Application Controls Engineer Enterprise Platform SAP Security

Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas.

Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com.

Astellas Global Capability Centers Overview

Astellas Global Capability Centers (GCCs) are strategically located sites that give Astellas the ability to access talent across various functions in the value chain and to co-locate core capabilities that are currently dispersed. Our three GCCs are located in India, Poland, and Mexico. The GCCs will enhance our operational efficiency, resilience, and innovation potential, enabling a timely response to changing business demands. Our GCCs are an integral part of Astellas, guided by our shared values and behaviors, and are critical enablers of the companys strategic priorities, sustainable growth, and commitment to turning innovative science into value for patients.

This position is based in Bangalore, India, and will require work from the office at least the minimum number of days per week as agreed by the business leader.

Purpose and Scope

As an Applications Controls Engineer, you will be a crucial player in driving our digital initiatives forward in our agile organization. Our agile operating model consists of two components: Digital Capability and Digital Execution. Digital Execution is about aligning multiple missions around business goals and facilitating collaboration on a larger scale. Digital Capability, on the other hand, will focus on the growth and development of individuals within a specific area of expertise. This dual structure enables us to scale agile practices efficiently while maintaining a focus on both product development and individual skill enhancement.

An Application Controls or SAP GRC Governance, Risk, and Compliance Engineer is a specialized role within DigitalX, focusing on the design, implementation, and maintenance of control systems and compliance mechanisms within SAP and other Enterprise Platforms and applications. This position plays a crucial role in ensuring that Enterprise Platforms and Applications are secure, compliant with regulatory standards, and aligned with the organizations risk management strategies. The role requires a blend of technical SAP expertise, a deep understanding of governance, risk, and compliance (GRC) principles, and the ability to apply these in a practical business-oriented manner.

You will be at the forefront of implementing innovative solutions and will have the opportunity to work on cutting-edge technologies in your field.

Essential Job Responsibilities

SAP GRC Configuration and Management

• Configure, manage, and optimize SAP GRC modules, including Access Control, Process Control, and Risk Management, to ensure effective governance, risk mitigation, and compliance with internal and external regulations.
• Ensure controls are in place for critical business processes and are aligned with best practices.

Application Control Implementation

• Design and implement robust application controls within SAP and other Application systems to safeguard against unauthorized access, data breaches, and fraud.
• Ensure controls are in place for critical business processes and are aligned with best practices.

Compliance and Auditing

• Conduct regular audits and compliance checks within SAP and other JSOX-related systems to identify potential vulnerabilities or non-compliance issues.
• Work closely with internal and external auditors to facilitate audits and address findings.

Risk Assessment and Mitigation

• Perform risk assessments related to SAP and other applications and GRC processes.
• Develop and implement strategies to mitigate identified risks and ensure that risk management practices are integrated into the Enterprise platforms and applications.

Incident Response and Resolution

• Respond to security incidents and compliance breaches within SAP and other systems.
• Collaborate with DigitalX cybersecurity teams to investigate incidents, implement corrective actions, and prevent future occurrences.

Training and Support

• Provide training and support to SAP users on GRC processes and application controls.
• Develop user guides, training materials, and support documentation to enhance understanding and compliance.

Continuous Improvement

• Continuously monitor and evaluate the effectiveness of SAP GRC processes and controls.
• Recommend and implement improvements to enhance security, compliance, and efficiency.

Stakeholder Collaboration

• Collaborate with DigitalX business units and external partners to ensure SAP GRC initiatives align with business objectives and technology strategies.
• Communicate effectively with stakeholders to provide updates and gather feedback.