Jobs · Information Technology · California

Senior Manager, Global IT Audit, Risk and Advisory.

Universal Music Group · Santa Monica, CA · 1 wk ago
Information Technology$174k–$220k/yrFull-time

How We LEAD

The Senior Manager, Global IT Audit, Risk & Advisory, will help develop, mature, and execute UMG's IT internal audit program in a publicly listed U.S. environment. This role is responsible for leading complex, risk-based technology audits, strengthening SOX IT control assurance; assessing cybersecurity, infrastructure, application, and third-party technology risks; and translating audit results into practical, business-oriented recommendations.

This role requires a hands-on technology risk leader who can manage end-to-end audits, coach audit team members, build productive relationships across technology and business teams, and support the continued development of UMG's IT audit methodology, reporting, tools, and control maturity.

How You'll CREATE

Lead IT audit planning and execution
Lead complex IT audits from planning through reporting and remediation validation.
Contribute to the IT risk assessment and support development of the annual and multi-year IT audit plan.
Translate risk assessment results into clear audit objectives, scope, work programs, testing approaches, and resource plans.
Ensure audit workpapers, evidence, conclusions, and issue ratings meet methodology and quality standards.
Cookordination work performed by internal audit staff, co-source partners, and other assurance providers as applicable.

Cybersecurity & Technology Risk Oversight

Assess IT and cybersecurity governance, incident response, identity and access management, vulnerability management, and security operations controls.
Review cloud infrastructure environments, ERP platforms, financial systems, data platforms, and critical business applications.
Evaluate data governance, privacy controls, resilience, change management, and third-party/vendor technology risk management.
Assess control alignment with relevant frameworks, including COSO, COBIT, NIST, and SEC/SOX requirements.
Review risks associated with digital transformation, automation, system implementations, and emerging technologies.

IT General Controls

Review ITGC, IT application control, and interface control testing for in-scope SOX systems.
Support the assessment of control deficiencies; evaluate severity, support root cause analysis, and recommend sustainable remediation actions.

Continuous Improvement and Risk Monitoring

Provide clear, practical recommendations that balance risk mitigation with operational realities.
Track remediation activities and validate management action plans for high-risk and recurring findings.
Use data analytics, automation, and continuous monitoring techniques to improve audit coverage and efficiency.
Identify recurring deficiencies, control themes, and opportunities to improve governance, process maturity, and accountability.

Stakeholder Engagement

Communicate audit findings, root causes, and risk themes in clear business terms to technology, finance, and operational stakeholders.
Build trust and credibility with IT and business leaders while maintaining independence and objectivity.
Provide advisory support during major system, security, data, and transformation initiatives without assuming management responsibility.
Prepare concise reporting for Internal Audit leadership and contribute to executive-level risk updates.

Leadership Traits

  • Drive: Continuously looks for improvement areas for the department and drives implementation of enhanced processes and best practices. Drives own career by focusing on identified development areas and being vocal about next career steps.
  • Insight: Is curious and skeptical. Admits when wrong. Proactively identifies opportunities to adopt and implement data analytics and other improvements across departmental projects.
  • Authenticity: Always acts with unquestionable integrity and professionalism. Seeks out and respects diverse perspectives. Performs critical self-assessments and demonstrates self-awareness in interactions with others.
  • Connection: Team player with high EQ and strong listening skills. Proactively builds and maintains relationships with team members and key members of management. Enhances cross-functional and cross-geographical relationships, contributing to a strong brand for the team.
  • Boldness: Takes calculated risks. Says yes to new initiatives. Speaks up in meetings. Makes the first move.
  • Creativity: Brings in non-music inspiration. Fosters unlikely collaborations. Finds ways to say yes to requests. Helps both sides benefit and creates win-win scenarios.

Qualifications

  • 10+ years of progressive IT audit, IT risk, technology controls, cybersecurity, or related assurance experience.
  • CISA strongly preferred. Additional certifications (CISSP, CIA, CPA) preferred.
  • Experience leading complex IT audits across infrastructure, cloud, ERP, cybersecurity, data, third-party, and business application domains.
  • Strong SOX ITGC experience in a publicly traded U.S. company environment.
  • Experience evaluating and remediating control deficiencies in maturing high-growth organizations.
  • Big Four, national public accounting, consulting, or large multinational internal audit experience strongly preferred.
  • Strong project management, workpaper review, issue-writing, and stakeholder management skills.
  • Excellent verbal, written, and interpersonal communication skills, including constructive delivery of difficult messages.
  • Able and available to travel internationally and work independently.
  • Multilingual: Fluent English. Another language is a plus.

Perks

  • Comprehensive medical, dental, and vision coverage
  • Including 100% coverage for out-patient in-network mental health services
  • Fertility coverage for eligible medical plan participants
  • Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)
  • Student Loan Repayment Assistance and Tuition Reimbursement
  • 401(k) with 100% immediate vesting on the first 5% of your contributions, plus an additional UMG contribution
  • A variety of ways to prioritize much-needed time away from work including: Flexible Paid Time Off (PTO) for exempt employees, 3-weeks PTO for non-exempt employees, 2-weeks paid Winter Break, 10 Company Holidays (including Juneteenth and Wellbeing Day), Summer Fridays (between Memorial Day and Labor Day)
  • Generous paid parental leave for every type of parent

Similar jobs

Senior IT Audit Manager

Repligen CorporationWaltham, MA· 1 wk ago
Information Technology$130k–$175k/yrapply on repligen.wd108.myworkdayjobs.com