K.

MAHENDRA

Contact: +91- 9966266174

E-mail: Mahendra2525k@gmail.com

Professional Profile

I am an enthusiastic and professional SAP Security and GRC Consultant with 5.7 years of experience Experienced in
working for Full Life Cycle Implementation, Go-Live, and Post-Go-Live, and Involved in multiple tasks of production
support, migration, and rollout projects.
Professional Summary

 Having 5.7 years of IT experience as an SAP S/4 Hana Security & GRC Consultant.
 Experience with the following SAP Products: S/4 HANA ,ECC 6.0, FIORI 2.0 and GRC AC 10.1 & 12.0 &
Hana DBA Knowledge, Success Factors.
 Experience with GRC AC 10.1 including EAM, ARA, BRM, ARM.
 Setting up & Managing Connectors and the Connector Groups.
 Configured the MSMP workflow (setting up Initiators, Agents, and Routing rules & customizing notifica-
tions as needed).
 Having experience in creation of roles and assigning to users as per client requests (PFCG).
 Performed Transportation of newly created roles/ modified roles.
 Analyzing Missing Authorizations by using SU53 & ST01.
 Table Security by assigning authorization groups and maintaining Authorization object S_TABU_NAM.
 Importing Roles into BRM.

SAP ECC 6.0 Experience

 User administration involving creation/deletion/locking/modifying users

 Role creation and Administration.
 Created and maintained Single, Derived and Composite Roles
 Analyze and fix the missing authorizations using SU53 & ST01 Trace
 Working with User Information System (SUIM)
 Good experience on USR*, AGR* tables.
 Performed Transportation of newly created roles/ modified roles.
 Created and given authorization groups for table access to users.
 Termination of inactive users
 I have created multiple users at a time using E-CATT script
 Manual addition of authorization objects as per business requirement.

GRC AC 10.1 EXPERIENCE:

 Maintaining Connectors and Connection Type

 Mapped Owners, Fire-fighters and Controllers using NWBC.
 Maintaining EAM Parameters and ensuring that it is FF ID based, Executed Synch. Jobs.
 I Have Good Working Knowledge Upload & Downloaded Global Rule Set.
 Worked on Emergency Access Management configurations, Create FFIDs, Maintain in FFID Owners,
FFID Controllers, Assign Owner to FFID, Assign FFID to Controller and fire-fighters, Create a Reason
Codes.
 Assigning the Fire-fighter ID to the users with proper approvals.
 Running ARA analysis based on the user, Role and Risk level.
 Created Mitigation Approvers & Monitors and Created Mitigation Control ID’S
 Configuring the AC Owners, Role Owners in Assignment Approver, Role Concept Approver. Mitigating
approver and monitor etc.
 Configuration of Default Roles for ARM
 Configuration of Initiator Rule, Agent Rule and Routing Rule using MSMP with BRF+
 Generated MSMP Rule for Process with MSMP workflow
 Configuration of PSS.
 Importing of roles into BRM
 Worked Custom Initiator rule And Agent Rule.

BPC 10.0/BI 7.0 Experience

 Creating Analysis Authorizations using RSECADMIN

 Restricting Roles to Reporting Users using S_RS_COMP and S_RS_COMP1 and S_RS_FOLD
 Working Knowledge on Role administration and User administration
 Creating of Users and mapping them to a Team
 Creation of Data Access Profiles and Task Profiles
 Assigning Data Access Profiles and Task Profiles to users and teams.

Experience

 Gateway role design to include Catalogs, Groups and ODATA.

 Backend role design to include T-code, ODATA, Webdynpro with Authorizations.
 Trace error log analysis for missing Services and Backend authorizations.
 Activation of OData Services Fiori Security
 Clearing Cache and Troubleshooting issues related to Tiles

Formal Qualifications

 M.B.A-Master of Business Administration from Madanaplle Institute of Technology & Science College,
affiliated to ( JNTUA )-University Ananthapuramu.
 B. COM (Computers) from H.M Degree College, affiliated to S.V University Tirupathi.

SAP Professional Summary

Client ABinbev at ITC Infotech India Limited

Duration AUG 2023– Till Date

Environment SAP GRC AC 12.0 Systems & FIORI 2.0, S/4 HANA

Team Size 4

Client Profile: Anheuser-Busch (ABinbev )was established in 1852. InBev employed close to 89,000 people, running
operations in over 30 countries across the Americas, Europe and Asia Pacific. In 2007, InBev realized 14.4 billion euro
of revenue and 630 beer brands in 150 countries. Anheuser-Busch InBev, often abbreviated as AB InBev, is a
multinational beverage and brewing company headquartered in Leuven, Belgium. It is considered one of the largest
and leading beer companies globally. AB InBev was formed through the merger of three major brewing companies:
Interbrew from Belgium, AmBev from Brazil, and Anheuser-Busch from the United States.

