Specialist – IT Application & General Controls

Job title: Specialist – IT Application & General Controls (ITAC/ITGC)

• Location: Hyderabad

About the job

Join Sanofi's Internal Control & Processes Testing Center of Excellence (IC&P CoE) and play a pivotal role in safeguarding the financial integrity and digital control environment of one of the world's leading pharmaceutical companies. This is your opportunity to be at the intersection of IT audit excellence, digital transformation, and continuous innovation — with real, measurable impact. 

Internal Control is a cornerstone of Sanofi's governance framework, providing reasonable assurance across three critical dimensions: 

• Operational excellence — effectiveness and efficiency of operations 

• Reporting integrity — reliability of financial and management information 

• Regulatory compliance — adherence to applicable laws, regulations, and Sanofi policies. 

Our Hubs are a crucial part of how we innovate, improving performance across every Sanofi department and providing a springboard for the amazing work we do. Build a career and you can be part of transforming our business while helping to change millions of lives. Ready? As Internal Control Global Testing COE Senior Specialist within our Internal Control Global Testing COE, you’ll Support Internal Control Global Process Leads in the creation / update of test scripts for SOX & non-SOX testing through constructive feedback and sharing of best practices. Coordinate the CSA campaign by consolidating the Local Process Owners list, updating the tools and following the CSA completion and sign-off.

We are an innovative global healthcare company with one purpose: to chase the miracles of science to improve people’s lives. We’re also a company where you can flourish and grow your career, with countless opportunities to explore, make connections with people, and stretch the limits of what you thought was possible. Ready to get started?

Main responsibilities:

• As a key pillar of Sanofi's 2nd Line of Defense, the IC&P CoE supports and challenges operational standards, guides business teams, and reports directly to ExCom on control implementation and action plans. Reporting to the IC&P CoE ITAC/ITGC Lead, the ITAC /ITGC Specialist executes both IT Application Control (ITAC) and IT General Control (ITGC) testing activities. For ITAC scope, this includes IT Dependent controls (automated controls, key reports, interfaces), User Access Management (UAM) and Segregation of Duties (SOD) in coordination with external auditors, SOX entities, and BSC System Controls Leads.  For ITGC scope, this includes Digital SOX ITGC and High Risk testing activities in coordination with external auditors, Digital control owners, and Digital Risk & Compliance Leads. 

• Set up and conduct SOX ITAC & ITGC testing in coordination with external auditors, SOX entities, and SOX leads — including SOC report analysis for in-scope third parties 

• Support control owners in identifying compensatory controls and remediation actions when deficiencies arise 

• Support execution of Control-Self-Assessment (CSA) campaigns, leveraging Risk profile control attestations, by reviewing completeness & relevancy of answers provided. Conduct testing of High Risk controls (IC Testing) for Digital solutions in compliance with Digital Control Framework. Perform quality review of testing performed by other testers to ensure proper completion and alignment with Requirements 

• Pioneer automation initiatives within SOX, CSRD, and IC testing processes — leveraging data analytics and emerging technologies to reduce manual effort, increase testing coverage, and enable continuous improvement.

• MANAGE CONTROL ENVIRONMENT: Understand in scope applications, infrastructure and third parties’ specificities. Review prior year test results and Sanofi methodology. Obtain and manage access to applicable Sanofi systems, including sanofi GRC system. Participate in testing preparation, reviewing test scripts and working paper templates with IC BSC and Digital teams and external auditors 

• MANAGE CONTROL ACTIVITIES (CSA, IC Testing, SOX testing): Conduct process walkthroughs and interviews during the Design phase to map control flows and identify ITDs. Submit evidence request to Control owners in alignment with agreed calendar and scope and monitor & report any delay or issues encountered impacting testing orchestration. 

• Execute and document ITGC and ITAC testing: Review execution of testing performed by other team members to ensure completeness and relevancy. Analyze SOC reports based on Sanofi's review methodology, report CUEC and CSOC and ensure proper testing. Support Controls owners in defining robust action plans and implementing compensatory controls in case of deficiencies. Support CSA execution and perform IC Testing on the scope of non-SOX IT systems. Identify and monitor risks related to ITGC and IT Application Controls. 

• DRIVE CONTINUOUS IMPROVEMENT: Identify & implement automation opportunities within SOX, CSRD (Corporate Sustainability Reporting Directive) and IC testing processes. Continuously support improvement of testing methodology in line with regulation changes, new requirements or new technologies. 

About you

• Experience: Minimum 3-5 years of experience auditing companies in SOX IT Application Controls and IT General Controls audit. Demonstrated knowledge of SOX (Sarbanes-Oxley) compliance requirements and testing methodologies. Expert knowledge of IT General Controls (ITGC), IT Application Controls (ITAC) and IT Dependent controls (ITDs). Deep expertise in automated controls, key reports, interfaces, UAM and SOD. Experience with SOC report analysis and PCAOB requirements. Knowledge/Awareness, or experience in Accounting / Financial reporting. Understanding of CSRD frameworks and reporting processes. Experience with IT Core Model solutions and ERP systems (SAP, Oracle, Workday, etc.) 

• Experience with IT infrastructure layers (operating systems, databases). Experience in implementing automation solutions. Professional certification (CISA, CIA, or equivalent) preferred. Background with Big 4 audit methodology preferred.

• Education: Graduated College level in Audit, IT Audit or similar, Engineering degree in Computer Sciences. 

• Core competencies: IT Application & General Controls (ITAC/ITGC)—design, testing, and remediation. Strong critical thinking and problem-solving skills. Financial systems and IT risk domains (GxP, Privacy, Security, SOX). SOC report analysis and third-party risk assessment. Data analytics, automation tools, and continuous monitoring techniques. 

• Interpersonal: Strong critical thinking and structured problem-solving. Confident stakeholder management and influencing skills across all levels. Excellent written and verbal communication in English. Adaptability and resilience in a fast-paced, evolving environment. Ability to mentor junior team members and elevate team performance 

• Languages: Fluency in English (written and spoken) is required.  

Why choose us?

Add four standard Sanofi selling points and up to three additional selling points that are specific to the role, team or location.

• Bring the miracles of science to life alongside a supportive, future-focused team.

• Discover endless opportunities to grow your talent and drive your career, whether it’s through a promotion or lateral move, at home or internationally.

• Enjoy a thoughtful, well-crafted rewards package that recognizes your contribution and amplifies your impact.

• Take good care of yourself and your family, with a wide range of health and wellbeing benefits including high-quality healthcare, prevention and wellness programs and at least 14 weeks’ gender-neutral parental leave.

• Part of Global Finance services in Sanofi, gives a great opportunity to work and have a enriching experience in Account to Report domain area.

• Opportunity to also have a Global exposure in accounting and experience on working for multiple geographies.