1. SAP Security Consultant Time Line
2015 2015
HCL
Technologies
Ltd
Spansion,USA
Name : Sonal 2014 2014
EMI Music,UK
Contact : +91-999-0-66-7324 2013 2013
Email : sonal.bajaj88@gmail.com 2012 2012
BSNL,India
2011 2011
2010 2010 B.Tech- KurukshetraUniversity-
74%
2006 2006 AISSCE- 77 %
2004 2004 AISSE- 78 %
Key Highlights
 Workingas Consultantin HCL TechnologiesLtd.
 5.5 yearsof experience in SAPSecurityConsultancy.
 Workingexperience withInternational aswell asdomesticclients.
 Managed teamsize of 3-5 resourcesinvariousprojects.
 Activelyinvolvedwithclientengagements.
Skill Set
Consultancy Tools Hands On
 Experience inSAPusermanagement,role managementand
troubleshootingthe missingauthorizationsissues.AlsoworkedonBI,
CRM andPortal Security.
 Participatedinconstant improvementofSAPauthorization /
administrationby cleaningupunusedroles,transactions,updating
roleswithnewtransactionsandassigningandremovingaccesstousers
on the SAPlandscape.
 Closelyworkwithfunctional teamandbuildthe PFCGrole.
 Performed UT and SIT to identify underlying issues and worked
towardsthe resolution.
 Handlingvariousmissingauthorizationissuesthrough traces.
 Central User Administration (CUA) experience in creating users, assign
roles,andmaintenance.
 Experienced in running the SoD analysis (RAR) and setting up the FF IDs
(SPM) inGRC 5.3.
 Migrationof GRC5.3 to GRC10.1 and use of GRC 10.1 for ARA and EAM.
 Also, have exposure for implementation of GRC 10.1 with setting up
BRF+ and MSMP workflow.
 Configuration and Use of Bizrights for SOD check using What if analysis
and useradministration.
 Good exposure in Unittesting,Functional role testing,UATissues.
 CreatingandMaintaining OSSUsers,DeveloperKeysand SAP Router
connectionsto the Systems.
 Installationandconfigurationof OSSconnectivityforremote support.
 SupportedInternal andExternal Securityauditsinproductionsystems.
 Review critical & sensitive authorizations,implementimprovementsto
meetauditrequirements.
 Workedcloselywith AuditTeamfor User-role conflictremovalwith
 BizRights
 Service-Now
 Remedy
 ITSC
 Secatt

2. properdocumentation.
 Worked on SAP BASIS Administration for client maintenance, Transport
ManagementSystem(TMS),upgradingkernelandsupportpacks.
 Extensive experience withresolvingticketissuesandtroubleshooting
securityauthorizationproblemswhile adheringtoService Level
Agreements(SLA).
Detailed Responsibilities
 AdheringtoSLA.
 Promptresolutionof issues.
 Workaroundfor complex requests.
 DocumentingActivitiesasperHCL practices.
 KeepingSystemauditready.
 Balancingworkloadamong peersandsubordinates.
 Task assignment.
 Ensuringbestresolutionof issuesbyteam.
Project Details
Spansion, USA
SpansionInc.isan American-basedcompanythatdesigns,developsandmanufacturesflash
memoryproducts. The companywasheadquarteredinSunnyvale,California. Itsproductsare used
inelectronics,peripheral computingequipment,industrialandnetworking.
Summary of Spansion,UK:
 SAP ECC 6.0 and CRM 7.0 Enhancement package 2 (7.02), PI 7.31(dual stack), SAP BI 7.0,
SAPSRM 7.02 ,GRC10.1.
 BIZ Rightssecuritytool forcheckingSODviolation.
 SAPENTERPRISE PORTAL.
 Service nowtool.
Responsibilities
 Worked on different management reports and analysis for GRC 10.0 (AC).
 Role administration likeCreation and maintenanceof Single, Derived and Composite Roles.
 Performing user administration (creating, changing, maintaining, deleting user accounts and
assigningroles).
 Comprehensive use of ProfileGenerator to generate roles and assign roles to end users usingPFCG.
 Well experienced in SUIM and Providing Detailed Reports of Users, Roles, T-Codes and Objects when
required.
 AnalyzingMissingauthorizationsusingSU53 through Remote desktop sessions.
 Monitored & reported security violations and invalid or inactiveuser IDs.
 Reviewed security design and provides guidanceon sensitivetransactionsaccess.
 Experienced in Central User Administration (CUA) to maintain users (Create/ delete/ lock/ unlock/
password Reset...)
 Protected Tables usingAuthorization Groups.
 Worked on Portal Security and mapped users with Portal groups.

