BATHI REDDY K

(Sap Security and GRC Consultant)

Mobile: +91 9663471971
Personal Email :bathi.k.reddy@gmail.com
__________________________________________________________________________

CARRER OBJECTIVE
To work in a globally competitive environment on challenging assignment that shall yield the
twin benefits of the job satisfaction and a steady-placed professional growth.

Areas of Expertise:

 11+ years of strong in SAP Security experience.

 Experienced in supporting & implement of SAP modules like R/3, ECC 6.0, SAP portal, and
GRC Access Control 5.3 and 10.1 & 12.0, S4 Hana, S4H public platform, SAP BTP application,
SAP HANA
 Expertise in user administration activities to process requests such as user creation and
assigning Roles and resetting passwords, Lock/Unlock, mass Locking (EWZ5) and other day-to-
day operations relevant to the user administration.
 Experience with helpdesk, resolving ticket issues and troubleshooting support problems
Using Service now as ticketing tool and HPQC as defect and CHARM tracking tool.
 Role Administration to create Single, Composite and Derived Roles
 Good Expertise in using Profile Generator (PFCG).
 Worked on SAP Check Indicator Defaults and Field values, reduced the scope of
Authorization checks using transaction SU24 and maintained check indicators for Transaction
codes.
 Modifying user authorization access, Analyses of missing authorizations from the SU53
screen shot or tracing the user.
 Giving Tables access for the Users & Restricting the Tables by using Authorization Group.
 Preparing and analyzing reports in SAP using SUIM, and security related tables (AGR*, USR*,
etc.), and customized Query reports.
 Trouble-shooting authorization problems using repository Information System and tracing
authorizations using SU53 and ST01 trace.
 Worked on maintaining the Analysis authorizations into the roles.
 Worked on User Administration and Role Administration in the BI.
 Working on GRC Access request management (ARM), Emergency access management (EAM) and
Access risk analysis (ARA)
 Working on Super User Privilege Management (SPM/RAR), Assignment of FIRE FIGHTER ID’s to the
user and changing the validity of ID request & generating log reports.
EDUCATION

Bachelor of Technology (B Tech) in Electronics Communications & Engg. From Vanjari

Seethaiah Memorial College, Hyderabad, Andhra Pradesh during the year 2006 to 2010

EMPLOYMENT HISTORY:

Worked in QSOURCE GLOBAL CONSULTING PVT. LTD., Bangalore as a SAP Security consultant from
NOVEMBER 2012 to AUG 31st 2015.

Worked in PYRAMID IT CONSULTING PVT. LTD., Bangalore as a SAP Security consultant from
September 2015 to DEC 31st 2015.

Worked in TATA Consultancy services, Bangalore as a SAP Security and GRC consultant from
Jan 2016 to SEP 2018
Worked in CGI, Bangalore as a SAP Security and GRC consultant from
SEP 2018 to 21 May 2021

Worked in IBM, Bangalore as a SAP Security and GRC consultant from

May 2021 to April 2023
Working in Stefanini, Hyderabad as a SAP Security and GRC lead from
May 2023 to till date

SAP SECURITY SKILLS:

User Administration.
SAP User Scripting
Role Administration.
Security auditing.
Critical authorizations.
BizRights 4.5 and Approva 10.1 (Upgrade the version 4.5 to 10.1)
SAP GRC 10.0, 10.1 and 12
SAP S4 HANA (Cloud and On promise)
SAP BTP User admin
SAP NATIVE HANA

TECHNICAL SKILLS:

Operating Systems : windows XP, 2003, 07

Languages : C
Application Suite : MS-Office-2003, 2007
ERP Applications : SAP R/3 4.7EE and ECC 6.0, S4Hana,
SAP EA Tools : BizRights 4.5 and Approva 10.1, GRC 10.0& 10.1,12.0
STEFANINI EXPERIENCE

Organization Stefanini
Client Hilmar
Duration May 2023 to Till date
Role SAP Security Lead.
Team Size 2
Tools Used SAP ECC 7.3, SAP HANA

Project Contribution:

SAP Security Skills

 Designed SAP security solutions and configured access rights, profiles, roles and user
accounts according to organizational security policies.
 Administered and managed user access requests and maintained user access profiles.
 Developed technical solutions to maintain and secure SAP system data.
 Monitored and evaluated user access to the system, identified potential security threats and
developed solutions to mitigate risks and maintain compliance.
 Implemented security solutions in order to prevent unauthorized access to the SAP system.
 Analyzed SAP authorization objects, roles and user accounts to ensure proper data control
and security.
 Collaborated with different project teams and stakeholders to ensure smooth system
operations.

