Senior Specialist – IT Application & General Controls
Sanofi · Hyderabad
Sanofi · Hyderabad
Job title: Senior Specialist – IT Application & General Controls (ITAC/ITGC) • Location: Hyderabad About the job Join Sanofi's Internal Control & Processes Testing Center of Excellence (IC&P CoE) and play a pivotal role in safeguarding the financial integrity and digital control environment of one of the world's leading pharmaceutical companies. This is your opportunity to be at the intersection of IT audit excellence, digital transformation, and continuous innovation — with real, measurable impact. Internal Control is a cornerstone of Sanofi's governance framework, providing reasonable assurance across three critical dimensions: • Operational excellence — effectiveness and efficiency of operations • Reporting integrity — reliability of financial and management information • Regulatory compliance — adherence to applicable laws, regulations, and Sanofi policies Our Hubs are a crucial part of how we innovate, improving performance across every Sanofi department and providing a springboard for the amazing work we do. Build a career and you can be part of transforming our business while helping to change millions of lives. Ready? As Internal Control Global Testing COE Senior Specialist within our Internal Control Global Testing COE, you’ll Support Internal Control Global Process Leads in the creation / update of test scripts for SOX & non-SOX testing through constructive feedback and sharing of best practices. Coordinate the CSA campaign by consolidating the Local Process Owners list, updating the tools and following the CSA completion and sign-off. We are an innovative global healthcare company with one purpose: to chase the miracles of science to improve people’s lives. We’re also a company where you can flourish and grow your career, with countless opportunities to explore, make connections with people, and stretch the limits of what you thought was possible. Ready to get started? Main responsibilities: • As a key pillar of Sanofi's 2nd Line of Defense, the IC&P CoE supports and challenges operational standards, guides business teams, and reports directly to ExCom on control implementation and action plans. Reporting to the IC&P CoE ITAC/ITGC Lead, the ITAC /ITGC Specialist executes both IT Application Control (ITAC) and IT General Control (ITGC) testing activities. For ITAC scope, this includes IT Dependent controls (automated controls, key reports, interfaces), User Access Management (UAM) and Segregation of Duties (SOD) in coordination with external auditors, SOX entities, and BSC System Controls Leads. For ITGC scope, this includes Digital SOX ITGC and High Risk testing activities in coordination with external auditors, Digital control owners, and Digital Risk & Compliance Leads. • Set up and conduct SOX ITAC & ITGC testing in coordination with external auditors, SOX entities, and SOX leads — including SOC report analysis for in-scope third parties • Support control owners in identifying compensatory controls and remediation actions when deficiencies arise • Support execution of Control-Self-Assessment (CSA) campaigns, leveraging Risk profile control attestations, by reviewing completeness & relevancy of answers provided. Conduct testing of High Risk controls (IC Testing) for Digital solutions in compliance with Digital Control Framework. Perform quality review of testing performed by other testers to ensure proper completion and alignment with Requirements • Pioneer automation initiatives within SOX, CSRD, and IC testing processes — leveraging data analytics and emerging technologies to reduce manual effort, increase testing coverage, and enable continuous improvement. • MANAGE CONTROL ENVIRONMENT: Understand in scope applications, infrastructure and third parties’ specificities. Review prior year test results and Sanofi methodology. Obtain and manage access to applicable Sanofi systems, including sanofi GRC system. Participate in testing preparation, reviewing test scripts and working paper templates with IC BSC and Digital teams and external auditors • MANAGE CONTROL ACTIVITIES (CSA, IC Testing, SOX testing): Conduct process walkthroughs and interviews during the Design phase to map control flows and identify ITDs. Submit evidence request to Control owners in alignment with agreed calendar and scope and monitor & report any delay or issues encountered impacting testing orchestration. • Execute and document ITGC and ITAC testing: Review execution of testing performed by other team members to ensure completeness and relevancy. Analyze SOC reports based on Sanofi's review methodology, report CUEC and CSOC and ensure proper testing. Support Controls owners in defining robust action plans and implementing compensatory controls in case of deficiencies. Support CSA execution and perform IC Testing on the scope of non-SOX IT systems. Identify and monitor risks related to ITGC and IT Application Controls. • DRIVE CONTINUOUS IMPROVEMENT: Identify & implement automation opportunities within SOX, CSRD (Corporate Sustainability Reporting Directive) and IC testing processes. Continuously support improvement of testing methodology in line with regulation changes, new requirements or new technologies. About you • Experience: 5+ years of experience from Big 4 firms or multinational organization in SOX IT Application Controls and IT General Controls audit. Demonstrated knowledge of SOX (Sarbanes-Oxley) compliance requirements and testing methodologies. Expert knowledge of IT Gen