ROLES AND RESPONSIBILITIES:

 Extensive experience in Requirement gathering, the business, and designing new roles developed new
roles in the sap S/4 Hana Landscape.
 Creations of Technical and Business Catalogue’s using n/ui2/flpcm_cust as per the requirement.
 Creations of Technical Catalouges+TM using /n/ui2/flpd & Map to BC to TC , Tile &TM.
 Converting a Transaction to the Business App’s using Semantic Objects
 Under ARA, performed User & Role analysis to identify existing SOD violations risk.
 Performed mitigation against various risks associated with roles and users.
 Configuration of MSMP workflows with BRF+ Application.

Client Holcim group at Tata Consultancy Services

Duration Feb 2022–Apr 2023

Environment SAP GRC AC 12.0 Systems & FIORI 2.0

Team Size 6

Client Profile: Jan Jenisch, Holcim Group, legally known as Holcim Limited, Full form as LafargeHolcim is a Swiss-
French multinational company in Switzerland that manufactures building materials. Around 72,000 employees,
Holcim Group operates in around seventy countries, and focuses on cement, aggregates , and net sales of CHF 26.7
billion in 2019. The 280th largest public company in the world our cement range helps deliver innovative and
sustainable building solutions,

ROLES AND RESPONSIBILITIES:

 Configured workflows and rules using MSMP and BRF+.
 Configuration of Default Roles for ARM.
 Approving the Work in box requests and monitoring the Risk Analysis.
 In success factors Admin center give Permissions and Super user access & Fire Fighter Access.
 Good knowledge in customizing FIORI Launchpad per client branding and requirement
 Extension of Standard FIORI applications as required by the business.
 Configuration for Fiori Launchpad,catalogs,tiles ,and PFCG roles
 Handled Launchpad customization and PFCG roles
 Knowledge in creating end to end FIORI and SAPUI5 Apps using OData Services
 Security SAP Note implementation/ Profile Parameter
 Performing user administration tasks like creation of new account, change account etc. through ARM.
 Imported roles into GRC using BRM.
 Imported Roles into BRM and ensured that they can be used in ARM

Client South32 Limited at Tata Consultancy Services

Duration Feb 2021 – Jan 2022

Environment SAP GRC AC 12.0 Systems & FIORI 2.0, Success Factors.

Team Size 5

Client Profile: Graham Kerr,Soth32 limited South32 is a mining and metals company headquartered in
Perth, Western Australia. It was spun out of BHP Billiton on 25 May 2015 the company is listed on
the Australian Securities Exchange and secondary listing Johannesburg. As of 31 December 2015, South32
had 15,545 employees. The Group’s turnover in 2015 totalled US$ 11,035 Million.South32 is a globally
diversified mining and metals, South32 has operations in Australia, South Africa, Mozambique, Colombia
and the United States, minority partnership (36%) in an alumina refinery in Brazil. With a focus on growing
our base metals exposure. We are trusted by our owners and partners to realise the potential of their
resources, grow sustainably and profitably while delivering excellent value to all our stakeholders

ROLES AND RESPONSIBILITIES:

 I Have involved implementation of ARM like configurations in SPRO
 Design of Reports in GRC Reports and Analytics for User, Role and Risk statistics as per Business input.
 End user Automated Role provisioning with Risk validation through Compliant User Provisioning.
 Develop profiles/roles which including complex design restrictions
 Develop authorization for the BI Reporting & Analytics.
 SAP GRC Access Control implementation: Activation of business configuration sets, Configuration of
Connector groups, Synchronization jobs setup and monitoring.
 Mass changes to Risk analysis Rule library through Excel upload
 Creating Fire-fighter Id’s, Fire-fighter Owners and Controllers as per the business requirement
 Giving Fire Fighter Access to the users in emergency situations.
 Creation and Maintenance of Functions, Risks, Owners, Risk Analysis, Mitigation controls. Firefighter/
Owner/ Controller management in Emergency access management.
 Configuration of MSMP workflow/ mapping of MSMP Process IDs to ARM Requests, customization of
request screens, Template management.
 Mapped Owners, Fire-fighters and Controllers using NWBC.
 Maintaining EAM Parameters and ensuring that it is FF ID based, Executed Synch. Jobs.
 I Have Good Working Knowledge Upload & Downloaded Global Rule Set.
 Worked on Emergency Access Management configurations, Create FFIDs, Maintain in FFID Owners,
FFID Controllers, Assign Owner to FFID, Assign FFID to Controller and fire-fighters, Create a Reason
Codes.
 Assigning the Fire-fighter ID to the users with proper approvals.
 Importing of roles into BRM
 Configuration of Default Roles for ARM Running ARA analysis based on the user, Role and Risk level.
 Performed Remediation & Mitigation against various risk for users & roles.
 Maintaining Rule Set, Function ID & Risk ID with Risk Owners and generating rules.
 Performs Segregation of Duties (SOD) analysis and manages the mitigation process (including transaction codes
and permissions).
 Worked on User Information System (SUIM) for getting the different kinds of output related to users, roles, au-
thorization objects, and change documents for the users and roles
 Performs Segregation of Duties (SOD) analysis and manages the mitigation process (including transaction codes
and permissions).
 Authorization checks using transaction SU24 and maintained check

Client PostNord at Capgrmini Technology Services Pvt Ltd

Duration Dec 2019 – Dec 2020

Environment SAP Security Support for R/3 System & GRC AC 10.1 Systems.