IBM EXPERIENCE

Organization IBM
Client SHELL
Duration May 2021 to April 2023
Role SAP Security Lead.
Team Size 25
Tools Used SAP ECC 7.3, S4H Cloud, SAP BTP, SAP HANA

Project Contribution:

 User administration involving creation/deletion/locking/modifying.

 Extensively using mass user creation using (SU10) for mass user creation and
addition of similar roles to mass users.
 Creation of Emergency ids as per business requirement.
 Creating roles (Single role, Composite role, Master role & derived role). ➢
Maintaining authorizations and filed values using profile generator.
 Adding/removing t-codes, authorization objects and values from roles through
PFCG.
  Used SU24 to change authorization object assignment to a custom / standard
transaction code based on requirement.
 Transporting created / modified roles in System landscape.
 Monitoring High privilege accounts and acting accordingly.

Compliance Controls involved with EY (walkthrough / evidence

queries):
 To check the revtrac migrator and Transport owner is not same.
 To check rsau/enable parameter is 1 and few other parameters
 Update the policy documents with valid approvals
 To validate the user creation / modification as per approvals
 To check the usage of Emergency / Firefighter IDs using GRC.
 Checking if Password was shared only to requested user.
 Reviewing the database users.
 Reviewing the users who are Released from project and deleting them from system.
 Locking /deleting inactive users.
 Reviewing SA for all users.
 Revtrac user Review.
 Reviewing Generic Accounts and performing combined SOD and doing impact
analysis if required.
SAP S4HANA Security

 Gathering requirements and documenting 5/4 HANA Security Strategy and framework.
 Designing and building roles for S/4 HANA (Transactional and MDG) and Fiori Gateway
Systems.
 Designing roles for Fiori apps by adding Catalogs and Groups to 5/4 HANA roles.
 Creating Tiles, catalogs, Groups and added in respective roles.
 Troubleshooting fiori authorization issues by using /N/IWFND/ERROR_LOG and
STAUTHTRACE.
 Based on the requirement Assigned Fiori roles to user in respective systems.
 Performed role creation by using PFCG in S4HANA system
 Implementation and configuration of GRC 10.1 with services for apps included in the ruleset.
 Activating services for the Fiori apps in /IWFND/MAINT SERVICE.
 Documenting and implementing cutover tasks for the S/4 HANA go-live. Troubleshooting
and identifying the missing OData Services and authorization issues in /IWFND/ERROR LOG
and notifying the Basis and Fiori configuration team to activate them.
 Optimizing the User Experience by reducing or removing unwanted groups and tiles within
the groups to improve performance.
 Working with Fiori Config team to identify the areas where the inactive apps are generating
frontend or backend authorization issues and customizing the catalogs to remove inactive
apps.
 Working with business users to identify the issues with Fiori apps and resolving the auth
issues.

CGI EXPERIENCE
PROJECT 4, TELUS, Canada– dates (09/24/2018 to 21/05/2021)

Security in ECC 6.0, BI 7.0, EP 7.0, PI 7.0, HR and Solution Manager 4.0
Upgrade experience in ECC, BI and GRC
Very strong BW/BI security experience including upgrade experience along with HR.
Preventative, mitigating and compensation controls to ensure the appropriate level of
protection and adherence to the goals of the overall SAP security strategy
Worked SAP License Audit
Excellent problem-solving skills, team player with good communication skills.
Performed SAP Security related task such as Security Audits, SOX (Sarbanes Oxley)
Compliance, User maintenance, Activity group/Role maintenance using profile generator
(PFCG), Upgrade from various versions, Production support
Configure and implement GRC tools such as Risk Analysis and Remediation (RAR/CC),
Super user Privilege Management (SPM/Fire Fighter), Compliant User Provisioning
(CUP/AE) and Enterprise Role Management (ERM/Role Expert) applications.
RAR Rule set Changes and maintenance.
Maintain the Owners and Controllers For FF ids
Creating FF id and Firefighter roles.
Creating the mitigation id.
Modifying the Function in RAR.
Segregating the regional roles and the location specific roles and updating the Org Values.
Involved in the UAT of the different functional teams.
Handling the change requests and Involved in the role design and role modification activities
Creation/ modification / deletion of roles as per the requirement by the client.

