Manager-SoDRisk&Controls

**Job Purpose:** The role is accountable for designing, governing, and continuously enhancing the Segregation of Duties (SoD) framework across global Finance systems and processes at GSK. This role serves as the **central authority for SoD risk management within Finance** , ensuring that access-related risks are proactively identified, mitigated, and governed in line with SOX/ICFR requirements. It balances robust control oversight with business enablement by driving pragmatic, risk-based solutions that support an efficient control environment. A key focus is to **transform and optimise the current SoD monitoring approach** , reducing manual effort and cost of compliance while strengthening risk visibility and control effectiveness through automation and advanced analytics. Given the high audit sensitivity of SoD, this role provides **strategic oversight of enterprise-wide SoD exposure** , ensuring risks are maintained within acceptable thresholds and aligned with GSK’s global control standards. **Key Responsibilities:** **SoD Governance & Framework Ownership** * Own and govern the global ERP SoD framework, including risk definitions, rulesets, control mappings, and monitoring methodologies * Define SoD risk tolerance levels and exception handling protocols in collaboration with Tech Governance, Risk, and Compliance (GRC) teams * Act as the **single point of accountability within Finance** for determining and overseeing SoD risk **Risk Identification, Monitoring & Mitigation** * Identify, assess, and monitor SoD conflicts across Finance and business systems globally in line with SOX/ICFR requirements * Design and implement sustainable mitigating controls where conflicts cannot be eliminated * Manage and oversee the exception process for users with residual SoD risks, ensuring appropriate mitigation measures are in place **Stakeholder Management & Influence** * Partner with business, Tech, and Access Management teams to drive acceptable levels of SoD risk * Influence