Raghavendra Nagari

SAP Security/GRC Consultant.

Professional Summary:

 Having around 5.1 years of professional Experience in SAP R/3, & GRC10.
 SAP security administration with progressive experience in new Role design, resolving tickets, and daily
production support issues.
 Experience on sap security support and security role design projects.
 Attend weekly tickets status update call with onsite managers
 Working on high priority tickets and closing them within SLA
 SAP R/3 Security Production Support for daily monitoring, maintenance and support for SAP.
 Extensive knowledge and experience with SAP Security Administration and Authorization including user
management, profile generator (PFCG).
 Transporting Single, Composite and Derived Roles manually within and outside transport landscape.
 Supporting GRC Development and Production systems
 User creation in NWBC using new user account form or access request creation form and change user
request form
 Role import from backend systems using Role import option in NWBC (Using Role attribute template)
 Run back ground jobs in full sync mode and incremental mode
 Resolving large number of production support tickets involving user access issues and authorization
defects/user lock/unlock issues/password resets.
 Responsible for day to day technical support and resolution of security issues, trouble shooting
o R/3 security issues.

Experience Summary:

 Working as a SAP Security & GRC Consultant with Wipro from July 2018 to Jan 2019.
 Working as a SAP Security & GRC Consultant with DXC Technologies from Oct 2017 to May 2018.
 Working as a SAP Security & GRC Consultant with Concentrix from April 2015 to Aug 2017.
 Working as a SAP Security & GRC Consultant with HCL Technologies from Aug 2013 to March 2015.

Technical Skills:

ERP Applications : SAP R/3 4.7 EE, ECC 6

Project Summary:

Project #1

Company: Wipro
Client: Wipro internal project.
Environment: SAP R/3, GRC 10.1.
Role: SAP Security & GRC Consultant
Duration: July 2018 to Jan 2019,

Roles and responsibilities:

 User Administration includes user creation & modification in Dev, Quality, Prod systems
 Role Design and Development - This includes role creation, change, design, and deletion using profile generator
PFCG (single roles, composite roles, and derived roles)
 User Administration activities for single and mass users.
 Master Roles, Single Role and Composite Role Creation
 Trouble shooting all types of authorization failures based on SU53 and return codes of ST01 trace.
 Adding and removing of Transaction Codes, authorizations, and authorization objects by modifying existing roles
based upon change request.
 Restrict table access through authorization groups.
 User administration like creating users, role assignment, account lock and unlock in ECC, R3.
 Access restriction on program level and table level using S_TABU_NAM, S_TABU_DIS.
 Access restriction on Background job scheduling using S_BTCH_JOB, S_BTCH_ADM
 Access restriction on organization values using master and derived role concept.
 Restrict table access through authorization groups.
 Working with profile generator (PFCG) in creating Single roles, composite roles and derived roles.
 Applying the system trace ST01, STAUTHTRACE and SU53 to identify and resolve authorization issues for end
users.

Project #2

Company: DXC
Client: CSC project
Environment: SAP R/3, GRC 10.
Role: SAP Security & GRC Consultant
Duration: Oct 2017 to May 2018,

Roles and responsibilities:

 Working with profile generator (PFCG) in creating Single roles, composite roles and derived roles.
 Resolved users missing authorization issues with help of SU53 and ST01.
 Maintained updated knowledge of generating/ evaluating reports in SAP using SUIM
 Created user groups with help of SUGR and assigning user groups to users.
 Managed administrative issues related to creation, modification of roles, role transporting
 Involved in maintenance of single, composite and derived roles using Profile generator
 Managed table access to users with help of S_TABU_DIS authorization object.
 User administration (modifying, and deleting, locking, unlocking and resetting passwords).
 Extract the report from AGR_1251 and AGR_1252
 Identify the roles which has critical tcodes and sensitive authorization objects
 Design the security roles as per SOD
 Create Test Ids, assign roles to the user ids give it to end-users for UAT Results
 Create the single/Master/Derived/Composite Roles in Development system and move it from Development to
Production
 Restrict table access through authorization groups.
 Master Roles, Single Role and Composite Role Creation
 Access restriction on program level and table level using S_TABU_NAM, S_TABU_DIS
 Managing mass transport with PFCG and, SE01, SE09, SE10.
 Updating FF owners/monitors as per the requirement.
 Scheduling background jobs to synchronize data between target systems and GRC system.
 User creation in NWBC using new user account form or access request creation form and change user request
form
 Role import from backend systems using Role import option in NWBC (Using Role attribute template)
 Run back ground jobs in full sync mode and incremental mode
 Firefighter assignment to FF ID
 Controller assignment to FF ID
 Maintaining approver delegation
 Owner Assignment to FF ID

Project #3

Company: CONCENTRIX
Client: Dunkin' Brands Group, Inc.
Environment: SAP R/3, GRC 10.
Role: SAP Security & GRC Consultant
Duration: April 2015 to Aug 2017,

Roles and responsibilities:

 SAP GRC Access control role import, creation of mitigation controls, assignment of firefighters to the FFID,
Controller
 Have Support Experience on ECC6.0/GRC AC 10.0
 Experience in support and role redesign project(Involved in UAT and Unit Testing)
 User administration like creating users, role assignment, account lock and unlock in ECC, R3.
 Create Single Roles, Derived and Composite roles with ORG level restrictions in ECC 6.0
 Role delete and transport from development to production system
 Analyze the user authorization problems by using SU53, SUIM,ST01
 Restriction of Tables Worked on critical authorization Object like S_TABU_DIS
 Schedule background jobs using SM36 and monitoring jobs using SM37
 Extensively used tables like AGR_USERS, AGR_TCODES, AGR_1251, etc.
 Resolved daily SAP Security authorization Issues
 Experience in role redesign project and role development project
 Having knowledge on SAP GRC 10.0
 Maintain role owners in Access control owners ( NWBC)
 Maintaining approver delegation
 Scheduling background jobs to synchronize data between target systems and GRC system.
 User creation in NWBC using new user account form or access request creation form and change user request
form
 Maintenance of User Master Record & Support End Users with Security issues.
 Worked on SU24 to maintain Check Indicators for the Transaction Codes.

Project #4

Company: HCL Technologies

Key Responsibilities:

 Involved in setting up security guide to define security guidelines for implementation of security across
work streams of solution (application and technical)
 Trouble shooting and fixing authorization issues in production, Quality, Development
 Creation of Roles (Single, Composite & Derived, Master, object type roles)
 Hands on experience on ECC Security
 Identified existing SOD violations under risk analysis and remediation including evaluation of users & roles
 Worked on standards/ conventions encompassing role development & support
 Maintained updated knowledge of SOD (User & Role) level analysis, sensitive transactions analysis
 Supporting GRC Development and Production systems
 User creation in NWBC using new user account form or access request creation form and change user
request form
 Role import from backend systems using Role import option in NWBC (Using Role attribute template)
 Run back ground jobs in full sync mode and incremental mode
 Firefighter assignment to FF ID
 Controller assignment to FF ID
 Owner Assignment to FF ID
 Update mitigation approver and mitigation monitor
 Perform user terminate activity as per the reports from managers
 Create customizing, workbench request using SE09/SE10
 Checking transport dependency using SE03
 Maintain role owners in Access control owners ( NWBC)
 Update role owners and approver delegation
 Attend weekly tickets status update call with onsite managers
 Working on high priority tickets and closing them within SLA