Compliance Lead

Auris Health

Auris Health

Bengaluru, Karnataka, India
Posted on Tuesday, August 1, 2023


Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing creative ideas, products and services to advance the health and well-being of people. Every day, our more than 130,000 employees across the world are blending heart, science and ingenuity to profoundly change the trajectory of health for humanity.

Janssen India, the pharmaceutical division of Johnson & Johnson India, is dedicated to addressing and solving some of the most important unmet medical needs of our time in India, in oncology, immunology, neuroscience and analgesia, dermatology, infectious diseases and metabolic diseases. Driven by a strong dedication to the health and well-being of patients, Janssen India brings innovative products, services and solutions to people throughout the world. Janssen recognizes the impact of serious conditions on people’s lives, and aims to empower people through disease awareness, education and access to quality care in six therapeutic areas.

Compliance Lead

Position Summary:

Main Responsibilities:

• Identify stakeholder concerns and facilitate discussion on process consultations, identify problems and communicate potential solutions.

• Responsible for managing and performing applicable IT controls assurance and compliance activities

• Perform control validation testing of all applicable IT controls as per guidelines from the SOX Program including UASOD, interface controls, configurable and application controls related to finance systems and processes.

• Assist with the implementation of Regional Compliance initiatives and Compliance department related activities such as risk management and assessment programs, compliance audit annual calendar of activities, monthly leadership compliance related requirements.

• Create and implement risk assessment and management process over financial IT related process which includes risk prioritization and evaluation subject to the approval of the Regional GFS Compliance Head.

• Guide business process owners and provide full advisory support during process-related internal and external audit reviews.

• Inform/discuss with potential risks and issues and/or opportunities for improvement and best practices at the GS centers to promote strong compliance.

• Other matters that may be assigned.

Core Compliance Taxonomy Responsibilities:

User Access Management

- Review and perform risk analysis for access/change requests ensuring completeness of the access request form and segregation of duties.

- Review access request against the role matrix/library and ensure approvers are correct based on the approval matrix

- Perform Segregation of Duties (SOD) checks ensuring access requested does not have conflicts with existing access executing a cross-system analysis and considering manual job responsibilities.

Participate in the process of role creation and risk analysis assessments based on requirements and develop recommendations from those findings

- Review weekly changes/transfers report to ensure accesses are accurate to user’s current function and take action on changes detected and terminated users to ensure a compliant environment.

- Support the remediation for all Corporate Governance, Segregation of Duties, and Sarbanes-Oxley related projects and ongoing maintenance in these efforts in the SAP space.

- Review complex business processes, systems, workflows, SOPs, policies and procedures to identify, document, and elevate the presence of risks and controls, both manual and automated, and/or management controls in each functional area to mitigate any risk or exposure

- Stay up to date on the latest risks and challenges in the SAP/Systems’ space and provide current and ongoing recommendations to J&J leadership on our risk posture. Drive continuous process improvement in order to meet changing business conditions

- Work closely with IT to support on global access reviews, escalating issues, peering with IT and supporting reviewers to ensure 100% of the appropriateness reviews are done within the deadline.

- Work in partnership with Compliance Team to provide best recommendations on User Access and Segregation of duties issues, mapping mitigating controls, reviewing them and updating them accordingly as per guidelines to guarantee risks are properly mitigated.

- Monitor the review progress to ensure that reviewers complete the review timely, escalate reviews to reviewer's supervisor and leadership if reviewer is not able to complete review. Provide help and support for questions in performing the review.

- Provide trainings to process owners (users and reviewers) on the processes to request, review and manage user access for the systems they use including SOD assessment. This is to ensure they understand the process and are performing the control appropriately.

- Ensure compliance with all Sarbanes‐Oxley and all other internal control & regulatory requirements

- Ensure successful internal and external audits in the area of user access & segregation of duties.

- Support the Go Lives/Transitions/Due Diligence process to ensure compliant user access & segregation of duties processes & controls.

- Maintain the standardized Sarbanes‐Oxley Documentation package for user access & segregation of duties and ensure alignment with global initiatives

Access Approver Management

- Provide training to the designated Access Approvers to ensure that the approval workflow process was understood, and controls were performed appropriately.

- Assess if the access approver is appropriate for the role and scope of the request.

- Perform approver review and provide positive confirmation on the appropriateness of access and any changes required.

- Monitor Access Approver

Access Risk & SOD Ruleset Governance

- Monitor and Approve Access Risk and SOD Rulesets for changes

- Execute Change Control and Testing of Access Risk and SOD Rulesets changes

- Communicate Changes and Train Access Approvers

Role Design Governance

- Support the business by monitoring risks related to organization, technology, and process changes to ensure that the system roles remain appropriate over time.

- Act as a compliance tester to validate that role changes are implemented per approved design and critical access and SOD conflicts are identified and remediated before implementation.

- Act as a compliance approver for role creation or changes to ensure critical access and SOD conflicts are identified and remediated before implementation.


• At least 3 years of progressive experience in auditing in one or more of the following fields: (a) financial/operational, (b) external, (c) information systems, and (d) compliance.

• Strong attention to detail and precise work delivered is a must

• Strong customer focus with excellent communication, presentation and training skills

• Proficient in basic MS Office applications (Excel, Outlook, Powerpoint, Word) required

• Working knowledge of SAP (or other ERP's) an advantage

• Familiarity in SOX documentation procedure and SOX certification is desirable

• Demonstrated experience in internal/external audit, finance, compliance

• Control, Compliance, Audit and/or Operational Risk experience is desirable

Are you ready to impact the world?

Johnson & Johnson offers an unusual experience to professionals looking for an opportunity to work with hardworking people who share your real passion for caring in an environment that empowers you to drive your own career.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

• Relevant experience in risk identification, assessment, monitoring, and remediation will be an additional strength

• Ability to think strategically and connect.

• Strong customer focus with excellent communication, presentation and training skills

• Knowledge of the Banking environment is a plus

• Planning, prioritization, and multitasking skills.

• Experience managing / working on complex projects, with variable stakeholders and within tight deadlines

• Effectively work with new and changing situations.

• Good interpersonal, as well as both oral and written communication skills.

• Good command of English language