
I design who gets access to what, inside the SAP systems that run global enterprises — then prove it, transaction by transaction, to the auditors who check my work.
Consultant, SAP Security & GRC (Security Engineer II) at Deloitte USI, Bengaluru. My work sits at the join of security and audit — inside SAP S/4HANA, across Greenfield and Brownfield implementations alike, building the authorization models that decide, transaction by transaction, what a role is allowed to touch.
PFCG role design, Fiori launchpad authorization, SAP GRC Access Control, BTP identity, and the FUE licensing math that determines what a seat actually costs — three Client Excellence awards along the way, and zero SoD findings ever escalated to a Big 4 auditor.
500+ PFCG roles across FI/CO, MM, SD and PM. SU24/SU25 upgrade steps, STAUTHTRACE and SUIM-driven access debugging across 3+ full-cycle implementations.
Authorization model for 50+ Fiori apps — OData services, ICF nodes, business catalogs and launchpad tile visibility, cutting incident resolution time by ~40%.
SoD risk analysis and ARA remediation — 100+ conflicts resolved to a 99% compliance rate, plus MSMP workflow routing and BRF+ agent rules.
10+ subaccounts secured with role collections, IAS/IPS identity federation, and SAML 2.0 / OAuth 2.0 SSO trust configuration.
Classified 300+ user roles against Advanced, Core and Self-Service Use metrics — a 20% reduction in projected licence cost.
Security configuration for Private and Public Cloud editions across On-Premise-to-Cloud conversions, Imagine through Hypercare.
Client Excellence Award — Deloitte USI
Client Excellence Award — Deloitte USI
Client Excellence Award — Deloitte USI
Industry Proficiency Badge — Consumer Sector