Sumit Soni

India

Profile
Education
❖ Over 8.4 years of experience in SAP Security. This includes work in SAP
B.E in Electronics and
ECC, GRC AC 10.1, S/4 Hana, SAP Fiori, Solman (Charm).
Communication, Jawaharlal
❖ Extensively worked on SU25 Upgrade Projects.
Institute of Technology, Borawan
❖ Currently working as Senior Package Specialist in IBM India.
(M.P), IN, 2014
❖ Worked on implementation, Roll out and support projects.
❖ Working on GRC Access Control: Access Request Analysis and Emergency
Access Management.
❖ Worked as individual contributor, but at same time, mentoring junior
Languages resources.
English - Fluent ❖ Ability to adapt to different working conditions quickly.
❖ Experience in Working & Handling International clients
Hindi - Fluent

Key skills
SAP Security
SAP GRC AC
SAP S/4 Hana
SAP Fiori

Work experience
Senior Package Specialist
IBM India, India | Nov 2022 - Present

Recently Joined IBM as Senior Package Specialist

Senior Consultant
Capgemini India, India | Oct 2021 - Oct 2022

Roles and Responsibility

❖ Successfully created several position-based security roles for customer.
❖ Designing and building roles for S/4 HANA and managing cutover tasks for
the S/4 HANA go-live.
❖ FIORI role design to include Catalogs, Groups and ODATA for FIORI
Launchpad. Inclusion of Transactional apps, Fact sheets and Analytical apps in
FIORI Roles.
❖ Create Fiori Catalogs, Fiori Business Groups, and troubleshoot Fiori Tile
errors and authorization failure issue.
❖ Worked with functional teams and business analysts to gather role
requirements.
❖ Extensively worked on translation issues for custom Group and Catalogs.

Consultant
Yash Technologies Pvt. Ltd., India | Jun 2018 - Oct 2021

Roles and Responsibility

❖ Responsible for daily operational activities like troubleshooting, error
handling, password resets, managing user IDs and fixing/adjusting SAP
Roles.
❖ Worked with functional teams and business analysts to gather role
requirements.
❖ Design, Developing, Testing and Implementing SAP Security Roles, Profiles
and Authorizations for various landscapes using Profile Generator as per
Business requirements.
❖ Effectively analyzed trace files and tracked missed authorizations for users’
access problems and inserted missing authorizations manually.
❖ Analyzing User master record for roles and authorizations using SUIM and
AGR* / USR* Tables to assign proper roles in case of authorization failure and
SOD conflicts.
❖ Maintenance of standard settings of authorization objects/field and their
proposals in SU24 as per Business requirements.
❖ FIORI role design to include Catalogs, Groups and ODATA.
❖ Created Business Catalogs and Groups for standard and custom Apps.
❖ Worked on CHARM (SOLOMAN 7.1).
❖ Update GRC Ruleset as per customer requirement.
❖ Creation of custom Risks Id as per the requirements

Consultant
Metro Global Business Services, India | Feb 2018 - May 2018

Roles and Responsibility

❖ Provide daily support on User Ids administration request which include
creation of ID, Role assignment, Termination on SAP landscape of 750+
systems
❖ Ensure all requests are processed as per security standards, policies,
approval workflows and within the SLA
❖ Understand the business requirement and design roles following security
guidelines & standards
❖ Provide security support to projects teams including special access
assignment following Security controls & compliance
❖ Segregation of duties
❖ Analysis using user trace ST01 and SU53 report.
❖ Analysis, Reporting and Mitigation through GRC ARA (Access Risk
Analysis)
❖ Tables for relationship for T-code, roles and users (Agr_Users, Agr_Texts,
Agr_Tcodes, and TSTC, TSTCT, USR02, Agr_Define, Agr_1251) etc.

Associate Consultant
Surtel Technologies Pvt. Ltd, India | Jul 2014 - Feb 2018

Roles and Responsibility

❖ Worked on role administration like creating and modified existing roles as per
the business requirement.
❖ Creating users and locking & unlocking the users, password resetting users,
Validity date extension, Assigning roles to users.
❖ Worked on profile generator (PFCG) for creating single roles, composite
roles, derived & parent roles
❖ Proficient in working with the tables USR*, AGR*.
❖ Performed Weekly and Monthly monitoring for the Audit purpose.
❖ Troubleshoot security/authorization related problems using SU53, ST01 and
SUIM.
❖ Suggested security related profile parameters with the suitable values for the
Business.
❖ Secured system Generic id’s (SAP*, DDIC etc.) from the Technical &
Business users.
❖ Worked on Audit Reports by using tables and SUIM.
❖ Worked with functional teams and business analysts to gather role
requirements.
❖ Providing Fire Fighter access to users. Worked on FFID logs.
❖ Creating, Maintaining and transporting the roles.
❖ Worked on SU24 for the field level changes and reflected the changes to
roles.
❖ Running Risk analysis at user level and role level in GRC

