IT Security Specialist

IT Security Specialist Miejsce pracy: Warszawa Technologies we use Expected Azure Active Directory Microsoft Defender Microsoft D365 F&O Microsoft Purview Optional Power Platform About the project Join our global diversified pharmaceutical company enriching lives through our relentless drive to deliver better health outcomes to our patients. We are all in it together to make a difference. Be a part of a culture that doesn't just wait for change but actively creates it—where your skills and values drive our collective progress and impact. This is a hybrid role with three days in office in any of the following locations in Poland - Warszawa, Jelenia Góra, Rzeszów, Ksawerów. Your responsibilities Implement, and monitor SoD-compliant role structures within D365 F&O to prevent conflicts of interest and fraud. Monitoring and secure critical business objects and transactions, including financial, procurement, and Commercial modules. Maintain and update the Risk Control Matrix (RCM), mapping business processes to risks and controls within the D365 environment. Collaborate with internal audit, compliance, and business process owners to ensure control effectiveness and audit readiness. Conduct regular access reviews, security audits, and SoD conflict analysis using automated tools and manual assessments. Support incident response and remediation activities related to access violations or control failures. Document security configurations, control mappings, and audit findings in alignment with regulatory and internal standards (e.g., SOX, GDPR). Our requirements Bachelor's degree in Information Security, Computer Science, or a related field. 3 years of experience in IT security or internal controls, with at least 1–2 years focused on Microsoft D365 F&O. Strong understanding of SoD principles, role-based access control, and critical object protection in ERP systems. Experience with RCM development and maintenance, preferably in a regulated or audit-intensive environment. Familiarity with Azure Active Directory, Microsoft Defender, and compliance tools such as Microsoft Purview. Relevant certifications (e.g., CISA, CISSP, Microsoft Certified: Security Operations Analyst Associate). Optional Experience with GRC tools (e.g. Sailpoint, Pathlock or similar) for SoD and access control monitoring. Knowledge of Power Platform security (Power BI, Power Apps). Strong analytical, documentation, and communication skills. Ability to work cross-functionally with IT, audit, and business teams. What we offer Unique opportunity to gain international experience in a multination pharmaceutical corporation. Competitive salary with annual bonus depending on individual and company performance. Benefits package (medical care, cafeteria MyBenefit and more). Benefits sharing the costs of sports activities private medical care life insurance retirement pension plan extra social benefits sharing the costs of tickets to the movies, theater holiday funds employee referral program Bausch Health Poland Sp z.o.o. Bausch Health Poland jest częścią międzynarodowego koncernu farmaceutycznego Bausch Health Companies Inc., który rozwija, wytwarza oraz dostarcza szeroką gamę najwyższej jakości leków Rx, OTC, suplementów diety, wyrobów medycznych oraz sprzętu medycznego. Realizujemy nasze zobowiązania, budując innowacyjną firmę zajmującą się poprawą zdrowia na świecie. Każdego dnia z naszych produktów korzysta ponad 150 milionów ludzi na całym świecie. 21 000 naszych pracowników łączy misja poprawy ludzkiego życia poprzez zaangażowanie w projekty związane z edukacją, profilaktyką zdrowotną i promocją aktywnego stylu życia. We are an Equal Opportunity Employer. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates collaboration.All interested candidates are asked to send the CV including GPDR clause:"I hereby give consent for my personal data included in my application to be processed for the purposes of the recruitment process under the European Parliament's and Council of the European Union Regulation on the Protection of Natural Persons as of 27 April 2016, with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Data Protection Directive)".