, make to deliver, procure to pay, and record to reports involving modules such as FI/CO, SD, MM, PP, CRM, HR, and BI.
- Resolving GRC issues and educating users, managers, and owners on the proper use of the tool for Access Request submission, Risk Analysis, and so on.
- Maintaining SOD rule sets and mitigating controls for access control to identify risks and notify violations.
- Created new ECC-derived roles based upon the company codes as part of new regions' releases.
- Involved in regular support activities, along with the support team.
- Supported and participated in 'Project Clean,' a role redesign project across all modules, led by security consultants from SAP, utilizing a three-tier role build strategy (display/task/gen role).
- Created roles for the technical and functional consultants, and provided access in non-production and production systems.
- Experienced in upgrade ECC 6.0.
- Updated the authorization values from the tables USOBX_C and USOBT_C using SU25 transaction steps.
- Experienced in troubleshooting authorization problems using ST01 and SU53.
- Maintained authority checks for customized T-codes in SU24.
- Prepare a report of users having access to sensitive transaction codes for the audit.
- SOD check of roles via the GRC tool (10.1) for audit purposes.
- Preparation of Users, Role Report via SUIM, USRO2 table based on the client requirement.
- Locking and unlocking of users during refresh, cutover activities, etc.
- Support for role upload/download to/from the system.
- Good experience in user administration activities.
- Working with business users to identify the issues with Fiori apps, and resolving the auth issues.
- Day-to-day technical support and resolution of issues, and the missing authorizations, after analyzing the SU53 dump.
- Creation of authorization groups to restrict R/3 table access, program access, and review and correction of sensitive authorizations.
- (S TABU DIS, S USER TCD), including the assignment of authorization for sensitive tables.
- Troubleshoot user roles, trace the users, security authorization objects, and custom reporting authorization objects to debug/troubleshoot an authorization error, resolving the issue by giving the required authorizations (SUIM, SU53, RSECADMIN, and ST01) in different modules.
- Restricted and monitored critical authorization objects, such as S_DEVELOP, S_PROGRAM, and S_TABU_DIS, etc.
- Securing SAP.
- And DDIC against misuse.
- Participation in security audits.
- Transport creation for roles, and move to other systems.
- Creation of user groups and maintaining the users. Addition or removal of transaction codes, authorization objects, by modifying existing roles based upon change requests.
- Responsible for all SAP security tasks, role design, development, configuration, troubleshooting, resolution, and documentation of all production, test, and development systems of all SAP landscapes.
- Creating and assigning the FF IDs, and periodically checking firefighter ID logs and STO3N based on the requirement.
- Identifying potential SOD issues before assigning new roles to the user.
- Designed roles for new projects, following proper naming conventions, and robust security standards.
- Redesigned existing roles that were poorly designed.
- Provided extensive support during the hyper-care period for various rollouts.
- Expertise in analyzing and translating business requirements into technical specifications, in collaboration with application developers.
- Involved in project plan preparation, review at critical points, and regular status reports for senior management.
- Designing roles for Fiori apps by adding catalogs and groups to S/4 HANA roles.
- Troubleshooting user access through authorization error analysis (SU53) and system trace (ST01).
- Also, BI analysis authorization troubleshooting with RSECADMIN.
- Documenting and implementing cutover tasks for the S/4 HANA go-live.
- Troubleshooting and identifying the missing OData services and authorization issues in /IWFND/ERROR LOG, and notifying the Basis and Fiori Configuration team to activate them.
- ABB (ASEA Brown Boveri) is a Swedish-Swiss multinational corporation headquartered in Zurich, Switzerland. It's a leading global technology company specializing in electrification and automation solutions, helping industries become more sustainable and resource-efficient. ABB is a dual-listed company on the Nasdaq Nordic exchange in Stockholm, and the SIX Swiss Exchange in Zurich.
SAP Security Consultant
Tanisha Systems Inc
06.2022 - 08.2022
- Responsible for day-to-day technical support and resolution of security authorization issues, troubleshooting SAP R3, ECC, S4, and BI-related security problems.
- User administration involves creating users, modifying users, copying users, deleting users, and assigning roles and profiles using SU01.
- Creation and maintenance of single, composite, and derived roles.
- Prepare a report of users having access to sensitive transaction codes for the audit.
- SOD check of roles via GRC to (10.1) for audit purposes.
- Preparation of Users, Role Report via SUIM, USRO2 table based on the client requirement.
- Locking and unlocking of users during refresh, cutover activities, etc.
- Support for role upload/download to/from the system.
- Good experience in user administration activities through CUA.
- Restricted and monitored critical authorization objects, such as S_DEVELOP, S_PROGRAM, and S_TABU_DIS, etc.
- Securing SAP
- And DDIC against misuse.
- Participation in security audits.
- Transport creation for roles, and move to other systems.
- Creation of user groups and maintaining the users. Addition or removal of transaction codes, authorization objects, by modifying existing roles based upon change requests.
- Responsible for all SAP security tasks, role design, development, configuration, troubleshooting, resolution, and documentation of all production, test, and development systems of all SAP landscapes.
- Creating and assigning the FF IDs, and periodically checking firefighter ID logs and STO3N based on the requirement.
- Mitigation and remediation of users and roles for SOX using User/Role Analysis in RAR.
- Producing SOD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles, and Profiles using ARA.
- Identifying potential SOD issues before assigning new roles to the user.
- Shell plc is a British multinational oil and gas company, headquartered in London, United Kingdom. Shell is a public limited company with a primary listing on the London Stock Exchange, and secondary listings on Euronext Amsterdam and the New York Stock Exchange.
IT Support Specialist
Pinnacle Alliances
09.2020 - 10.2021
- Maintained and monitored daily IT operations reports to ensure system performance
- Managed and updated system configurations across environments.
- Provided L1/L2 technical support for hardware, software, and network issues.
- Handled incidents and service requests using ticketing tools.
- Managed user accounts, including creation, modification, and access control.
- Performed system installations, upgrades, and patching activities.
- Monitored system health and performed basic troubleshooting.
- Documented technical issues, resolutions, and configurations.
- Coordinated with internal teams to resolve escalated issues.
- Supported email systems and end-user applications (Office 365, Outlook).
Education
Bachelor of Commerce - Commerce
International Degree College
Hyderabad 05.2001 -
Skills
Business processes
User administration
Transport management system
Two-factor authentication
Timeline
SAP Security Consultant
Nivid Technologies
09.2022 - 10.2025
SAP Security Consultant
Tanisha Systems Inc
06.2022 - 08.2022
IT Support Specialist
Pinnacle Alliances
09.2020 - 10.2021
Bachelor of Commerce - Commerce
International Degree College
05.2001 -