Embed Size (px)
Citation preview
PLABAN SAHOO Contact: +91 9008106031 Email:
PROFESSIONAL SUMMARY
Plaban has 9 years and 3 months of experience, as Sap Security Consultant, with an aggregate experience of 10 years and 3 months, as an IT professional.
Present Designation: Leading Remediation of Risk(Security Control 372 A08) and Validation of GRC 10.1 and Role Build for Project Chengdu
Involved in 5 Support projects as Authorization administrator of ECC 6, BI 7, BW 3.5, CRM 7, SRM, EDM and GRC 10 and 5.3 Access Control
Custom initiator and Agent rule: Risk Level using Table operation and Procedure Call RAR and EAM Master data migration, from 5.3 to GRC AC 10.1 Configuration for GRC AC 10.0: Set-up: Post-installation, Master data load: BC sets,
Access Control Owner, EAM, User Provisioning(eg.Request type). MSMP Workflow Creation: Custom Workflow for SOD Violation, Access
request, Function, Risk, Mitigation Control Update, FF Log review, UAR and SOD. EAM: Configuring FF, Job scheduling: Email Reminder, FF log Sync. ARA: Creation of Risk, Function, Mit. Control creation and assignment, Batch
Risk Analysis. Transport of Rule id. BRM: Testing of Role Methodology, Role Import and Authorization Data
Configuring: Password self-service, User Default, Default role,Notification, EUP for Approval and Rejection, BRF+: DBLookup(No Role Approver, Manager is Role Owner) and LaunchPadCustomizing EUL(Restrict personalization) and Approval page(Permission level made Read-only)
Implemented CRM 7 for MLDL(Mahindra Lifespace Developers Limited) Design of CRM: Manual Config., Data Migration, SIT and PFCG roles for release 14.7,
at Juniper Networks. Role design of ESS and MSS, for ULTA Ltd., using HR structural authorization. Involved in design of P2P roles, for Kellogg’s. Understanding of Risk of QM, O2C, P2P and R2R modules; Segregation of roles,
through non-org. field Doc. type, View type, Division, Shipping point, Condition type, Movement type, etc.
Identifying Risk through SUIM and GRC reports, and remediating them by discussion with Super-user for removal of conflicting transactions and applying Mitigation controls.
Submitting documents: Cut-over(BCO), SOP, Change Management process(Approval through CRB, Peer-review, Verification testing, Document up-versioning), Testing, OOPS resolution and migration through Rev-trac.
Significant Activity:
Implemented SARP Reporting tree (execution of standard report, through Node structured transaction), for GSK.
Submitting KEDB on use cases on BRF+, MSMP, Best Security practices on Critical Authorizations, RICEFW; Submitted Training Material and Reusable Artifact in Infosys Ltd. Preparation of RFP. Provided training, to team PEPSICO on CRM security and 2-3 years of Professionals on concepts of Sap Security at Infosys Ltd.
Incorporating the role of a Basis Administrator, is apt in General Administration activities - Performance Monitoring, Transport Management and
Spool Analysis on HP-UnixCertificationIBM Certified Database Administrator -- DB2 Universal Database V8.1 for Linux, UNIX and Windows.
Certificate of ‘Appreciation for Hard work in SAC team activities’ for GSK.
PROJECT SUMMARY
Philips Electronics: Duration: Jan ’15- present Performing Review of GRC 10.1:Validating Background job, Config.parameters,
Workflow, EAM: Operations, FF procedure, Master Data, Control Activities; ARA: Background job housekeeping, Critical report; ARM: Support procedure, Security checks and Delegation
Prepared Design of roles(ECC) for Roll-out: Chengdu Presenting to Philips Lead on Quarterly report and OMC Dashboard on ‘Status of
Controls for Limited Allowed, Non-Allowed, Standard User, Security parameter set up, Termination and Transfer and Client changes’.
Ignition: Juniper Networks: Duration: August– December 2014 BOBJ: Folder level Access reporting. Build of Manual Configuration and Data Migration for CRM 7, for Project: Ignition GRC QA Refresh: Testing of MSMP Workflow, Notification messages, Background job
scheduling, Segregation of FF id, Log review of FF. Maintaining Credentials in Secure area of OSS ids, using Thycotic tool.
GlaxoSmithKline Pharmaceuticals Limited: Duration: December 2012 – July 2014 Team lead(of 6) responsible, for Offshore delivery: Remedy ticket, Service Request and
Change control. Delegating ownership of VECS, L1, and Matrix3 reporting. Inspiring the team by reminding them of their personal goal(s); Sharing knowledge, issues, solutions, activities. Accepting knowledge and view-point from all team members. Oversee delivery and communicating effectively.
Support for EDM, VIM(FI application on ECC), SRM and IDM. Implemented SARP Reporting tree(Execution of standard Report through standard
transaction) single-handedly by the phases as mentioned here:
Analysis and Design: Understanding the need of implementation: prevent execution of program, through SA38 and SE38 as per Audit requirement. -
Study of required Objects: Notes, Transactions, Variants, Reporting Tree, and planning the sequence of Development. Discussion with ABAP team on implementing the Notes and creation of custom transactions
Gathering reports and Informing the Process leads of teams: FI, ABAP, SD, QM , SAC, QRC and ESAT on the change in program access methodology.
Build : Multiple document up-versioning on CDMS for all the created and changed roles. Configuring custom transaction, variants for update reports and Reporting Tree(Nodes) .
Testing : Preparing Authorization for more than 15 Test ids on each Dev. and Test system. Preparation of Plan, multiple D2Q and Q2P forms and coordinating with GSK leads and C&RM team for approval on Rev-trac. - Resolving OOPS conflict with 30 other transports.
