Download PDF


  • Senior SAP Security & GRC professional with experience of more than 11 Years  
  • Certified Information Security Manager® (CISM) from ISACA
  • Proficient with SAP security design, build, deployment, support and audits for standard role-based and position-based (structural) security.
  • Having strong technical knowledge of SAP security architecture and role based authorization models for SAP ECC, APO, SCM, CRM, BW/BI, Portals, XI/PI,MII ,ME, Solution Manager and GRC modules. 
  • Have executed multiple large, multi-year SAP Security implementation for different industrial domains. 
  • Rich experience in running SAP Security Upgrade project for ECC and BW
  • Experience in setting up and configuration of SAP GRC 10.0 and 10.1 for Access Control module. Experience in implementation, administration and support of GRC Emergency Access Management , Risk Analysis and SoD risk remediation. 
  • Good understanding of GRC configurations , security concepts and procedures
  • Experience in setting up and configuration of SAP GRC 10.0 and 10.1 for Access Control module. Experience in implementation, administration and support of GRC Emergency Access Management, Risk Analysis and SoD risk remediation.
  • Experience in role designing and implementation of security for SAP Solution Manager ChaRM , Business Process monitoring and RSLF.
  • Rich experience in Role Redesigning, CRM Business role based authorization, Structural position based security (HCM) , BI Analysis authorization, Portal security and CUA.
  • Ability to conduct significant data analysis using various SAP tables to support security, transaction, and controls projects while following SOX guidelines and industry standards
  • Experience in assessing an SAP installations in the context of Security, Business Controls, Internal Audit.
  • Strong knowledge of key business processes, segregation of duties (SOD), the inherit risks, as well as potential controls.
  • Ability to learn and adopt new technologies and processes released by SAP
  • Experience in integration of  SAP with other Identity Management tool like IBM Identity Manager (ITIM)
  • Able to execute multiple SAP security projects simultaneously involving all SAP systems (ABAP and Java) while taking customer in confidence 

Work experience

Oct 2016Present

Senior Consultant - SAP Security and GRC

  • Analyze the requirement from prospective client and prepare RFP response to show the proposed security and GRC architect
  • Lead offshore support and project team while ensuring customer satisfaction
  • Address the escalations and lead team to fix the issue
  • Build the security competency at offshore for account
  • Educate and train the team with new solution and technologies in SAP space
  • Communicate with client and suggest optimization for existing security process
  • Evaluate effort estimation for new enhancements and roll outs
  • Review the enhancements and security solutions for client
Dec 2013Oct 2016

Senior Consultant - SAP Security and GRC

  • Worked as onshore lead for major American motorcycle manufacturers
  • Lead team to provide support for SAP Security Architecture for ECC , APO, XI , BW/BI , Solman , ChaRM, Portal , MII and ME
  • Configuration and support for GRC AC 10.0 Emergency Access Management and Risk Analysis Remediation.
  • Part of team to upgrade GRC 5.3 VIRSA Firefighter to GRC 10.0 EAM
  • Designed roles and implemented security strategy for Solman ChaRM , Business Process Monitoring (BPM) and RSLF
  • Designed and provide support for CRM Business role based user provisioning
  • Lead Role Redesign project for client to address changing business requirement
  • Worked with other teams to sustain complex user provisioning mechanism where ABAP and Java systems are involved including MII and ME
  • Part of team to perform BI upgrade to switch to Analysis Authorization
  • Handled multiple project for client while leading the support team
  • Review and approve the security changes and role changes
  • Design security process and lead team for new roll outs
  • Review the feasibility of new projects and provide estimate with proposed security blueprint
  • Assist in the documenting, maintaining, and updating of security controls with a focus on User and Role administration-related controls and procedures.
  • Identify trends in reported security violations and recommend changes in policies, procedures, or user training/awareness to address unfavorable trends
  • Lead and provide technical support for customer Role implementation and /or Role redesign to define Roles and remediating potential Segregation of Duty (SoD) conflicts
  • Provide recommendations and guidance for the tuning and optimization of existing SAP security processes
Apr 2012Nov 2013

