At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com **Job Function:** Finance **Job Sub** **Function:** Risk Management **Job Category:** Professional **All Job Posting Locations:** Paranaque, National Capital Region (Manila), Philippines **Job Description:** **Job Description:** The GAM Compliance Analyst will be responsible for Global Access Management (GAM) governance over applicable information technology controls and compliance activities related to relevant policies and procedures across supported J&J organizations. The GAM Compliance Analyst will also be responsible for performing reviews of system access for users of ERP and non-ERP systems. The analyst ensures there are appropriate mitigating controls for identified segregation of duties (SOD) conflicts and acts as Subject Matter Expert (SME) for GAM governance and related projects/ due diligence activities. **Key Responsibilities:** **Risk Identification and Assessment** **•** Grant / Modify User Access: Manage user access requests, granting or modifying access as appropriate. • IT Controls Effectiveness Review in Operations and Projects: assess the effectiveness of access controls execution. • Re-certify Access (Access Appropriateness: Conduct periodic re-certification of access to ensure appropriateness and compliance. **Risk Mitigation and Controls** **•** Re-certify Access (SOD and Mitigating Controls): Conduct periodic re-certification of access to ensure appropriateness and compliance. • Risk Controls Assessment: Review the effectiveness of current safety measures involving access, including assessing risk management and control appropriateness **Risk Monitoring and Reporting** **•** Monitor User Access (Privileged Access, Terminations, Transfers): Continuously monitor user access, including privileged access, terminations, and transfers. • Monitor Access Approvers (Terminations, Transfers): Monitor termination and transfers within user access **Other Responsibilities:** **Due Diligence and Projects** **•** Perform due diligence reviews (e.g., role mapping and SOD assessment) and manage access deployment to stakeholders in projects involving process migrations/transitions • Support the business by monitoring risks related to organization, technology, and process changes to ensure that the system roles remain appropriate. • Provide access management compliance support for new/existing systems Other tasks that may be assigned **Skills / Competencies** **Live Our Credo** • Provides reliable support and timely updates on tasks assigned to them. • Has basic understanding of the process being supported and can assist with documentation. • Completes assigned tasks independently and with high-quality deliverables. • Understands the hows and whys of the business process. **Connect Inclusively to Address Health Needs** • Follows work instructions and policies with minimal errors. • Can complete base business deliverables within turnaround time (TAT) independently. • Can analyze a process and determine the right stakeholders **Grow Self and Others to become their Best** • Open to developing one’s skillset. • Participate in credo action plans. **Experience and Qualifications** + Education: University Degree in Finance, Business Management, IT or a related field + Years of Experience: 0-2 Years + Work Experience: + Background in finance, audit, or IT is preferred. + Professional Certification/s (e.g., CISA, CPA) is an advantage + Experience working in a multi-national shared services corporation **Mandatory Technical Qualifications:** • Basic skills in MS Office applications (Excel, Outlook, Powerpoint, Word) • Planning, time management skills. • Strong Analytical skills • Good English oral & written communication, presentation skills **Desirable Technical Qualifications:** + Basic understanding in the access management life cycle + User access management in enterprise resource planning (ERP) systems such as SAP, involving access granting, terminations, and periodic access reviews