S/4 Security & Compliance Lead

Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.

Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.

Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture.

The Enterprise Transformation Programme is a multi-year journey focused on transforming the Haleon business and building an organisation that is Wired for Excellence, a key driver of our ‘Win as One’ strategy. The programme aims to strengthen our business core to drive sustainable growth, innovation, and continuous improvement, while embedding an agile and performance-focused culture. Enabled by SAP S/4HANA, this transformation will create a capability advantage, enhancing our performance, competitiveness, and adaptability in a rapidly changing environment.

Detailed Responsibilities

The S/4 Security & Compliance Lead is responsible for SAP user role and access processes, overseeing the design, development, testing, and deployment within SAP Governance, Risk, & Compliance (GRC) Platform. The role works closely with the business, External and Internal Auditors to ensure compliance to SOx, GxP, and Digital & Technology controls.

SAP S/4 HANA Cyber security transformation:

• Lead the end-to-end cyber security strategy for the SAP S/4HANA transformation, ensuring alignment with enterprise risk appetite, Haleon’s digital trust objectives, and global regulatory frameworks (SOX, GxP, GDPR).
• Design and embed secure-by-design principles across S/4HANA architecture, Fiori applications, interfaces, and integrations—addressing IAM, data protection, and cloud security controls.
• Establish and oversee continuous control monitoring, segregation of duties (SoD), enterprise role management, privileged access management, and compliance automation through SAP GRC or equivalent tooling to strengthen assurance and audit readiness.

SAP S/4HANA Security and Access Management 

• Lead the development and execution of the security strategy for SAP S/4HANA, ensuring alignment with Haleon’s Information Security strategy.
• Oversee the design, development, testing and deployment of role-based security within SAP S/4HANA
• Embed secure-by-design principles across SAP architecture.
• Own the user role and access processes considering outsourced SAP Access Operations as well as the SAP GRC Platform for enterprise Risk and Compliance.
• Define the approach for Application Security Monitoring considering key performance indicators.
• Collaborate with enterprise architecture and cybersecurity teams to ensure threat modelling, penetration testing, and vulnerability assessments are embedded in the SAP lifecycle.

 Compliance

• Drive innovation within the area of SAP security and controls, with a view to optimizing the control environment to enhance the security of our SAP S/4HANA landscape. Develops minimal viable architectures (MVAs) for SAP deployments, balancing innovation with risk management.  Lead Management Monitoring of SOx driven IT Controls across the function. Govern and manage vulnerabilities via various tools and sources to maintain compliance and assurance.
• Oversee the planning and execution of Tech SOX testing for applications and infrastructure and drive various compliance requirements i.e., periodic access review, firefighter reviews, CyberArk, Splunk and Imperva alert monitoring.
• Partner closely with Internal and External Audit to respond to, and act upon, compliance related issues.
• Partner with business, IT, and product leads to define security controls across the SAP landscape, integrating with enterprise SIEM, vulnerability management, and incident response processes.
• Drive risk assessment and remediation for legacy ECC-to-S/4 migrations, ensuring consistent security baselines, traceable control evidence, and resilience against evolving cyber threats.

Experience and Key Competencies: 

• 10+ years experience in leading a large SAP Controls and compliance practice with 5+ years leading SAP User and Roles Management preferably within SAP S/4HANA
• Master’s degree in business, Computer Science, or related field (or equivalent experience). 
• Certifications in SAP S/4HANA highly desirable. 

 

 

 

 Job Posting End Date

 

 

2025-11-28

 

 

 

Equal Opportunities

Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.

During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees. 

The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.

 

 

 

Adjustment or Accommodations Request

If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence. 

 

 

 

Note to candidates

The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.