Segregation of Duties Expert

Job title: Segregation of Duties Expert

• Location: Hyderabad

About the job

Join Sanofi's Internal Control & Processes Testing Center of Excellence (IC&P CoE) and play a pivotal role in safeguarding the financial integrity and digital control environment of one of the world's leading pharmaceutical companies. This is your opportunity to be at the intersection of IT audit excellence, digital transformation, and continuous innovation — with real, measurable impact. 

The Segregation of Duties (SOD) Expert will play a critical role in strengthening Sanofi's internal control framework by overseeing and maintaining the global Segregation of Duties policy linked to financial risks. This position serves as the subject matter expert for SOD controls, ensuring compliance with regulatory requirements and corporate governance standards. The role involves close collaboration with Digital teams to implement SOD rules in enterprise systems, particularly SAP GRC Access Control (NOVA), and providing expert guidance to the Global Process Owner (GPO) organization on SOD risk definition, assessment, and continuous monitoring.

We are an innovative global healthcare company with one purpose: to chase the miracles of science to improve people’s lives. We’re also a company where you can flourish and grow your career, with countless opportunities to explore, make connections with people, and stretch the limits of what you thought was possible. Ready to get started?

Main responsibilities:

• SOD Policy Governance & Compliance - Oversee and maintain Sanofi's global Segregation of Duties policy framework, ensuring alignment with financial risk management objectives and regulatory requirements (SOX, internal audit standards) Set up and conduct SOX and CSRD ITAC & ITGC testing in coordination with external auditors, SOX entities, and BSC System Controls Leads. Analyze SOC report for in-scope third parties Conduct testing of High-Risk controls for Digital solutions in compliance with Digital Control Framework. Identify optimization & continuous improvement opportunities. 

• Manage and continuously update the global SOD Matrix, ensuring comprehensive coverage of critical financial process risks and incompatible function combinations. Conduct periodic reviews of SOD policies to incorporate emerging risks, business changes, and regulatory updates. Ensure SOD policy compliance across all Sanofi entities and business units globally. Develop and maintain SOD control documentation, including policy guidelines, procedures, and risk assessment methodologies

• Digital Systems Implementation & Support - Serve as the primary business liaison to the Digital team for implementing SOD rules and controls in SAP GRC Access Control. Translate business SOD requirements into technical rule configurations within SAP GRC. Support the design, testing, and deployment of automated SOD controls in enterprise systems. Validate SOD rule effectiveness and accuracy in system implementations. Troubleshoot SOD-related system issues and provide expert guidance on rule optimization. Participate in system upgrades, enhancements, and new module implementations to ensure SOD controls are properly integrated

• GPO Organization Support & Risk Management - Partner with Global Process Owners (GPOs) to define, assess, and document SOD risks within their respective process areas. Facilitate SOD risk workshops and training sessions for GPO teams and process owners. Provide expert consultation on SOD risk mitigation strategies, including compensating controls and process redesign recommendations. Support GPOs in establishing SOD monitoring procedures and key risk indicators. Assist in the investigation and resolution of SOD conflicts and violations. Develop risk-based approaches to prioritize SOD remediation efforts

• Monitoring, Reporting & Continuous Improvement - Establish and maintain SOD monitoring frameworks and dashboards to track compliance and identify trends. Generate regular reports on SOD violations, remediation status, and control effectiveness for management and audit committees. Conduct root cause analysis of recurring SOD issues and recommend sustainable solutions. Drive continuous improvement initiatives to enhance SOD control efficiency and effectiveness. Stay current with industry best practices, regulatory changes, and emerging SOD methodologies

About you

• Experience: Minimum 5 years of experience in Internal Controls, SOX compliance, or financial risk management. At least 3 years of hands-on experience with Segregation of Duties projects (framework definition and implementation, review of SoD matrix and remediation of risks). Proven experience working with SAP GRC Access Control or similar access governance tools. Demonstrated experience in a multinational corporate environment, preferably in pharmaceutical, healthcare, or highly regulated industries. Experience supporting or working with Global Process Owner organizations or similar governance structures

• Technical Expertise: Deep understanding of Segregation of Duties principles, frameworks, and best practices. Strong knowledge of financial processes and ability to explain associated risks (Order-to-Cash, Procure-to-Pay, Account-to-Report, etc.) Proficiency in SAP GRC Access Control configuration, rule design, and administration. Familiarity with SAP ERP modules (FI, CO, MM, SD) and their authorization objects. Understanding of SOX compliance requirements and internal control frameworks (COSO, COBIT). Experience with access governance, role-based access control (RBAC), and identity management concepts

• Education: Bachelor's degree in finance, Accounting, Information Systems, Business Administration, or related field, Master's degree in relevant discipline (MBA, MS in Accounting, MS in Information Systems) Or Professional certifications such as - Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), SAP GRC Access Control Certification

• Analytical & Problem-Solving Skills: Strong analytical skills with ability to assess complex business processes and identify SOD risks. Excellent problem-solving capabilities to address SOD conflicts and design effective controls. Data analysis skills to interpret SOD reports, identify patterns, and drive insights. Ability to balance risk management with business operational needs.

• Stakeholder Management & Training: Collaborate with Internal Audit, Compliance, IT Security, and business stakeholders on SOD-related matters. Develop and deliver SOD training programs for various audiences (process owners, system administrators, end users). Serve as the escalation point for complex SOD questions and scenarios. Build strong relationships with regional and functional teams to promote SOD awareness and compliance culture

• Languages: Must be fluent (written/spoken) in English.  

Why choose us?

Add four standard Sanofi selling points and up to three additional selling points that are specific to the role, team or location.

• Bring the miracles of science to life alongside a supportive, future-focused team.

• Discover endless opportunities to grow your talent and drive your career, whether it’s through a promotion or lateral move, at home or internationally.

• Enjoy a thoughtful, well-crafted rewards package that recognizes your contribution and amplifies your impact.

• Take good care of yourself and your family, with a wide range of health and wellbeing benefits including high-quality healthcare, prevention and wellness programs and at least 14 weeks’ gender-neutral parental leave.

• Part of Global Finance services in Sanofi, gives a great opportunity to work and have a enriching experience in Account to Report domain area.

• Opportunity to also have a Global exposure in accounting and experience on working for multiple geographies.