Team Size 4

Client Profile: Peter Kjaer Jensen , PostNord implemented a new organization in 2014 with three focus areas Mail &
Communication, logistics, and e-commerce. In 2019, PostNord delivered 2.9 billion letters and shipments, 179 million
parcels, PostNord connects people and businesses reliably, efficiently and on time, As of 31 December 2017,
PostNord had 29,596 employees. Our strategic direction is to be a leader in parcel distribution and e-commerce, as
well as having a sustainable, demand-driven letter delivery business, People have been sending letters to one
another for thousands of years.
ROLES AND RESPONSIBILITIES:

 Extensive experience in Requirement gathering, to the business and design new roles developed new roles in sap
landscape.
 Support Basis team for mass users lock and unlock in migration and systems clean up and during systems main-
tenance.
 Extensive User and Role maintenance experience.
 Central User Administration (CUA) experience to create users, assign roles, and maintenance.
 Maintenance experience. Broad experience in maintaining single, composite, master, and derived roles and busi-
ness roles using Profile Generator (PFCG) based on business requirements.
 Expertise in SAP Security and Authorizations which includes User Management, User Administration, Monitoring,
and troubleshooting User authorization issues using SU53 Tracing (ST01) and STAUTTRACE
 Implemented access security-related related tables (AGR_, USR_ and Custom Tables) and sensitive authorization
objects (S_TABU_DIS, S_ TABU_NAM, S_DEVLOP, and S_PROGRAM, S_DATASET etc.).
 Very good knowledge of producing and analyzing reports in using SUIM, security-related tables (AGR*, USR*,
etc.), and customized Query reports.
 Experience setting up users and security on Enterprise Portal and creating users/user groups, adding new ap-
provers in approver group and mapping role as well.
 Experience in setting up Single Sign-On concept.
 Extensive experience with resolving ticket issues and troubleshooting security authorization problems trough
while adhering to Service Level Agreements (SLA).
 Experienced in adhering to the Change Management Process for transporting roles and tables, security objects,
and maintaining the change documents.
 Doing internal audit and systems clean-up activity and RPA activity.
 Good knowledge of creating and assigning customize authorization groups to tables using transaction T-code
SE54
 Created customized and workbench requests and release TR’s dev, Q and PRD.
 As per the business requirement change the role approver and role owners in CP tool GRC workflow (control pe-
nal)
 Configured roles and authorization objects to secure reporting users.
 Tracing the users, SAP objects, and custom reporting authorization objects to debug an authorization error, re-
solving the issue by giving required authorizations (RSRTRACE, RSECADMIN)
 Worked with the t-code for creating custom authorization objects S_RS_AUTH for assigning authorization objects
for BW query end-user roles
 Changed existing roles and removed transaction codes to resolve critical access and SOD conflicts in the system.
 Experience in Role Comparisons for role consistency and creating Analysis Authorizations for Reporting users

Client Himatsingka Group

Duration Dec 2017 – Nov 2019

Environment SAP Security Support for R/3 System & BPC 10.1 BI 7.0.

Team Size 3

Client Profile: The Himatsingka Group is a vertically integrated Home Textile major with a global footprint. The
Group focuses on the manufacturing, retailing and distribution of Home Textile products. Spread across Asia, Europe
and North America, its retail and wholesale distribution divisions carry some of the most prestigious brands in the
Home Textile space and cater to Private Label programs of major retailers across these geographies.
● Transporting roles, managing mass transport with PFCG, SE10.
 Handling end user tickets & providing solutions.
 Reinstate the user access by client manager approvals.
 Locking/deactivating accounts as per client request
 Mass user Maintenance using SU10.
 Maintained Illegal Passwords Using USR40.
 Maintained table security using authorization groups.
 Analyze and fix the missing authorizations using SU53 & ST01
 Experience in SUIM: User Information system.
 Maintained table security using authorization groups.
 Good working knowledge of AGR* and USR* tables and monitoring background jobs.
 Adding Authorization Objects to Custom T-codes.
 Worked on SU24 Changes and marinating the check proposals.
 Provided Production support to BPC 10.0
 Creating of Users and mapping them to a Team
 Creation of Data Access Profiles and Task Profiles
 Assigning Data Access Profiles and Task Profiles to users and team
 Creating Analysis Authorizations using RSECADMIN
 Performed Trace by using RSECADMIN
 Updating transactions via SU24 (managing authorization objects)
 Develop profiles/roles which including complex design restrictions
 Develop authorization for the BI Reporting & Analytics.
 Security SAP Note implementation/ Profile Parameter
 Design and creation of roles, users, and analysis authorization in BI.
 Internal / external audit experience preferred

Date :
Place :

( MAHENDRA K )