Mitul Jain SAP GRC Security
Download as DOCX, PDF•1 like•777 views
Mitul Jain has over 3 years of experience as an SAP GRC and Security consultant. He has worked on multiple projects implementing SAP GRC Access Control 10.x and securing SAP systems. His skills include role administration, user management, access request management, risk analysis, and emergency access management. He is currently working as a senior consultant with Ernst & Young Global Shared Services.
Mitul Jain SAP GRC Security
- 1. Curriculum Vitae August 23 2016Mitul Jain SAP Certified GRCConsultant I am a SAPGRC & Security consultantwith3+yearsof experience inSAP Security. 3+ Yrs Experience
- 2. Mitul Jain Email:[email protected] SAP Certified GRC Consultant +91-8237077705 Certificate ID : 0016316672 Objective To carve excellence in the field of SAP Security and GRC through dedicated effort in successful implementation of Security and to be a part of a progressive organization that gives me a wider scope and diversified opportunities. Profile Summary o Total Experience – 3+ years o 3 years of Experience in GRC AC 10.x o currently working as a Senior with Ernst & Young Global Shared Services o Experienced in supporting SAP modules like R/3, ECC 6.0, BI, and GRC Access Control 10.x o Worked on areas of GRC Access Control including Business Role Management (BRM), Access Request management (ARM), Access Risk Analysis (ARA) and Emergency Access management (EAM) o Worked on Ruleset review and redesign activities o Worked on process improvements to reduce cost and improve efficiency & reliability of the team o Working with profile generator(PFCG) in creating and modification of roles. o Working on User Admin and Content Admin on SAP EP Portals. o Experience in 24X7 on call production support. o Experience on user trace, troubleshooting authorization issue using SU53. o Frequently using SU01, PFCG, SE10, SE16, SU53, SUIM and SU10. o Enthusiastic about learning new concepts in emerging technologies. o Role Administration to create Single, Composite and Derived Roles o Good Expertise in using Profile Generator (PFCG). o Worked on maintaining the Analysis authorizations into the roles. o Worked on User Administration and Role Administration in the BI. o Worked on RSD1 checking Authorization relevant of Info Objects. o Working on Super User Privilege Management (SPM/EAM), Assignment of FIRE FIGHTER ID’s to the user and changing the validity of ID request & generating log reports. o Working on Role maintenance and Access controls in GRC. o Knowledge on HR Security SAP GRC Skills: o Performed SAP GRC10 post & pre installation steps and configuration for ARA, ARM and EAM o Configuration of customAgents & Initiators using BRF+ o MSMP Workflow Configuration for Access Requests. o Mapping role owner , Risk mitigator and controller in NWBC o Defining business process and sub process in SPRO. o Importing approverdetails against business process. o Performing Role sync activities. o Creating RFC connection for target system. o Maintained Connectors with Integration Scenario and Synchronization jobs scheduled for Repository Object Sync, Authorization Sync, Users and Transactions o Defined rule sets as required in project as per client requirements. o Defined and performed Risk analysis,Alerts & Mitigations o Defined customInitiator Rule in BRF plus for new user, change user, lock user and firefighter access and used in MSMP workflow; maintained MSMP workflows for agents,rules and paths auto provision settings
- 3. o Generated rules for Risk Analysis and configured Access Control settings with required parameters o GRC 10.0 support activities like Creation/modification of roles by using the enterprise role management o Creating the new User account and providing/removing o Experience on Audit projects and working as a liaison between the security team and auditors. o Configuration of Centralized Emergency Access Management (EAM). o Configured Role Management (BRM), Configured Role Methodology,and Plan for technical role, business roles. o Defined workflow related Multi-Stage Multi-Path (MSMP) Workflow Rules for Access requests o Defined and created business rules using the BRF+ Workbench Academic Qualification B.E. (Computer Science) from VTU University with 63.4% in the year 2012. Professional Experience 1. Project: SAP Security & GRC - R/3, HR ,BI, portal and GRC (Major Pharma Client) Organization: Accenture Services Pvt.Ltd. Duration:(June 2013 – Sept 2015) Responsibilities: o User Management: Expertise in user administration activities to process requests such as user creation and assigning Roles and resetting passwords, Lock/Unlock and other day-to-day operations relevant to the user administration. Modifying user authorization access, Analyses of missing authorizations from the SU53 screen shot or Tracing the user. Trouble-shooting