GAM Compliance Specialist
Publication date:
03 October 2024Workload:
100%Contract type:
Unlimited employment- Place of work:Manila
Johnson & Johnson is recruiting for a Global Access Management Compliance Specialist, located in Paranaque City, Manila.
The GAM Compliance Specialist is responsible for access management governance over applicable information technology controls and all compliance related activities, including SOX certification and compliance with relevant policies and procedures across the supported organizations.
The role will also be responsible for performing reviews of system access and segregation of duties conflicts for all users of the various ERP and application systems utilized by supported organizations and will be the process leader for Global Access Management governance.
Key Responsibilities:
Access Management
- Review access/change request form for completeness
- Review access request against the role matrix/library and ensure approvers are correct based on the approval matrix
- Perform Segregation of Duties (SOD) checks ensuring access requested does not have conflict with existing access and manual job responsibilities.
- Review weekly movement report ensuring transfer employee's system access is up-to-date and terminated user's system access is revoked on time.
- Main support of the review process including automated access review (NAGS)
- Perform immediate action based on the reviewer's feedback and concerns
- Ensure that user access recertification is completed on time
- Identification of mitigating control assignment request for users with valid SOD conflicts
- Review and validation of new SOD conflicts and Document mitigating controls assignment
- Annual update of mitigating control library
Access Approver Management
- Identification of appropriate access approvers (i.e. role owner, compliance manager)
- Main support of the review process including automated access review (NAGS)
- Perform immediate action based on the reviewer's feedback and concerns
- Ensure that user access recertification is completed on time
- Provide training and continuous support to business reviewers/approvers and related process owners through conduct of IT SOX and Global Access Management refresher trainings
- Main support for the UA SOD scope in CIA audits
- Responsible for SOX/Compliance mentorship deployment (ie DCM walkthroughs to Affiliates) and new projects (ie GRC implementation)
- Perform controls validation testing of all applicable IT controls as per guidelines from the SOX Program including UASOD, interface controls, configurable and application controls related to finance systems and processes.
- Assist on the due diligence project by performing key controls testing based on Global prescribed test scripts and attributes.
Due Diligence and Projects
- Support the business by monitoring risks related to organization, technology, and process changes to ensure that the system roles remain appropriate over time.
- Other matters that may be assigned.
Contact
Synthes GmbH