Worked on AGR* tables and usr* tables.

Assign the Missing Authorizations as per the approvals to the end-users.
Enabling the audit statically and dynamically in SM19 & SM20.

Scheduling of Synchronization jobs for ARA and EAM.

Configuring the workflow for FF id creation and Firefighter assignment

TCS EXPERIENCE

Project #3

Organization Tata consultancy services

Client ABBVIE
Duration Jan 24th 2017 to Sept 19th 2018
Role SAP Security Consultant.
Team Size 9
Tools Used SAP ECC 7.3 ang GRC 10.1

Project Contribution:
 Security in ECC 6.0, BI 7.0, EP 7.0, PI 7.0, HR and Solution Manager 4.0
 Upgrade experience in ECC and GRC
  Hands on experience in Analysis Authorizations
 Full life cycle implementations in SAP, Solman, and GRC
 Security Management
 Technical Documentation
 Worked on SAP IDM
 Audit support experience with E & Y, PWC auditors
 Enterprise portal security experience to control access to portal content
 Very strong BW/BI security experience including upgrade experience along with HR.
 Preventative, mitigating and compensation controls to ensure the appropriate level of
protection and adherence to the goals of the overall SAP security strategy
 Excellent problem-solving skills, team player with good communication skills.
 Performed SAP Security related task such as Security Audits, SOX (Sarbanes Oxley)
Compliance, User maintenance, Activity group/Role maintenance using profile generator
(PFCG), Upgrade from various versions, Production support.
 Configure and implement GRC tools such as Risk Analysis and Remediation (RAR/CC),
Superuser Privilege Management (SPM/Fire Fighter), Compliant User Provisioning (CUP/AE)
and Enterprise Role Management (ERM/Role Expert) applications.
 RAR Rule set Changes and maintenance.
 Maintain the Owners and Controllers For FF ids
 Creating FF id and Firefighter roles.
 Creating the mitigation id.
 Modifying the Function in RAR.
 Segregating the regional roles and the location specific roles and updating the Org
Values.
 Involved in the UAT of the different functional teams.
 Handling the change requests
 Involved in the role design and role modification activities.

PROJECT#2

Organization Tata consultancy services

Client Johnson & Johnson – North America
Duration Jan 4th 2016 to Jan 20th 2017
Role SAP Security Consultant.
Team Size 4
Tools Used SAP ECC 7.3, GRC 10.1 Implementation

DESCRIPTION:

Johnson & Johnson is an American multinational medical device, pharmaceutical and consumer
packaged goods manufacturer founded in 1886.Johnson & Johnson is headquartered in New
Brunswick, New Jersey, directly adjacent to the campus of Rutgers University, the consumer division
being in Skillman, New Jersey. Johnson & Johnson's brands include numerous household names of
medications and first aid supplies. Among its well-known consumer products are the Band-Aid Brand
lines of bandages, Tylenol medications, Johnson's baby products, Neutrogena skin and beauty
products, Clean & Clear facial wash and Acuvue contact lenses.

Project Contribution:
SAP Security Consultant
 Creating user.
 Re-activating (extending the validity of the expired) User IDs
 During the upgrade activate we lock and unlock the user in systems.
 Played critical role by designing the auth. Concept as per client requirement.
 Analysing end user’s authorization issues on basis of SU53 error screen shot and with
help of ST01 trace.
 Deleting Roles with the help of Transportation methodology.
 Worked in User Information System (SUIM).
 Secured tables with custom transaction codes and authorization groups.
 Transition Management for Authorization Team.