authorization problems using repository Information System and tracing authorizations using SU53 and ST01 trace. o Central User Administration (CUA): Implemented CUA in Solman System. Configured and connedted 26 child systems. Maintain user master records centrally in one system. Checking SCUL Logs o Governance Risk compliance(GRC) v10.0,10.1 Performed SAP GRC10 post & pre installation steps and configuration for ARA, ARM and EAM Configuration of customAgents & Initiators using BRF+ MSMP Workflow Configuration for Access Requests. Performing Role sync activities. Creating RFC connection for target system. Maintained Connectors with Integrated Scenario and Synchronization jobs scheduled for Repository Object Sync, Authorization Sync, Users and Transactions Defined rule sets as required in project as per client requirements. Defined and performed Risk analysis, Alerts & Mitigations
- 4. Defined custom Initiator Rule in BRF plus for new user, change user, lock user and firefighter access and used in MSMP workflow; maintained MSMP workflows for agents, rules and paths auto provision settings Generated rules for Risk Analysis and configured Access Control settings with required parameters GRC 10.0 support activities like Creation/modification of roles by using the enterprise role management Creating the new User account and providing/removing Configuration of Centralized Emergency Access Management (EAM). Configured Role Management (BRM), Configured Role Methodology, and Plan for technical role, business roles. Defined workflow related Multi-Stage Multi-Path (MSMP) Workflow Rules for Access requests Defined and created business rules using the BRF+ Workbench o Portals Role assignment in portals, role mapping, user creation, deletion, content Administration and password reset. o Authorization management: Designing new roles (Single, Composite, Master and Derived Roles), creation/modification of roles. o SAP Service Marketplace: Opening OSS Connections at service.sap.comfor support. Raising OSS messages for SAP support o Working on small AD projects and support after Go Live o Quality Management: Performed peer review of fellow team mates and maintaining a log for the same. Identifying trend of incoming requests and come up with process improvements to reduce the request count and improve the efficiency of the team. Some of the process improvements worked out is automation of end dating and deletion of users, preparation of e-mail templates for communication with customers o Knowledge Transfer: Preparation of Knowledge Capture Documents of the various new improvements o Worked on tickets logged in BMC remedy and ITSM by the end users, fetching Dumps and maintaining various reports. o Mentoring new team members 2. Project : Pharma Client - SAP Security & GRC Implementation- R/3,GRC 10.1 Organization: Ernst & Young Duration:(Oct 2015 – present) Responsibilities: o Role Administration: Worked on creating / maintaining template roles, derived roles, single roles and composite roles using Profile Generator in SAP R/3 systems for APAC markets. Identifying and analysing localized requirements and creating roles based on the market requirement.
- 5. Used PFCG extensively to create and maintain roles Addition/Removal of Transaction Codes, authorizations, authorization objects by modifying existing roles based upon change request. Performed reconciliation of user master records and roles using T-code PFUD o Defect Maintenance: Worked on defects raised after PQ testing. Analysing Missing Authorizations and Troubleshooting security issues using SU53, ST01. Extensively used SUIM to get Transactions, Roles, and Users etc. Creating of Test IDs Worked on ECATT scripts for Mass user upload , Mass role assignment. Identifying new requirements based on the testing . Coordinate with functional / Client for Successful Testing Handling defects in HPALM Tracking System o Hypercare: Post Go Live Support Role validations after all roles has been moved to Production Handling incidents in Service Now Tracking System Worked on new role change requests after Technical go-Live. Ad-hoc Post go-live maintenance o GRC: Configuration for ARA, ARM and EAM Configuration of custom Agents & Initiators using BRF+ MSMP Workflow Configuration for Access Requests. Configuration of Centralized Emergency Access Management (EAM). Configured Role Management (BRM), Configured Role Methodology, and Plan for technical role, business roles. Trainings Attended o Attended GRC AC 10.0 training conducted by Accenture o Attended GRC Training conducted by Accenture o Completed SAP Basis training o Attended training on SAP Security – R/3, HR ,Portals o Attended Soft Skill development training. Personal Information Name: Mitul Jain DOB: 07/08/1989 Mobile: +918237077705 E-mail: [email protected] Languages: English, Hindi Marital status: Single