Job Location: Bengaluru
Posted Date: Oct 17 2022
Ready to help shape the future of healthcare?
At GSK, we have already delivered unprecedented change over the past four years, improving R&D, becoming a leader in Consumer Healthcare, strengthening our leadership, and transforming our commercial execution. Now, we’re making the most significant changes we’ve made to our business in over 20 years. We’re on track to separate and create two new companies in 2022: New GSK with a leading portfolio of vaccines and specialty medicines as well as R&D based on immune system and genetics science; and a new world-leading consumer healthcare company of loved and trusted brands.
With new ambition comes new purpose. For New GSK, this is to unite science, talent, and technology to get ahead of disease together – all with the clear ambition of delivering human health impact; stronger and more sustainable shareholder returns; and as a new GSK where outstanding people thrive.
Getting ahead means preventing disease as well as treating it. How we do all this is through our people and our culture. A culture that is ambitious for patients – so we deliver what matters better and faster; accountable for impact – with clear ownership of goals and support to succeed; and where we do the right thing. So, if you’re ready to improve the lives of billions, join us at this exciting moment in our journey. Join our challenge to get Ahead Together.
Job Purpose:-
This role will perform and support testing of IT General Controls and Automated Controls for in scope systems to support the SOX Testing strategy. The role will work closely with process owners to remediate and maintain compliance with Section 404 of the Sarbanes-Oxley Act. The role will liaise with both internal and external auditors to support their testing
Key Responsibilities:-
The person has responsibilities within the GA&D Service, including:
- Tracking our Risks, Audits and Management Monitoring items.
- Be the interface into Core Tech when there is a dependency on them to deliver patches/upgrades etc to fix vulnerabilities identified in Archer across our entire fleet of applications
- Penetration testing of infrastructure components, web applications, Cloud-based applications, core global systems and applications (such as SAP, Workday, Middleware systems etc.)
- Configuration and Operation of existing Security Tools, Remediation and/or mitigation of detected vulnerabilities.
- Compile regular reporting on Application Security Monitoring key performance indicators. Security notes assessment and implementation upon the monthly release.
- Leading and managing the planning and execution of Tech SOX testing for applications and infrastructure.
- Work with the internal Controls and Compliance team to support SOX compliance in relation to General IT Controls over the SAP landscape. Managing external auditors to support various audits.
- Leading and driving various compliance requirements i.e., periodic access review, Firefighter reviews, CyberArk and Imperva alert monitoring.
- Tracking and reporting on outstanding actions relating to SOX findings
- Understanding Tech processes, identify risks & controls and define monitoring tests
- Responsible for responding to, and acting on, compliance related issues, including those raised by internal and external audit
- Drive innovation within the area of SAP security and controls, with a view to optimizing the control environment to enhance the security of our SAP landscape
Knowledge/Education Required :-
Minimum Level of Education Required:-
- Graduate in related discipline or equivalent experience.
- ITIL Foundation Certification
Area of Specialization – ERP Audit/IT Audit
Preferred Level of Education – SAP Certified Technology Professional, ITIL Certification, CISM will be a plus.
Previous Experience Required :-
Minimum Level of Job-Related Experience Required –
- At least 8-10 years of experience in IT audits, IT advisory, data analytics, ERP advisory or consultation, IT risk management and similar technology expertise.
- Experience in business processes, application support and IT service management
- Significant experience working in IT audit, e.g., IT SOX tester/ IT auditor / Sarbanes Oxley audit
- Proven capability in Risk Management and Internal Controls
- Experience of working with external auditors on control and SOX testing
- Ability to engage with leadership teams
- SAP, JDE or other ERP application and/or infrastructure knowledge and experience
- SAP Authorization, GRC knowledge and experience.
- SailPoint and CyberArk experience
- Working experience in the practical application of Agile/Scrum development/deployment methodologies
- Knowledge of security and compliance frameworks, standards and regulations – SOC2, Cloud Security Alliance, NIST, ISO, COBIT etc.,
- Knowledge of Archer Vulnerability management.
Why is this level of experience required – Complexity of position dictates a senior person with flexible thinking.
Problem Solving & Innovation –
This role will
- Analyze and diagnose customer feedback, formulating action plans that will improve VoC
- Work across boundaries within and external to Global ERP to ensure issues are resolved in a timely manner
- Identify opportunities for improvement and implement them.
- Engage and solicit help from service providers (SAP, TCS, Wipro, TechM)
Example: Respond to Major escalation and owning timely resolution of issues. Quickly trigger processes and understand resourcing requirements, pulling in relevant team members and ensuring teams are working collaboratively together to resolve issues efficiently. Managing communications whilst this is happening to ensure key stakeholders are kept up to date
Interaction:-
This role must have excellent interpersonal skills capable of building relationships across different teams in the organization (IT and Business). This role must be capable of leading effectively in large, complex cross functional teams. Must have excellent communication skills to be able to influence senior stakeholders and motivate teams
Multi-Cultural Requirements –
This role would interact, communicate & indirectly get the work done from various team members in TechOps, GA&D Finance Product Owners, Manufacturing Product Owners, Security, Compliance & Audit teams which are geographically spread-out.
Impact – The role will require person to interact with senior management on daily basis, building confidence in the service offering. The person will be expected to cut across organizational boundaries to negotiate and demand support from other teams to aid resolution of critical business issues.
At GSK we value diversity (Gender, LGBTQ +, PwD etc.) and treat all candidates equally. We aim to create an inclusive workplace where all employees feel engaged, supportive of one another, and know their work makes an important contribution.
- LI-GSK
GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to impact the health of 2.5 billion people around the world in the next 10 years.
Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a workplace where everyone can feel a sense of belonging and thrive as set out in our Equal and Inclusive Treatment of Employees policy. We’re committed to being more proactive at all levels so that our workforce reflects the communities we work and hire in, and our GSK leadership reflects our GSK workforce.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK’s commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.
GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKline (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.
If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in “gsk.com”, you should disregard the same and inform us by emailing askus@gsk.com, so that we can confirm to you if the job is genuine.
Submit CV To All Data Science Job Consultants Across Bharat For Free