Join Amgen’s Mission of Serving Patients At Amgen, if you feel like you’re part of something bigger, it’s because you are. Our shared mission—to serve patients living with serious illnesses—drives all that we do. Since 1980, we’ve helped pioneer the world of biotech in our fight against the world’s toughest diseases. With our focus on four therapeutic areas –Oncology, Inflammation, General Medicine, and Rare Disease– we reach millions of patients each year. As a member of the Amgen team, you’ll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives. Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you’ll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career. SAP GRC SOX Compliance Analyst **What you will do** Let’s do this. Let’s change the world. In this vital role you will be a vital part of the Governance, Risk and Compliance (GRC) team within Cybersecurity and Digital Trust (CDT). This team is part of Amgen's Technology team. In this position you are responsible for enabling Information Technology Sarbanes-Oxley (SOX) Compliance. You are required to collaborate with the IT SOX Compliance Manager, service owners, engineers, and other Amgen internal partners such as Finance, Compliance, Corporate Audit and Law department to develop, maintain, and improve Amgen’s Information Compliance. **Key responsibilities:** You will bring forth out of the box thinking, an agile mindset and proven domain expertise and innate understanding of IS controls to empower IS process and product owners to build and maintain IT solutions with compliance, by design. In this role, you must have an agile mindset with working knowledge of SAP ECC security concepts and SAP role design. Additionally, a solid understanding of SAP Governance Risk and Compliance (GRC) Modules: Access Control and Risk Management. You will be a member of ERP Compliance team to monitor, evaluate and continuously improves Amgen's SAP compliance and security posture, to effectively reduce risks and satisfy the security objectives of the organization. You will perform the following activities and any additional tasks required to attest that our systems, applications and infrastructures subjected to different aspects of compliance are able to verify adherence efficiently and effectively. + Support the SAP GRC Controls Management and Compliance function + Demonstrate a good working knowledge of the SAP GRC environment + Coordinate, collaborate, and communicate with IT personnel across the organization to ensure that our IS SOX process is followed as required by our organization + Ability to demonstrate solid sense of ownership, detail orientation, keen focus on quality and setting clear expectations + In charge of working with process owners, internal, and external auditors in support of our quarterly certification process + Collaborate and support any SOX evidence request efforts made by Internal and External Audit teams + Develop and promote educational mentorship resources that will help facilitate new owners understanding of the Sarbanes-Oxley Act and their responsibilities + Participate in walkthroughs with system, service, and process owners + Review and analyze SOX systems and applications showing in Configuration Management Database (CMDB) for SOX applicability and ensure all components are collected and accounted for + Deep understanding of IT infrastructure and hands on experience in Information Technology Infrastructure Library (ITIL) and System Development Life Cycle (SDLC) + Assess the risks of IT audit findings, identify mitigating controls and incorporate in IT process framework continual improvement + Map regulatory requirements across functions to identify compliance and audit response efficiencies while liaising with internal auditors and IT service owners to ensure information assurance processes are mature, and outcomes are effective by appropriately addressing and raising relevant risks to policy and regulatory compliance + Contribute to the strategic development of Information Governance (IG) program + Maintain awareness of changing technology environments, implementation methodologies and frameworks used to support responsible functions (e.g., AI, machine learning, Dev Ops, etc.) + Ensure quality of work and timeliness across different functional deliverables and take ownership of issues and coordinate through to completion + Align responsible functions with greater Information Systems strategy (e.g., City Planning, Cloud First, etc.) **What we expect of you** We are all different, yet we all use our unique contributions to serve patients. The professional we seek will have these qualifications. **Basic Qualifications:** Master’s degree OR Bachelor’s degree and 2 years of Information Systems experience OR Associate’s degree and 6 years of Information Systems experience Or High school diploma / GED and 8 years of Information Systems experience **Preferred Qualifications:** + 4+ years of IT audit, Information Technology / Security control assurance or enterprise IT compliance experience + Working knowledge of Information Governance principles and Information Security principles: confidentiality, integrity, and availability + Knowledge of international standards for Information Technology and Information Governance + Experience working with various technologies, IT frameworks and methodologies + Proven ability to understand the concepts of new cloud technologies and other paradigms such as emerging Big Data technologies, lean methodologies to propose appropriate controls and compliance mentorship + Strong written and verbal communication, including the ability to explain technical matters to a non-technical audience + Possess strong organizational and collaboration skills + Working in large / global corporate environments involving multiple businesses + 3+ years of experience within health, biotechnology/pharma or other regulated industries + Working experience with Governance, Risk and Compliance (GRC) tools. + Exceptional teamwork encompassing cross-functional teams, peer relationships, informing, understanding and appreciating differences + Strong ability to convey and influence complex information compliance, risk and security issues in a manner that is easily understood and actionable + Ability to effectively facilitate and inspire change within the organization. + Developing / delivering presentations to large audiences and at all levels within the organization + One or more industry recognized certifications, including but not limited to: + Certified Information Systems Auditor (CISA) + Certified Information Security Manager (CISM) + Certified Information Systems Security Professional (CISSP) + SANS Global Information Assurance Certifications (GIAC) What you can expect from us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we’ll support your journey every step of the way. The expected annual salary range for this role in the U.S. (excluding Puerto Rico) is posted. Actual salary will vary based on several factors including but not limited to, relevant skills, experience, and qualifications. In addition to the base salary, Amgen offers a Total Rewards Plan, based on eligibility, comprising of health and welfare plans for staff and eligible dependents, financial plans with opportunities to save towards retirement or other goals, work/life balance, and career development opportunities that may include: + A comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts + A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan + Stock-based long-term incentives + Award-winning time-off plans + Flexible work models, including remote and hybrid work arrangements, where possible Apply now and make a lasting impact with the Amgen team. **careers.amgen.com** In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Application deadline Amgen does not have an application deadline for this position; we will continue accepting applications until we receive a sufficient number or select a candidate for the position. As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease. Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.