Consultant - SAP Security and GRC

  • Worked as offshore team lead for client who is major American motorcycle manufacturers
  • Driven knowledge transfer from client to Infosys team
  • Responsible for ensuring the defined strategy for design, deployment and maintenance of the SAP security architecture is adhered to and enforced. 
  • Responsible for working with Controls team to review and implement IT SOX controls and to support internal or external audits as required for any audit target associated with SAP. 
  • Lead a team to provide support for SAP Security architecture for system ECC , APO, XI , BW/BI , Solman , ChaRM, Portal , MII and ME.
  •  Handled security upgrade of system from R/3 4.7 to ECC 6.0
  • Design the security strategy for new rolled out  business process
  •  Periodically review the customer feedback and enhance the security process
  • Review the existing role design and create the new as per requirement
  • Mentor the team members on customer business process

Jan 2010Mar 2012

SAP Security Consultant / SAP Solution Manager Consultant

  • Blueprint preparation for SAP Authorization ,discussion with client regarding process responsibilities, level of securities and job functions
  • Documentation of transactions associated with job functions and preparation of SoD ( Segregation of Duties )
  • Create Authorization Management Procedures
  • Role creation and testing. Creation of User Master Models for Job Roles
  • Created maintained user master and established security policies and procedures.
  • Assisted in Sarbanes Oxley Compliance - SAP System Audit and documentation of significant processes and controls
  • Configuration of new dimension product Netweaver Business Client 3.0 (NWBC) on platform EHP4 ECC 6.0 with SAP Best Practices activated.
  • Installation of SAP ERP EHP4 ECC 6.0 ,Support Pack level upgrade of system, activation of Services and Business Functions.
  • Preparation of blueprint for SAP authorization while having discussion with Client to understand responsibilities for process and functions
  • Conduct authorization discussion with data owners
  • Preparation of SoD, Role creation and testing
  • Installation and configuration of SAP Solution Manager 7.0
  • Configure Early Watch Alert (EWA) Reporting by using DSWP
  • Configure Service Desk to create message, identify problems, email to end-user and Maintenance Optimizer
Dec 2006Jan 2010

SAP Security / Basis Administrator

  • Implementation of SAP Security Process and User Master Creation for newly configured landscape.
  • Creating Roles for Functional HR, FI, PS Users, Maintaining Authorization Roles, and Trouble Shooting Authorization Problems in development & production environments.
  • Responsible to handle the external system audit and implementation of audit compliance
  • Maintaining Clients and client-settings
  • Day-to-day production support, monitoring and Issue Resolution, proactive system analysis, Go-Live and Production support as required
  • Develop Profiles/Roles which includes complex design restrictions
  • Co-ordinate comprehensive testing of all profiles and authorisations to ensure accuracy and segregation of duties
  • Designed a comprehensive security Matrix that documented the security design and controlled the user requests in the production environment.
  • Developed, maintained and controlled the access of the project team members in the all environments
  • Maintaining company approved audit standards for SAP Application
  • Support for Pre-upgrade and Post-upgrade activities


RGTU , Bhopal ( India)

Aug 2001Apr 2005

Bachelor of Engineering (Computer Science)

Studied computer science engineering 

SVH School , Dewas ( India)

Jul 1999Apr 2000

Higher Secondary School (10+2)

Studied Mathematics, Physics and Chemistry 

S.A.C.H.School, Sonakatch (India)

Jul 1997Mar 1998

High School (10th)


Other SAP Systems




SAP Java based systems

SAP Portal

SAP Manufacturing Integration and Intelligence (SAP MII)

SAP Manufacturing Execution (SAP ME)

SAP Process Integration (PI)


C, C++, 


 AC 10 and 10.1 - Emergency Access Management and Risk Analysis Remediation

AC 5.3 - VIRSA Firefighter

SAP Solution Manager

SAP Solution manager 7.0, 7.01

Change Request Management (ChaRM)

Business Process Monitoring (BPM)

Run SAP Like a Factory (RSLF)

SAP ERP Packages:

EHP7 for SAP ERP 6.0, EHP4ECC 6.0, ECC 6.0, ECC 5.0, R/3 4.7, 4.6C, 4.6B, 4.0

Human Capital Management ( HCM)


Jan 2018Present

Certified Information Security Manager® (CISM)

ISACA  CISM certification number: 1839307


Mar 2011Present

ITIL V3 Foundation

ITIL® Foundation Certificate in IT Service Management