Sharan Pal Singh

· Currently working as SAP Security Lead (L3 Support) in onsite role in Milwaukee, WI (US) for SAP Security project with an industrial automation giant.

· Responsible for support for all SAP systems in client landscape (ECC, CRM, BI, GRC, SNC, GTS, GRC, BW on HANA, SRM, BoBJ, Data Services / Info Steward, CHARM, HANA Database, BTP, SAP Portal, Fiori, Gateway).

· Responsible for all SAP security related tasks such as user administration, role administration, monthly licensing reporting, user access review, troubleshooting authorization and SAP access issues.

· Providing SAP security support for rollouts, implementation of new company codes, plants etc.

· Analyzing and evaluating the technical security requirements for current SAP landscape.

Execute all tasks related to user administration for all SAP non-prod systems such as creating users, mass update of users, password reset, Lock/Unlock, Creation of test-ids, Assignment of user groups.

· Audit support for IT Controls / SOX controls for SAP application

· Perform user license consolidation review (annual review) for all Development and Production systems as per request from SAP. (SLAW and USMM)

· Administration of SAP Market place , S-Ids / accounts creation, create Developer key and object key for Developers

· User Administration for R/3, BI, GRC as well as Enterprise Portal

· Roles and Profiles Management.

· Processing GRC workflow requests

· Generating monthly Sod Conflicts report for further analysis by management, assigning mitigating controls/removing conflicting roles as per instruction from management.

· Periodic review of Mitigation Controls

· Coordinating with Internal audit /business owners for assignment of Mitigation controls, monitor update, extension per instruction Password Security configuration for R/3 as well as Enterprise Portal.

· Resolving ticket issues and troubleshooting security problems while adhering to Service Level Agreements (SLA).

· Assisting Internal & External auditors with required reports.

· Performing Quarterly User license review

· Preparing weekly management report of all incidents/issues managed by SAP security team.

Part of central team/audit engagements within Deloitte Enterprise Risk Services responsible for evaluating IT controls, coordinating, and conducting audits & management/client report preparation.

· Evaluating the design, implementation and operating effectiveness of SAP Technical controls related to global settings, client maintenance settings, background job administration, BDC users, data dictionary modification, password parameters, profile maintenance, company code status.

· Reviewing effectiveness of SAP controls related to user and profile administration, access to 'SUPER' profiles (SAP_ALL, SAP_NEW, S_A. SYSTEM, S_A. DEVELOP) access to maintain RFC connections etc.

· Performing review of default user id's (SAP*, DDIC, SAPCPIC and EARLYWATCH).

· Assessing the design, implementation and operating effectiveness of SAP controls related to change management such as access to workbench organizer, access to STMS (Transport management system) and access to developer key with a strong focus on segregation of duties and access rights and preparing client reports/recommendations for implementing the same.