Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas!
Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com.
This position is based in Bangalore, India. We recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with the Responsible Flexibility Guidelines.
Purpose and Scope:
Summarize the primary purpose of the position in 1-3 sentences. Intent is to capture the work this position does and is accountable for and why the role exists as a unique position. Not intended to be a summary of all duties.
As an Applications Controls Engineer, you will be a crucial player in driving our digital initiatives forward in our agile organization. Our agile operating model consists of two components – Digital Capability and Digital Execution. Digital Execution are about aligning multiple missions around business goals and facilitating collaboration on a larger scale. Digital Capability, on the other hand, focus on the growth and development of individuals within a specific expertise area. This dual structure enables us to scale agile practices efficiently while maintaining a focus on both product development and individual skill enhancement.
An Application Controls or SAP GRC (Governance, Risk, and Compliance) Engineer is a specialized role within DigitalX, focusing on the design, implementation, and maintenance of control systems and compliance mechanisms within SAP and other Enterprise Platforms and applications. This position plays a crucial role in ensuring that Enterprise Platforms & Applications are secure, compliant with regulatory standards, and aligned with the organization's risk management strategies. The role requires a blend of technical SAP expertise, a deep understanding of governance, risk, and compliance (GRC) principles, and the ability to apply these in a practical, business-oriented manner.
You will be at the forefront of implementing innovative solutions and will have the opportunity to work on cutting-edge technologies in your field.
Responsibilities and Accountabilities:
SAP GRC Configuration and Management: Configure, manage, and optimize SAP GRC modules, including Access Control, Process Control, and Risk Management, to ensure effective governance, risk mitigation, and compliance with internal and external regulations. Develop and manage SAP security roles and authorizations across SAP ECC, S/4HANA, SAP Fiori, SAC, other modules and also support SAP security upgrades and patching activities Conduct risk analysis and remediation using SAP GRC and Monitor and manage SAP system security logs and alerts Application Control Implementation: Design and implement robust application controls within SAP and other Applications / systems to safeguard against unauthorized access, data breaches, and fraud. Ensure controls are in place for critical business processes and are aligned with best practices. Compliance and Auditing: Conduct regular audits and compliance checks within SAP and other JSOX related systems to identify potential vulnerabilities or non-compliance issues. Work closely with internal and external auditors to facilitate audits and address findings. Risk Assessment and Mitigation: Perform risk assessments related to SAP and other applications and GRC processes. Develop and implement strategies to mitigate identified risks and ensure that risk management practices are integrated into the Enterprise platforms and applications. Incident Response and Resolution: Respond to security incidents and compliance breaches within SAP and other systems. Collaborate with DigitalX cybersecurity teams to investigate incidents, implement corrective actions, and prevent future occurrences. Training and Support: Provide training and support to SAP users on GRC processes and application controls. Develop user guides, training materials, and support documentation to enhance understanding and compliance. Continuous Improvement: Continuously monitor and evaluate the effectiveness of SAP GRC processes and controls. Recommend and implement improvements to enhance security, compliance, and efficiency. Stakeholder Collaboration: Collaborate with DigitalX, business units, and external partners to ensure SAP GRC initiatives align with business objectives and technology strategies. Communicate effectively with stakeholders to provide updates and gather feedback.