Anil Kumar is a SAP Security and GRC Consultant with over 3 years of experience working at Wipro Technologies. He has extensive skills in SAP Security Administration, Authorization, and GRC Access Control. Some of his responsibilities include user administration, role management, access risk analysis, and ensuring compliance with SOX controls. He provides support for multiple client systems and leads security-related projects, trainings, and documentation efforts.

1. Sensitivity: Internal& Restricted
ANIL KUMAR
Email:mailtoanil.kumar1@gmail.com
Phone:+91 9066740788
PROFESSIONALSUMMARY:
Work Experience : Presently working as a SAP Security and GRC Consultant with Wipro
Technologies since Feb 2015.
Have 3+ Years of experience in SAP Security R/3 / ECC 6.0 and GRC 10.1 and ICS audit. This
includes Client Interaction and working with different teams (functional, ABAP & Basis)
with various support activities. Extensive experience in SAP Security Administration &
Authorization. Having a good hands-on experience in GRC Access Control 10.1
TECHNICALSKILLS:
SAP Security Skills
 User administration involving creating users, modifying users, copying users, deleting
users, assigning roles & profiles using SU01, Mass User Maintenances with the help of
SU10.
 Proficient in use of standard security administration tools such as Profile Generator for
Authorization Profiles/Roles administration.
 Creation of Single Roles, Composite Roles, Derived Roles using PFCG and assigning to
Users and perform user comparisons.
 Day to day User management, role management and transport management activities.
 Used CUA to maintain users (Creation, deletion, locking etc.)
 Monitoring the critical transaction codes and ensures that they are assigned to the
concerned users only.
 Good working knowledge on Tables like AGR*, USR* to provide the solutions based on
the client requests.
 Extensively used SU53, ST01 & SUIM to assign missing authorizations to the users.
 Expertise in restricting the Table access for a user by using S_TABU_DIS.
 Expertise in restricting Reports access for a user by using S_DEVELOP & S_PROGRAM.
 Creating and maintaining User groups with SUGR for easy user administration.

2. Sensitivity: Internal& Restricted
SAP GRC Skills
 Analyzing the SOD Conflicts at User level and Role level by using Access Risk Analysis
(GRC 10.1).
 Determine and report if any risks will be introduced by simulating the addition of
transactions, Role, or Profile to a User ID by using GRC RAR and GRC ARA.
 Mitigation and remediation of users and roles for SOX using User/Role Analysis in RAR.
 Producing SOD Analytical Reports (both Summary and Detail) against Users, User
Groups, Roles and Profiles using ARA.
 Creating monitors and approvers and mapped them to the mitigation controls for any
kind of risk associated with a user, role or profile.
 FF governance, Role Upload, ORU/ User group creation and mapping, Functional area
creation etc. in GRC.
 Scheduling Ad-hoc jobs in GRC for user and role sync, critical action/ critical permission,
etc.
 Providing Emergency access to functional, technical & audit team members using EAM.
 Creating Firefighter IDs and assigning the Firefighter IDs to Owners and Controllers.
 Having knowledge on troubleshooting issues related to GRC request by analyzing the
root cause via t-code SLG1.
ICS audit Skills
 Worked on aligning important security parameter settings, default users, default
SAP_ALL & SAP_NEW profiles.
 Working on Audit Issues created by External Auditors.
 Involved in Audit Interviews with External Auditors.
 Operational Monitoring of various controls.
 Worked on an activity to maintain illegal passwords in table USR40 to have the system
stable (prevent system for Bruce – Force attacks).
 SOD Checks – Monitored users having High & Critical access – Took action to mitigate &
remediate users to keep the SAP system secured.
 Monitored Firefighter Usage Controls
 Monitored usage & logging of critical tables & client opening for direct changes.
 Monitored users having critical, limited allowed access to important actions &
permissions.
 Critical SAP Support Issues.
 Risk Analysis of Users having SOD Conflicts.
PROJECT:

3. Sensitivity: Internal& Restricted
Organization : Wipro Technologies.
Role : Consultant - GRC and SAP Security and Authorization.
Project : Maintenance and 24/7 Support of the entire SAP Systems.
Duration : February 2015 – Till date.
Team size : 15 Members.
Role and Responsibilities:
 Technical analyst for SAP security in production & non-production environments.
 User Administration–To ensure the integrity of SAP Security by actively creating,
maintaining, deleting and locking of users, Default tab maintenance, password reset,
creating user group, role assignment of R/3, BW and other different systems.
 Experience and knowledge of security procedures for user creation, maintenance in
client-specific user administration model and central user administration (CUA).
 Proficient in troubleshoot authorization related problems using SU53, ST01 and
SUIM.
 Copying and Modifying SAP-Provided User Role Templates and also created a set of
custom user role templates.
 Excellent communication and follow-up skills in gathering requirements from
functional teams and data owners.
 Developed and documented security policies and procedures, user maintenance,
activity group and role maintenance using profile generator.
 Mentor and provide guidance to new project team Security Analysts on the Security
and authorization concept.
 Resetting the LDAP connection when issue arises for synchronization between GRC
and active directory.
 Monitoring the list of users with critical T-codes and critical profiles like SAP_ALL &
SAP_NEW.
 Experience in defining background jobs, scheduling, modifying, deleting and
analyzing the jobs and regularly monitoring the job logs and the job status.
 Identify and document issues and risks as needed and submit weekly status reports
to higher level management.
 Mitigation and remediation of users and roles for SOX using user/role analysis in
ARA.
 Creating Firefighter IDs and assigning the Firefighter IDs to Owners and Controllers.
 Creating new risks/functions and modifying the risks/functions whenever it is
required.
 Respond to requests, gathering all the requirements needed for functional team and
business and prepare SAP security reports based on management and department
needs.

4. Sensitivity: Internal& Restricted
 Worked on ticketing tool (SM7 and SNOW) to resolve the issues and problems in
different kinds of SAP modules.
 Collaborate with other team members and business representatives to ensure that
security roles, authorizations, activity levels and settings meet the client
requirement.
 Securing Standard users like SAP*, DDIC against misuse.
 Contribute to the documentation for the various tasks that we perform on daily
basis.
 Technical trainings and Knowledge transfer for the team members and lateral
joiners.
 Work in shifts to provide support to Philips global operations. Supported during
weekends and also for various migration activities.
 Performing various ICS audit activities like taking samples for actions performed in
SAP production environment to ensure that the activities are performed under SOX
compliance.
Educational Qualification:
Completed M.C.A with 89.75% from Pondicherry Central University, Puducherry
Personal Details:
 Date of Birth : 09th October 1990
 Father’s Name : Surendra Prasad
 Language : Hindi ,English
 Nationality : Indian
 Sex : Male
Declaration: I declare that the above details are true to the best of my knowledge and
belief.
Date:
Place: Bangalore (Anil Kumar)