Join our global diversified pharmaceutical company enriching lives through our relentless drive to deliver better health outcomes to our patients. We are all in it together to make a difference. Be a part of a culture that doesnt just wait for change but actively creates it—where your skills and values drive our collective progress and impact.
This is a hybrid role with three days in office in any of the following locations in Poland - Warszawa, Jelenia Góra, Rzeszów, Ksawerów.
responsibilities :
Implement, and monitor SoD-compliant role structures within D365 F&O to prevent conflicts of interest and fraud.
Monitoring and secure critical business objects and transactions, including financial, procurement, and Commercial modules.
Maintain and update the Risk Control Matrix (RCM), mapping business processes to risks and controls within the D365 environment.
Collaborate with internal audit, compliance, and business process owners to ensure control effectiveness and audit readiness.
Conduct regular access reviews, security audits, and SoD conflict analysis using automated tools and manual assessments.
Support incident response and remediation activities related to access violations or control failures.
Document security configurations, control mappings, and audit findings in alignment with regulatory and internal standards (e.g., SOX, GDPR).
requirements-expected :
Bachelor’s degree in Information Security, Computer Science, or a related field.
3+ years of experience in IT security or internal controls, with at least 1–2 years focused on Microsoft D365 F&O.
Strong understanding of SoD principles, role-based access control, and critical object protection in ERP systems.
Experience with RCM development and maintenance, preferably in a regulated or audit-intensive environment.
Familiarity with Azure Active Directory, Microsoft Defender, and compliance tools such as Microsoft Purview.
