Worked as an effective team player and as an individual contributor.
Executed day-to-day SAP Security tasks including user administration, and role administration. segregation of duties conflict checking, GRC administration, and technical troubleshooting. Performed periodic self-assessments/audits of SAP security environment – ECC, BW, GRC 10.1, One PI & Charm Tool (Solman).
Role Administration: Creation/deletion and modification of single roles as per business requirements. Risk-Free Roles were created as per GRC policies.
User Administration: User IDs create/delete, update, lock/unlock & password reset. Troubleshooting user access through authorization error analysis (SU53) and System Trace (STAUTHTRACE)
OSS connections, S-User, developer keys, and object keys were all handled through the SAP support portal.
Troubleshooting the workflow and audit logs of the ARM requests and resolving issues.
Support activities in SAP GRC Access Control 10.1 such as New user creation, Multiple user creation, and change in role assignment through Access Control Management.
Actively participated in Global Audits conducted for Mazars for all the different Federated ERPs in Schneider and participated in Country SAP audit for India conducted by E&Y, PwC & KPMG.
Configuration of Emergency Access Management, Maintaining the configuration parameters, Creating Firefighter ID, Maintaining Firefighter ID Owner and Controller, and Assigning Firefighter ID to the user.
Have a very good functional knowledge of Access control components - GRC-SAC-ARA (Access Risk Analysis), GRC-SAC-ARQ (Access Request), GRC-SAC-EAM (Emergency Access Management)
Training the users on Firefighter usage, Mitigation monitoring, and the workflow of the requests. Approval training for managers and role owners, sessions on risk analysis, and mitigating the risks for SOD correspondents.
Security Audit - Worked with the various Business stakeholders and Audit teams in identifying risks, mitigation controls, and approval workflows in consideration of current processes. Provided reports to the internal and external auditors and created custom audit roles based on audit needs. Performed Audit activity for India Business and BeNeDech (Germany, Switzerland, Belgium & Netherlands)
Extensively worked on the preparation of monthly KPI reports and scheduling the background jobs for risk simulation to prepare theSOD authorization matrix region-wise.
Worked with the business SOD mitigating control monitors to ensure effective/accurate monitoring is occurring in a timely manner.
Importing roles to the GRC repository and mapping the roles and having a good understanding of role methodology and approval methodology.
Contributed to multiple scheduled and ad-hoc projects concurrently as well as delivered day-to-day responsibilities. Executed security maintenance processes and procedures as defined.
Developed and documented SAP security policies, procedures, and guidelines.
Provided solutions to SAP security-related issues as quickly as possible through detailed analysis and persistence. The reported root cause for all security-related issues.
Performed periodic self-assessments/audits of the security environment.
Performed remediation and mitigation against various risks associated with roles and users. As per the process of remediation activities, creation of Mitigation control ids and assigning the same to users as well as roles. Creation of Owners, Approver´s and Monitors and assigning to Mitigation controls. Updating of controls and approvers as per the requirement.
Onsite Live Support (BeNeDech) for Supporting Go Live for BeNeDech Project. Actively Supported 2500 users during the Go live period of 15 days.
Supported - Monthly Reports, Year End process support performing Locking users, unlocking users, and monthly maintenance activities.
Working on a ticketing tool to resolve the issues & problems in different kinds of SAP Security Modules.
Participated in the Digital Transformation program of Schneider.
Extensive knowledge of Internal Control and Segregation of Duties.
Participated in Meetings with Schneider Electric Global Internal Control team on Segregation of Duties and reduction of Risks from Business users' accounts as a part of the Remediation process.
Worked extensively with the Internal Control teams during Audit reviews related to SAP by connecting with KEY users to find the level of access those were granted/removed during the migration of employees from one Entity to another.
Participated in Yearly Global Audit reviews conducted by auditing companies and worked extensively with external Auditors.
Have worked extensively with KEY users and Internal Control Teams to reduce the risks below 20% using remediation techniques.
Have worked with the RPA team on the development of RPA bots for the Finance domain which has automated many manual tasks and reports which has led to an increase in efficiency.
Possess extensive knowledge of DPA (Data Protection Act) which prohibits revealing information like Ban Account, Age, and name to others except the users.
Have knowledge about SOX Audits and SOD (Segregation of Duties) while mitigating Risks.
Worked for More than 3 ERPs – Turkey, SNB, BeNeDech & provided backup support.
Handling 4 GET resources within the team assigning daily tasks and updates & Process Training