Go-live: - Verifying that all the objects have been transported to Production, and required objective is achieved.
Preparing Cut-over control: Risk Analysis, ARF and Transport list in application:APSE, for site/market going live.
VIRSA: Creation of Mitigation Control ids(and Mitigating users) and Firefighter.Documentation of Non-personal id, SR, DS and SRC documents of roles; Critical report on Vendor Tables, HR tables and Application tables(CDHDR and CDPOS)
Change owner of Custom transaction of Mass user creation, &SAP_EDIT, assessed 50 change controls: through CRB, Plan , D2Q, and Q2P forms.
Proposed value-add on Change management process on Custom transaction, , submitted KEDB on Claim, Invoice, Customer Approval process on EDM.
----------------------------------------------------------------------------------------------------------------------------ULTA: Duration: October-November 2012
Role Design for ESS and MSS, based on HR Structural Authorization Provided complete Authorization Strategy: Workflow, Role Details, Portal Role
Automation and Creation. Direct, Indirect Subordinate and Delegated report access through Evaluation
path.----------------------------------------------------------------------------------------------------------------------------Infosys Internal Activities:Duration: January 2012-October 2012
Submitted Knowledge Document-CUA Modeling and CRM Training Material. Conducted Sap Security Training and CRM Security Training in Infosys
Limited.Helped in preparation of RFP for Novartis AH, Effort Estimation. ----------------------------------------------------------------------------------------------------------------------------Symphony: Kelloggs: Duration: July 2010-July 2011; Environment: ECC 6.0, BI 7; Team Size: 7
Role design of MM. Identifying and Discussing Business requirement from Live Model reports and
Business process leads.
Submitted Position paper on Central User Administration (CUA) on Solution Manager for complete landscape.
CATT script- User Creation (on CUA), Derived Role, Password Reset and Role Creation
Authorization Build-Role Creation, User Provisioning, Authorization Issues: Auth. for MAESTRO, TIDAL Tools.
----------------------------------------------------------------------------------------------------------------------------Harmony, E-Security: Mahindra and Mahindra Ltd.: Duration: June 2009- June 2010
CRM Security Implementation for Mahindra Life space Development Limited (MLDL). Requirement Gathering from Business (FSD), discussion with functional
Consultants for designing Business Role, Technical role and User Layout. Build authorization Roles for varied positions in Sales, Service and Marketing
modules, by implementing best practices and trace functionality. Configuration and Testing with CRM Consultants for functioning of Web Client
User Interfaces.
Presented to Client, the need of transition of BW 3.5 to BI 7: usage of Analysis auth. Resolved authorization Issues for Consultants, Users & Auditors. Delivered Reports on
External and Internal Auditing. Implemented Security policy as per Audit guidelines using Firefighters(SPM).
----------------------------------------------------------------------------------------------------------------------------Belgacom: Duration: Oct.2011-Dec.2011; Environment: ECC6.0, BI 7, CRM 7
Security Support----------------------------------------------------------------------------------------------------------------------------ISE Desktop: SAP AG: Duration: July 2011-September 2011; Environment: CRM 7.0; Team Size: 2
Authorization Design for Inside Sales and Marketing, and Web Client User Interface.----------------------------------------------------------------------------------------------------------------------------Security Support: Nissan Europe: Duration:Jan.2009 – March 2009; Environment: SAP R/3 4.6 C; Team Size: 5;Project Implements Master-Derived Authorization system to the existing individual role concept.
Creation of Master Derived roles. Additional activities - Performance Monitoring: Instance, Workload.
----------------------------------------------------------------------------------------------------------------------------Applera: Applied BioSystems:Duration: May, July, Sept 2007- December 2008: Environment: SAP R/3 4.7 SR1 Ext 1.10, HP-UX, Sun Solaris, Oracle
Performed Change Management Process through Lotus Notes, for transporting roles and tables, security objects and maintaining the change documents
Health checks, Housekeeping Activities, Performance Monitoring. Spool Administration-Configuring Printer Devices. Troubleshooting at OS Level.
----------------------------------------------------------------------------------------------------------------------------
ASG Europe: Unilever:Duration: Feb 2006 – April 2007; Environment: SAP R/3 4.6 C; Team Size: 2; Role: Team Member
User and Role Administration Issue Analysis and Assigning Roles as per authority.
CAREER CONTOUR
Jan’15 – present Technology Lead Wipro Technologies
Nov.’12-Dec’14 Assistant Consultant: SAP Security Tata Consultancy Services Limited
Dec’11- Nov.’12 Technology Lead Infosys Limited
July’10- Dec’11 Senior Software Engineer Accenture Services Pvt. Ltd
Mar ’05-June ‘10 SAP Security and Basis Consultant Satyam Computer Services Ltd.(Tech Mahindra Ltd.)
SCHOLASTICS
B.E (IT) National Institute of Science and Technology, Berhampur, Orissa
67.1%, in 2004
12th College of Basic Science and Humanities, OUAT, Bhubaneswar
64.9%, in 1999
10th BJEM School, Bhubaneswar 75.4%, in 1997
.:
PERSONAL INFORMATION
Present Address : House no. 157,10th Cross, K.P.C Layout, Kasavanahalli, Off Sarjapur Road, Carmelaram Post Bangalore- 560035, Karnataka.Permanent Address : Plot no. 1268, Forest Park, Bhubaneswar, OdishaDate of Birth : 14.05.1982Passport : F7874330
Nationality : IndianMarital Status : SingleLanguages : English, Hindi, Oriya
![Shalini sahoo -copyright vs. plagiarism[1]](https://img.pdfslide.us/doc/110x75/54b71e124a7959a00c8b4576/shalini-sahoo-copyright-vs-plagiarism1.jpg)