GRC
 Work with the client to gather the requirements & expectations with GRC AC 10.0
Implementation.
 Understand the existing processes in place and propose and map solutions in GRC
Access control 10.0.
 Integration of ARA, ARM, EAM and BRM components of GRC Access Control 10.0.
 Create and maintain connecters
 Maintain Configuration parameters settings
 Generate SOD Rule set
 Create Custom Functions, Risk IDs and custom Rule set
 Run Synchronization jobs
 Generating the Risk Analysis reports for the management
 Define Request Types and Employee Types
 Create and define different End User Personalization for restrict the User Access
form
 Maintain Provisioning Settings and Password Self Service
 Activate End User Logon to access the User Request Form
 Customized Access Management screen and fields in User Request Form
 Create FFIDs and assigned to FFID Owners and controllers
 Create reason codes
 Define decentralized ID-based Firefighting Configuration
 Execute EAM Master Data Sync Jobs
 Import Mass roles for user provisioning.
 Create various custom BRF+ Rules
 Create custom MSMP workflows as per Business requirement
 Create custom Message classes and Define custom notifications as per business
requirement
 Work with the client in preparation of blueprint design document and Carry out
configuration steps for all four modules of GRC Access Control 10.0 as per the
blueprint documentation
 Worked on GRC testing using HPQC.

PROJECT#1
Organization Accenture
Client STARWOOD HOTELS.
Duration NOVEMBER 2012 to 31st Dec 2015
Role SAP Security Consultant.
Team Size 7
Tools Used SAP ECC 7.3

DESCRIPTION:

Starwood Hotels & Resorts Worldwide, Inc. is one of the leading hotel and leisure companies in the
world with 1,500 properties in nearly 160 countries and 171,000 employees at its owned and
managed properties. Starwood is a fully integrated owner, operator and franchisor of hotels, resorts
and residences with the following internationally renowned brands: The Luxury Collection®, W®,
Westin®, Le Méridien®, Sheraton®, Four Points® by Sheraton, Aloft®, and Element SM. The Company
boasts one of the industry’s leading loyalty programs, Starwood Preferred Guest (SPG), allowing
members to earn and redeem points for room stays, room upgrades and flights, with no blackout
dates. Starwood also owns Starwood Vacation Ownership, Inc., a premier provider of world-class
vacation experiences through villa-style resorts and privileged access to Starwood brands.

Project Contribution:

 Production Support including user provisioning, role provisioning, and security role
creation/modifications and authorization change requests.
 User and Role Administration
 Extensively worked on table level authorizations
 Trouble-shooting authorization problems using repository Information System and tracing
authorizations using SU53 and ST01 trace.
 Maintaining SU24 changes to Authorization Objects & Activities and go with Expert Mode &
modifying existing roles based upon change request.
 Locking and changing the validity for the expired users.
 Fixing Authorization issues for end users.
 Addition, Removal of Transaction Codes, authorizations, authorization objects by modifying
existing roles based upon change request.
 Working on Assignment of FIRE FIGHTER ID’s to the user and Changing the validity of ID request &
generating log reports
 OSS: Extensive work experience on SAP Service Market Place &OSS Notes: SAP OSS ID
creation for users, creating Developer keys, Providing Authorizations, Updating OSS notes
with SAP credentials in the Secure Area for SAP to investigate and support the issues faced
by the Business/End users of the system.
 Monthly Audit reporting (Project specific): to check the access violation through security
Audit controls, every month pull the access level report based on some transaction code,
authorization object level through SUIM, also check some configuration like good logon
parameters and password settings, unused and inactivity users, terminated users (Daily
check), unique IDs, and check all custom TCODES, tables and programs Authority check
implementation.

PERSONAL PROFILE
 Full Name : Bathi Reddy. K
Father’s Name : Prabhakar Reddy. K
Gender : Male
Date of Birth : 26-May-1989
Marital Status : Married
Nationality : Indian
Address : Villa no 84, Shigra palms, Dommular Village,
Malur Taluk, KOLAR DIST, Karnataka

Languages Known : English, Hindi, & Telugu