Good question!
I did a bit of searching and found some goodies
here[
^], but the responses there are limited. The techniques posted will get you the groups that have access, but further work will be needed to find whether a user is a member of a particular group.
Best practices in the Microsoft world include granting access to groups, not users, then to assign users to groups depending on their access needs. The security model is structured to accomodate that practice, so you'll probably have to drill down through the model to find the solution. I think the above solution will get you through the first layer, but it's obviously not enough.