Assignment history
Senior SAP Security Consultant
HKL (Helsinki Metro, Finland), India | Oct 2021 - Oct 2022
SAP S/4 Hana implementation for Finland Metro Rail project.
Contribution: ❖ Successfully created several position-based security roles for
customer.
❖ Designing and building roles for S/4 HANA and managing cutover tasks for
the S/4 HANA go-live.
❖ FIORI role design to include Catalogs, Groups and ODATA for FIORI
Launchpad. Inclusion of Transactional apps, Fact sheets
and Analytical apps in FIORI Roles.
❖ Create Fiori Catalogs, Fiori Business Groups, and troubleshoot Fiori Tile
errors and authorization failure issue.
❖ Worked with functional teams and business analysts to gather role
requirements.
❖ Extensively worked on translation issues for custom Group and Catalogs.

SAP Security and GRC Consultant

Schlumberger Limited, USA, India | Jun 2018 - Oct 2021
SAP Support and Implementation Project for Schlumberger Limited, USA
Contribution: ❖ Responsible for daily operational activities like troubleshooting,
error handling, password resets, managing user IDs and
fixing/adjusting SAP Roles.
❖ Worked with functional teams and business analysts to gather role
requirements.
❖ Design, Developing, Testing and Implementing SAP Security Roles, Profiles
and Authorizations for various landscapes using
Profile Generator as per Business requirements.
❖ Effectively analyzed trace files and tracked missed authorizations for users’
access problems and inserted missing authorizations
manually.
❖ Analyzing User master record for roles and authorizations using SUIM and
AGR* / USR* Tables to assign proper roles in case of
authorization failure and SOD conflicts.
❖ Maintenance of standard settings of authorization objects/field and their
proposals in SU24 as per Business requirements.
❖ FIORI role design to include Catalogs, Groups and ODATA.
❖ Created Business Catalogs and Groups for standard and custom Apps.
❖ Worked on CHARM (SOLOMAN 7.1).
❖ Update GRC Ruleset as per customer requirement.
❖ Creation of custom Risks Id as per the requirements.

SAP GRC Consultant

Metro GBS Pvt. Ltd., India | Feb 2018 - May 2018
SAP Security & GRC Support Project for Metro GBS.
Contribution: ❖ Provide daily support on User Ids administration request which
include creation of ID, Role assignment, Termination on SAP
landscape of 750+ systems
❖ Ensure all requests are processed as per security standards, policies,
approval workflows and within the SLA
❖ Understand the business requirement and design roles following security
guidelines & standards
❖ Provide security support to projects teams including special access
assignment following Security controls & compliance
❖ Segregation of duties
❖ Analysis using user trace ST01 and SU53 report.
❖ Analysis, Reporting and Mitigation through GRC ARA (Access Risk
Analysis)
❖ Tables for relationship for T-code, roles and users (Agr_Users, Agr_Texts,
Agr_Tcodes, and TSTC, TSTCT, USR02, Agr_Define,
Agr_1251) etc.

SAP Security Associate Consultant

Briggs & Stratton, Milwaukee (USA), India | Jul 2014 - Feb 2018
SAP Security Support Project for Briggs & Stratton, Milwaukee (USA).
Contribution: ❖ Worked on role administration like creating and modified
existing roles as per the business requirement.
❖ Creating users and locking & unlocking the users, password resetting users,
Validity date extension, Assigning roles to users.
❖ Worked on profile generator (PFCG) for creating single roles, composite
roles, derived & parent roles
❖ Proficient in working with the tables USR*, AGR*.
❖ Performed Weekly and Monthly monitoring for the Audit purpose.
❖ Troubleshoot security/authorization related problems using SU53, ST01 and
SUIM.
❖ Suggested security related profile parameters with the suitable values for the
Business.
❖ Secured system Generic id’s (SAP*, DDIC etc.) from the Technical &
Business users.
❖ Worked on Audit Reports by using tables and SUIM.
❖ Worked with functional teams and business analysts to gather role
requirements.
❖ Providing Fire Fighter access to users. Worked on FFID logs.
❖ Creating, Maintaining and transporting the roles.
❖ Worked on SU24 for the field level changes and reflected the changes to
roles.
❖ Running Risk analysis at user level and role level in GRC

Additional information
Achievements :

❖ Recognized as the Capgemini’s

Excellence award in 2022 to setup
Security for S/4 Hana system single
Handedly.

❖ Received Employee of the Quarter

and Employee of the month award
in Yash Technologies – 2020

❖ Received Ultimate Team Player

award for Job Code Implementation
Project in Yash Technologies – 2019