Join our global diversified pharmaceutical company enriching lives through our relentless drive to deliver better health outcomes to our patients. We are all in it together to make a difference. Be a part of a culture that doesn't just wait for change but actively creates it—where your skills and values drive our collective progress and impact.
Currently we are looking for a person for the position of:
IT Security Specialist
This is a hybrid role with three days in office in any of the following locations in Poland - Warszawa, Jelenia Góra, Rzeszów, Ksawerów.
Your responsibilities will be:
- Implement, and monitor SoD-compliant role structures within D365 F&O to prevent conflicts of interest and fraud.
- Monitoring and secure critical business objects and transactions, including financial, procurement, and Commercial modules.
- Maintain and update the Risk Control Matrix (RCM), mapping business processes to risks and controls within the D365 environment.
- Collaborate with internal audit, compliance, and business process owners to ensure control effectiveness and audit readiness.
- Conduct regular access reviews, security audits, and SoD conflict analysis using automated tools and manual assessments.
- Support incident response and remediation activities related to access violations or control failures.
Document security configurations, control mappings, and audit findings in alignment with regulatory and internal standards (e.g., SOX, GDPR).
We require:
- Bachelor’s degree in Information Security, Computer Science, or a related field.
- 3+ years of experience in IT security or internal controls, with at least 1–2 years focused on Microsoft D365 F&O.
- Strong understanding of SoD principles, role-based access control, and critical object protection in ERP systems.
- Experience with RCM development and maintenance, preferably in a regulated or audit-intensive environment.
- Familiarity with Azure Active Directory, Microsoft Defender, and compliance tools such as Microsoft Purview.
- Relevant certifications (e.g., CISA, CISSP, Microsoft Certified: Security Operations Analyst Associate).
Preferred Skills
- Experience with GRC tools (e.g. Sailpoint, Pathlock or similar) for SoD and access control monitoring.
- Knowledge of Power Platform security (Power BI, Power Apps).
- Strong analytical, documentation, and communication skills.
- Ability to work cross-functionally with IT, audit, and business teams.
We offer:
- Unique opportunity to gain international experience in a multination pharmaceutical corporation,
- Competitive salary with annual bonus depending on individual and company performance,
- Benefits package (medical care, cafeteria MyBenefit and more)
We are an Equal Opportunity Employer. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates collaboration.
All interested candidates are asked to send the CV including GPDR clause:
„I hereby give consent for my personal data included in my application to be processed for the purposes of the recruitment process under the European Parliament's and Council of the European Union Regulation on the Protection of Natural Persons as of 27 April 2016, with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive)”.