At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https\://www.jnj.com/.
For more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day. Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world. Our diverse workforce and culture of belonging accelerate innovation to solve the worldβs most pressing healthcare challenges.
We know that the success of our business β and our ability to deliver meaningful solutions β depends on how well we understand and meet the diverse needs of the communities we serve. Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential.
At Johnson & Johnson, we all belong.
Johnson & Johnson is recruiting for a Global Access Management Compliance Specialist, located in Paranaque City, Manila.
The GAM Compliance Specialist is responsible for access management governance over applicable information technology controls and all compliance related activities, including SOX certification and compliance with relevant policies and procedures across the supported organizations.
The role will also be responsible for performing reviews of system access and segregation of duties conflicts for all users of the various ERP and application systems utilized by supported organizations and will be the process leader for Global Access Management governance.
Key Responsibilities\: Access Management - Review access/change request form for completeness
- Review access request against the role matrix/library and ensure approvers are correct based on the approval matrix
- Perform Segregation of Duties (SOD) checks ensuring access requested does not have conflict with existing access and manual job responsibilities.
- Review weekly movement report ensuring transfer employee's system access is up-to-date and terminated user's system access is revoked on time.
- Main support of the review process including automated access review (NAGS)
- Perform immediate action based on the reviewer's feedback and concerns
- Ensure that user access recertification is completed on time
- Identification of mitigating control assignment request for users with valid SOD conflicts
- Review and validation of new SOD conflicts and Document mitigating controls assignment
- Annual update of mitigating control library
Access Approver Management - Identification of appropriate access approvers (i.e. role owner, compliance manager)
- Main support of the review process including automated access review (NAGS)
- Perform immediate action based on the reviewer's feedback and concerns
- Ensure that user access recertification is completed on time
- Provide training and continuous support to business reviewers/approvers and related process owners through conduct of IT SOX and Global Access Management refresher trainings
- Main support for the UA SOD scope in CIA audits
- Responsible for SOX/Compliance mentorship deployment (ie DCM walkthroughs to Affiliates) and new projects (ie GRC implementation)
- Perform controls validation testing of all applicable IT controls as per guidelines from the SOX Program including UASOD, interface controls, configurable and application controls related to finance systems and processes.
- Assist on the due diligence project by performing key controls testing based on Global prescribed test scripts and attributes.
Due Diligence and Projects - Support the business by monitoring risks related to organization, technology, and process changes to ensure that the system roles remain appropriate over time.
- Other matters that may be assigned.
- University degree in Finance or related field or equivalent with professional certification (e.g. CISA, CPA)
- Proficient in basic MS Office applications (Excel, Outlook, Powerpoint, Word) required
- Working knowledge of SAP (or other ERP's) an advantage
- Familiarity in SOX documentation procedure and SOX certification is desirable
- Demonstrated experience in internal/external audit, finance, compliance
- Experience in shared services center of a multinational corporation desirable
- Proactive with good interpersonal skills
- Good command of the English language