Smith+Nephew

ERP Security & Controls Manager

Smith+Nephew  •  Pune, IN (Hybrid)  •  4 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Role: ERP Security & Controls Manager

Location: Pune (Hybrid)

Life Unlimited. At Smith+Nephew, we design and manufacture technology that takes the limits off living.

Smith & Nephew (S+N) is a large multinational Medical Technology organization with an extensive Enterprise Applications ecosystem to run end-to-end business operations. ERPs form the core of this ecosystem and are tightly integrated with best-in-class systems such as Salesforce, Windchill, Movemedical, Maestro, Ariba, Workday and many more. At S+N, SAP serves as our primary and strategic ERP platform, running 80% of our operations and revenue. We are seeking an ERP Security and Controls Manager to oversee Security design and global SOX ITGC compliance across SAP ECC and Microsoft AX, while supporting and preparing for our strategic transformation to SAP S/4HANA. Therefore, this role is both strategic and pivotal, playing a key part in enabling Smith & Nephew's digital transformation and continued growth over the coming years. The ERP Security, Compliance & Quality Manager is responsible for designing, implementing, and governing Security and Control for SAP and AX. She/He will also represent SAP/AX Competency Centre during internal and external audits and driving the quality assurance across SAP and AX environments.

What will you be doing?

  • Provide governance and oversight of SAP (ECC/S/4HANA) and AX security architecture, challenging designs, identifying risks, and ensuring remediation; co-drive design with architecture teams where needed.
  • Govern roles, authorizations, and SOD compliance, including oversight of access reviews, sensitive access, and risk remediation; influence role design where required and lead license optimization.
  • Own SOX ITGC controls for SAP and AX (primarily access management), with defined involvement in Change and Operations, collaborating with respective teams to ensure ERP compliance.
  • Liaise with auditors, support audit cycles, and drive timely remediation of findings. Govern GRC tools and enforce security and compliance policies; monitor risk exposure and ensure remediation actions are implemented.
  • Monitor risk exposure, report key metrics, and strengthen control frameworks and processes. Define and maintain SOD rulesets aligned with business processes, including mitigation and compensating controls.
  • Drive continuous improvement and process optimization initiatives
  • Security Architecture, Design and Build reviews. Participate in SOX/SOD audit activities.
  • Ensures consistency of processes and procedures across SAP/AX Competency Centre.
  • Focus on continuous improvement, that can help and support the company growth and strategy.

What will you need to be successful?

  • Education: Bachelor’s / Master’s degree or equivalent experience in Computer Science, IT or related subject preferred.
  • Licenses/ Certifications: (Optional)
    - SAP certification: SAP Security Certifications
    - ITIL Qualifications
  • Experience: At least 10 years of IT experience, with 8+ years in SAP in ERP Security / GRC / Compliance roles.
  • This role will be based in Pune and will be 2 days working from office in Hybrid mode. Shift Timing (12:30 PM – 9:30 PM IST) Monday to Friday.
  • Significant experience in ERP Security / GRC / Compliance roles, including indirect leadership and management of cross-functional stakeholders in a global environment.
  • Experience supporting ERP implementations or transformations (e.g., SAP S/4HANA) and working with globally distributed teams across multiple time zones.
  • Experience managing global ERP environments. Proven experience handling audits.
  • In-depth knowledge of SOX ITGC (including Access controls such as SOD and Sensitive Access) and broader compliance requirements.
  • Overall functional knowledge of SAP and/or AX. Experienced in governing cross-functional solutions and ability to manage audit processes end-to-end.
  • Excellent communication and stakeholder management. Analytical thinking and problem-solving mindset.
  • High attention to detail and control orientation. Experience in a regulated industry, GXP Validated, and/or medical device company is preferred.
  • Strategic mindset with strong business and technical acumen. Sound understanding of regulatory and security frameworks. Experience working with geographically distributed virtual teams.
  • Ability to manage relationship with external service providers and external/internal audit teams. Ability to work with globally located, culturally diverse teams (e.g. India, US, UK...)

You. Unlimited.

We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion + Belonging - Committed to Welcoming, Celebrating and Thriving. Learn more about our Employee Inclusion Groups on our website https://www.smith-nephew.com/

Other reasons why you will love it here!

  • Your Future: Major Medical coverage + Policy exclusions and insurance non-medical limit. Educational Assistance.
  • Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
  • Your Wellbeing: Parents / Parents in Law’s Insurance, Employee Assistance Program, Parental Leave.
  • Flexibility: Hybrid Work Model (For most professional roles)
  • Training: Hands-On, Team-Customized, Mentorship
  • Extra Perks: Free Cab Transport facility for all employees, One Time Meal provided to all employees as per shift. Night Shift Allowances.

#L1 - YS1

Stay connected by joining our Talent Community

We're more than just a company - we're a community! Follow us on LinkedIn to see how we support and empower our employees and patients every day.


Check us out on Glassdoor for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S+N.

Explore our website and learn more about our mission, our team, and the opportunities we offer.

Smith+Nephew

About Smith+Nephew

Smith+Nephew is a global medical technology company. We design and manufacture technology that takes the limits off living. We support healthcare professionals to return their patients to health and mobility, helping them to perform at their fullest potential.

From our first employee and founder, T.J. Smith, to our team today, it’s our people who make Smith+Nephew a unique place.

Yes, we love to innovate and develop exciting technologies, and we offer competitive salaries and progressive benefits. But it’s our culture - of Care, Collaboration and Courage - that really sets us apart.

Through a spirit of ownership and can-do attitude, we work together to win..

We’re a company of people who care about each other, about our customers and their patients, and about our communities.

Together, we fulfill our shared purpose of Life Unlimited.

Please note: not all products referred to may be approved for use or available in all markets.

Industry
Manufacturing & Production
Company Size
10,000+ employees
Headquarters
Watford, GB
Year Founded
1856
Social Media