ARUN BADAM

Mobile : 8328013807
Email :arunbadam2607@gmail.com
https://www.linkedin.com/in/arun-badam-b48136158

SAP Security & GRC Consultant

Have 2+ Years of experience in SAP Security R/3 / ECC 6.0 and GRC 10.1 and ICS audit. This includes
Client Interaction and working with different teams (functional, ABAP & Basis) with various support
activities. Extensive experience in SAP Security Administration, Authorization& GRC Access Control
10.1.

TECHNICAL SKILLS:

SAP Security Skills

▪ User administration involving creating users, modifying users, copying users, deleting users,
assigning roles & profiles using SU01, Mass User Maintenances with the help of SU10.
▪ Day to day User management, role management and transport management activities.
▪ Used CUA to maintain users (Creation, deletion, locking etc.)
▪ Monitoring the critical transaction codes and ensures that they are assigned to the concerned
users only.
▪ Good working knowledge on Tables like AGR*, USR* to provide the solutions based on the client
requests.
▪ Extensively used SU53, ST01 & SUIM to assign missing authorizations to the users.
▪ Worked on role administration, modification in roles based on requirement
▪ Expertise in restricting Reports access for a user by using S_DEVELOP & S_PROGRAM.
▪ Creating and maintaining User groups with SUGR for easy user administration.
▪ Involved in YEC(Year end) and MEC(Month end) activities.

SAP GRC Skills

▪ Connection and disconnection of SAP system from GRC including testing the whole scenario.
▪ Analysing the SOD Conflicts at User level and Role level by using Access Risk Analysis (GRC 10.1).
▪ Determine and report if any risks will be introduced by simulating the addition of transactions,
Role, or Profile to a User ID by using GRC ARA.
▪ Mitigation and remediation of users and roles for SOX using User/Role Analysis in ARA.
▪ Producing SOD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and
Profiles using ARA.
▪ FF governance, Role Upload, ORU/ User group creation and mapping, Functional area creation etc.
in GRC.
▪ Scheduling Ad-hoc jobs in GRC for user and role sync, critical action/ critical permission, etc.
 ▪ Providing Emergency access to functional, technical & audit team members using EAM.
▪ Creating Firefighter IDs and assigning the Firefighter IDs to Owners and Controllers.
▪ Having knowledge on troubleshooting issues related to GRC request by analysing the root cause via
t-code SLG1.

ICS audit Skills

▪ Worked on aligning important security parameter Changes, default users, default SAP_ALL &
SAP_NEW profiles.
▪ Working on Audit Issues created by External Auditors.
▪ Involved in Audit Interviews with External Auditors.
▪ Operational Monitoring of various controls.
▪ Worked on an activity to maintain illegal passwords in table USR40 to have the system stable
(prevent system for Bruce – Force attacks).
▪ SOD Checks – Monitored users having High & Critical access – Took action to mitigate & remediate
users to keep the SAP system secured.
▪ Monitored Firefighter Usage Controls
▪ Monitored usage & logging of critical tables & client opening for direct changes.
▪ Monitored users having critical, limited allowed access to important actions & permissions.
▪ Critical SAP Support Issues.
▪ Risk Analysis of Users having SOD Conflicts.

Work Experience

Wipro Technologies (August 2018 - Present)

Project details:
Designation : SAP GRC Consultant
Client : E.ON
Duration : Jan 2020 – present

Roles & Responsibilities:

➢ Worked on GRC Access Control 10.1 admin tasks.
➢ Worked on AC Components ARA, EAM, BRM and ARM.
➢ Performed Post Installation steps of GRC Access Control 10.1.
➢ Worked on GRC AC request workflow when request reached to escape path.
➢ Performed connection and disconnection of SAP system from GRC system.
➢ Performed Connectors configuration- created connectors, defined connectors, and defined
connection type, created connector groups and added connectors to the group.
➢ Maintained connection settings- Activated different integration scenarios and assigned them
to connectors.
 ➢ Access Control Configuration: - Maintained configuration setting (parameter settings) as per
the business requirement for Risk Analysis, workflow, Emergency Access management, Role
management etc.
➢ Created & Maintained Rule set, Function Id and Risk ID. Generated SOD rules.
➢ Generated Access Risk Analysis report at User level and role level.
➢ Created FFID ‘s, assigned owners and controller to FF Id’s and maintained Owners, Controllers
in Access control owners.
➢ Imported Roles from SAP backend systems to SAP GRC AC 10.1 system through Role Import
functionality and Uploaded Business roles into BRM.
➢ Worked on Access requestor and Approval process

Project details:
Designation : SAP Security & GRC Consultant
Client : Philips
Duration : Aug 2018 – Dec 2019

Role and Responsibilities:

➢ Technical analyst for SAP security in production & non-production environments.
➢ User Administration–To ensure the integrity of SAP Security by actively creating, maintaining,
deleting and locking of users, Default tab maintenance, password reset, creating user group,
role assignment of R/3, BW and other different systems.
➢ Experience and knowledge of security procedures for user creation, maintenance in client-
specific user administration model and central user administration (CUA).
➢ Proficient in troubleshoot authorization related problems using SU53, ST01 and SUIM.
➢ Excellent communication and follow-up skills in gathering requirements from functional teams
and data owners.
➢ Mentor and provide guidance to new project team Security Analysts on the Security and
authorization concept.
➢ Resetting the LDAP connection when issue arises for synchronization between GRC and active
directory.
➢ Monitoring the list of users with critical T-codes and critical profiles like SAP_ALL & SAP_NEW.
➢ Experience in defining background jobs, scheduling, modifying, deleting and analyzing the jobs
and regularly monitoring the job logs and the job status.
➢ Identify and document issues and risks as needed and submit weekly status reports to higher
level management.
➢ Mitigation and remediation of users and roles for SOX using user/role analysis in ARA.
➢ Creating Firefighter IDs and assigning the Firefighter IDs to Owners and Controllers.
➢ Respond to requests, gathering all the requirements needed for functional team and business
and prepare SAP security reports based on management and department needs.
➢ Worked on ticketing tool (SNOW) to resolve the issues and problems in different kinds of SAP
modules.
➢ Collaborate with other team members and business representatives to ensure that security
roles, authorizations, activity levels and settings meet the client requirement.
➢ Securing Standard users like SAP*, DDIC against misuse.
➢ Contribute to the documentation for the various tasks that we perform on daily basis.
 ➢ Technical trainings and Knowledge transfer for the team members and lateral joiners.
➢ Work in shifts to provide support to Philips global operations. Supported during weekends and
also for various migration activities.
➢ Performing various ICS audit activities like finding deviations in parameter changes in all the
three reports in 365 control(A01, A02 and A03).

Educational Qualifications

Qualification Institution Year of passing place percentage

B.Tech Keshav Memorial 2018 Hyderabad 70

Institute of
Technology

Intermediate Sri Chaithanya 2014 Hyderabad 91

Junior College

Sri Chaitanya Techno

SSC School 2012 Hyderabad 93

Personal Skills

● Ability to work with team, as well as individual.

● Good communication skills and proficient team player.

Personal Information

Date of Birth : 26-07-1997

Marital status : Single
Languages known : English,Telugu,Hindi
Nationality : Indian
Religion : Hindu
Mother’s Name : B.Jayasree
Father’s Name : B. Pandu Ranga Swamy
Permanent Address : 4-59,Nandimalla, Wanaprathy, 509131