3. EMI Music, UK
The EMI Group, also known as EMI Music or simply EMI, was a British multinational music company
headquartered in London, United Kingdom. It was the fourth-largest business group and family of
record labels in the recording industry and was one of the big four record companies . EMI Group
also had a major publishing arm, EMI Music Publishing – also based in London with offices globally.
EMI wasa memberof the RIAA & IFPI.
Summary of EMI – SAPSupport(UK)
 SAPR3 4.7
 OrdersTool BSP application.
 SAPBusinessInformation&strategyenterprise management
 SAPBI Portal
 Varioustoolssuchas REIMS ,BIZ TALK andLite Speed
Responsibilities
 User administration involvingcreation/deletion/locking/modifyingusers.
 Role Management (Creation/Change/Deletion of role) through PFCG.
 Well experienced in System TracingST01 and SU53.
 Good Workingknowledge on AGR* tables and user related tables.
 Creation of Composite and Singleroles judgingthe Functional and Organization Level requirements
and also based on the restrictionson differentmodules of SAP.
 Maintained tablesecurity usingauthorization groups.
 Experienced in Central User Administration (CUA) to maintain users (Create/ delete/ lock/ unlock/
password Reset...) and also involved in configuration.
 Well experienced creating SECATT scripts.
 Executed Several RSUSR* reports to ensure that there is no security outages.
 Monitoringthe critical transaction codes and ensures thatthey are assigned to the concerned users
only.
 Kernel Upgrade
 SAPNote ImplementationthroughSNOTE
 SMTP Mail configurationinSCOT.
 Dailysystemmonitoringandrelatedissues.
BSNL, India
Bharat Sanchar NigamLimited (abbreviated BSNL) isastate-owned telecommunications company
headquarteredin NewDelhi,India.Itisthe largestproviderof fixedtelephony andfourthlargest
mobile telephonyproviderinIndia,andisalsoa providerof broadband services.BSNLprovides
almosteverytelecomservice inIndia.BSNLisdividedintoanumberof administrative unitstermed
as telecomcircles,metrodistricts,projectcirclesandspecializedunits
Summary of BSNL– SAPImplementation (India)
HCL is exploringimplementationof SAPSuite of applicationstomeetthe enterprisewide
informationtechnologyneeds.FollowingSAPproductswere implementedduringimplementation

4. phase.
 SAPHCM – HumanCapital Management
 SAPERP – Financial andlogistics
 SAPEnterprise Portal
 SAPBusinessInformation&strategyenterprisemanagement
 SAPPI,MDM, IDM, SRM, SCM
Responsibilities
 Understandingthe SAP architectureand the landscape.
 User Administration includingCreation,Deletion,Lock and Unlock.
 Complete Role Administration like creation and modification of Single roles, Derived roles and
Composite roles as per the clientrequirement
 Worked on Roles and Authorizations startingfrom Design till Test phase.
 Designingof Roles as per the Functional Specs.
 Adding authorization objects to Transaction codes and also changing the check status using SU24 as
per the business requirement.
 Assignment of Roles as per the requirement from the users.
 Optimizingthe authorization checks by utilizingthe SU53 and system traceST01.
 Maintained illegal passwordsin the table USR40.
 Critical authorization objects startingwith S_* were restricted and monitored.
 Worked with security related tables like USR*, AGR* etc
 Monitoringthe inactive user ids.
 MaintainingtheUser groups.
 Creating the developer keys and object keys.
 Interactingwith Functional Consultants.
 SAP Note Implementation through SNOTE
 Monthly Outage of various systems acrossthelandscape.
 Application of Support packages.
Personal Details
Date of Birth : 8th
September,1988
Marital Status: Married
PermanentAddress: House No.2348, Sector-2, Faridabad- 121004
PassportNumber: G6465904
Hobbies:
Computing,SolvingPuzzles, Dancingand
Travelling