SAP GRC Specialist

Novocure is a global publicly-traded commercial-stage oncology company developing a profoundly different cancer treatment therapy called tumor treating fields (TTFields) for patients with solid tumors. TTFields therapy is a non-invasive, novel, antimitotic treatment modality which utilizes proprietary technology attempting to slow or reverse tumor progression by inducing tumor cell death. Novocure's commercialized product, Optune, is approved for the treatment of adult patients with glioblastoma (GBM) in the USA, Europe and Israel. Novocure has ongoing or completed clinical trials and is further expanding its efforts into several other solid tumor indications - non-small cell lung cancer, pancreatic cancer and other types of solid cancers.

JOB SUMMARY:

We are seeking a highly skilled SAP GRC Specialist to join our global IT team. This role will be responsible for ensuring compliance, control adherence, and audit readiness across our SAP S/4HANA and SAP CRM landscapes. The ideal candidate will be a subject matter expert in SAP Governance, Risk, and Compliance (GRC), with strong experience in regulatory compliance frameworks (e.g., SOX, GxP, FDA 21 CFR Part 11) and proven ability to partner with both IT and business stakeholders.

This position will own all audit-related requirements for the SAP ecosystem, ensuring the environment is secure, compliant, and always prepared for internal and external audits.

This is a full-time, position reporting to the Director, SAP in our Chesterbrook, Pennsylvania office.

RESPONSIBILITIES:

• Governance & Compliance Oversight
• Manage and monitor SAP GRC Access Control modules (ARM, ARA, BRM, EAM) to enforce segregation of duties (SoD) and minimize risk.
• Ensure alignment of SAP roles and authorizations with internal control frameworks and regulatory requirements.
• Develop and maintain GRC rule sets specific to S/4HANA and SAP CRM environments.
• Audit & Control Management
• Serve as the primary owner of all audit deliverables related to SAP, including SOX testing, GxP validation, and ITGC controls.
• Act as the liaison between auditors (internal/external) and IT/business teams, ensuring evidence is complete, accurate, and timely.
• Lead audit readiness initiatives, proactively identifying gaps and implementing remediation plans.
• Maintain comprehensive documentation for compliance, validation, and audit purposes.
• Risk & Security Management
• Conduct regular risk assessments and role redesign efforts to reduce SoD conflicts.
• Partner with BASIS and Security teams to ensure SAP security patches, upgrades, and system changes adhere to compliance requirements.
• Support incident investigations related to SAP access or compliance breaches.
• Change & Release Governance
• Oversee SAP transport management from a compliance perspective, ensuring all changes follow defined ITGC and validation protocols.
• Validate compliance in the end-to-end change management process, including impact assessments and approvals.
• Business Partnership & Training
• Collaborate with business process owners (BPOs) to define and enforce proper access and control structures.
• Provide training and awareness to IT and business teams on SAP compliance and audit requirements.
• Act as a trusted advisor to business and IT leadership on SAP GRC best practices.

YOUR PROFILE:

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field (Master’s preferred).
• 5+ years in SAP security, compliance, or GRC-focused roles, with direct experience in SAP S/4HANA and SAP CRM environments.
• Proven track record managing audit readiness and external audit engagements.
• Strong understanding of regulatory and compliance frameworks (e.g., SOX, FDA 21 CFR Part 11, GxP).
• Experience with SAP GRC Access Control (all core modules) required; knowledge of Process Control or Risk Management a plus.
• Familiarity with SAP BASIS, transport management, and integration with third-party applications.
• Excellent knowledge of segregation of duties (SoD) design and remediation.
• Strong analytical skills to assess risks, design mitigations, and recommend process improvements.
• Outstanding communication skills for audit interactions and cross-functional collaboration.
• Ability to operate in a global environment, balancing compliance requirements with business agility.

• Experience with pharmaceutical, life sciences, or regulated industry environments.
• Knowledge of data privacy regulations such as GDPR, HIPAA, and data compliance frameworks
• Ability to travel domestically and internationally as needed for high priority projects

BENEFITS:

• Performance related bonus

• Life Insurance

• Free fruit & cookies delivered for office staff

• Multisport card

• Private Medical care

...and more

We are looking forward to receive your application to Emilia Bagińska, Senior Talent Acquisition Partner through our Applicant Portal. Please find more information about Novocure and our therapy on our website www.novocure.com.