SAP Security Consultant - GRC Module

Job Description :

Responsibilities and Duties :

1) User Administration :

- Providing user administration, authorization administration, monitoring and security concepts in different systems.

- Managing super user administration and monitored technical firefighter activity.

- Performing user Administration & adding authorization to users.

- Providing role maintenance and user administration support.

- Creating/Modifying users via GRC

10.1 User access Templates

2) Role creation/ Management (PFCG) :

- Performing Profile Generation PFCG to create roles/profiles for various modules such as MM, FI/CO, and SD.

- Creating single roles, Composite roles, and parent & derived roles as per company requirement using PFCG.

- Creating new role sets for new companies/roll out projects

- Creating single roles, composite roles and derived roles as per organizational structure in R/3systems using PFCG.

- Assigning/Removing roles to/from users using the GRC 10.1 tool

- Importing newly created roles into the GRC 10.1 system with the appropriate approvers and functional areas as per business requirements

3) Authorization Checks (Su53) :

- Assisting users in troubleshooting and identifying authorization issues using authority checks (SU53), system trace (ST01) and STAUTHTRACE transactions.

- Working on access/authorization related issues using SU53 report.

- Identifying missing authorizations with the use of SU53; upon seeking manager approval, maintained those using SU24, PFCG and role assignment.

- Creating & managing the scheduling of batch jobs working with T-Codes SU53 and SUIM for giving authorizations.

4) Authorization Objects :

- Testing customized Z transactions for functionality and added manually the authorization objects and field values as per security guidelines.

- Checking for authorization objects in ABAP code for Z-transactions and maintained them in SU24 for the respective Z-transactions

- Regenerating profiles of all associated roles after maintaining new authorization objects/values in SU24

- Protecting critical t-codes and critical authorization objects against unauthorized access.

- Working effectively with functional team MM, FI, SD to maintain correct authorization objects into newly developed transactions

Key Responsibilities :

- Firefighter creation and assignment, log checking

- ARM request monitoring and processing

- Understanding of Workflows and experience in configuring Workflows in GRC

- Hands on experience in GRC MSMP configurations

Key Performance Indicators :