Security and Compliance Expert, ERP Data Platform — Roche
NewCHF 49'500 - 75'000
Roche · Basel (BS)
- Location
- Basel
- Contract
- full-time
- Posted
- 2 days ago
SalaryCHF 49'500 - 75'000
Role overview
At Roche you can show up as yourself, embraced for the unique qualities you bring.
Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally.
This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come.
- At Roche you can show up as yourself, embraced for the unique qualities you bring.
- Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally.
Application process
- System Integrity: Oversee application error reviews (e.g., failed jobs) and sign off on monitoring results in tools like ICAt to provide evidence for control checks.
- Access Governance: Perform quarterly reviews of Critical access , GRC FireFighter roles (Controllers, Owners, Admins), and HANA DB users, initiating timely removals to maintain a "least privilege" environment.
- Audit Leadership: Lead ICFR IT audit support by defining control activities, approving auditor documentation, and acting as the primary point of contact for auditors during peak cycles (Sep/Oct).
- Strategic Direction: Set technological development directions by analyzing and implementing new solutions, tools, and IT standards, with a focus on data governance, validation, and automation.
- Risk Assessment: Annually review and update the System Risk Assessment (SRA) and Data Classification to ensure alignment with the Minimum Security Baseline.
- Process Optimization: Actively conduct innovation projects to optimize processes, introduce new solutions, and increase efficiency through automation in Data products.
- Collaboration: Partner with system teams and stakeholders to ensure task ownership, bridge data privacy awareness gaps, and onboard/train new team members on ICFR control activities. Who You Are
- Education & Experience: Bachelor’s Degree in Computer Science, IT, or Engineering with a minimum of 5 years’ post-secondary experience in SAP Security and a deep understanding of Compliance.
Company and context
- The Mission Your primary mission is to ensure that the organization's technology landscape, data practices, and security measures do not expose the business to legal penalties, financial loss, or reputational damage.
- As a recognized expert, you will implement and maintain security, authorization, and compliance standards for SAP ERP platform systems and data products, providing leadership across both on-premise and cloud SAP Data platform ecosystems. The Opportunity
- Platform Security: Implement and maintain security, authorization, and compliance standards for SAP platforms (SAP BW 7.5 HANA, SAP BW4HANA, and SAP
- Datasphere).
- Develop and mature capabilities in cloud compliance and security, particularly within SAP Datasphere.
- Regulatory Alignment & Framework Management: Continuously monitor relevant regulations (e.g., GDPR, CCPA, HIPAA, SOX) and industry standards (e.g., ISO 27001, SOC 2, NIST) to ensure the platform remains ahead of global compliance requirements.
- Policy Development & Data Governance: Drive the creation and refinement of internal policies and data governance frameworks to maintain high standards of integrity, security, and structured data handling.
- ICFR & Control Ownership: Act as the System Owner Deputy and Control Owner , taking accountability for the end-to-end ICFR (Internal Control over Financial Reporting) lifecycle, GxP controls, and other relevant regulations.
- Monitoring & Remediation: Lead weekly and monthly monitoring of SoD (Segregation of Duties) conflicts via GRC dashboards, work with SoD Champions to mitigate risks, and address non-compliant items flagged in the SAP Security Standards Roche documentation.
Additional details
- As a recognized expert, you will implement and maintain security, authorization, and compliance standards for SAP ERP platform systems and data products, providing leadership across both on-premise and cloud SAP Data platform ecosystems.
- Collaboration: Partner with system teams and stakeholders to ensure task ownership, bridge data privacy awareness gaps, and onboard/train new team members on ICFR control activities.
Notes and original content
- The Opportunity
- Who You Are
