Overview

Senior Manager, Global IT Audit, Risk and Advisory. – Santa Monica, 90404, United States of America

How we LEAD:

The Senior Manager, Global IT Audit, Risk & Advisory, will help develop, mature, and execute UMG’s IT internal audit program in a publicly listed U.S. environment. This role is responsible for leading complex, risk-based technology audits, strengthening SOX IT control assurance; assessing cybersecurity, infrastructure, application, and third-party technology risks; and translating audit results into practical, business-oriented recommendations.

This role requires a hands-on technology risk leader who can manage end-to-end audits, coach audit team members, build productive relationships across technology and business teams, and support the continued development of UMG’s IT audit methodology, reporting, tools, and control maturity.

How you’ll CREATE:

  • Lead IT audit planning and execution

  • Lead complex IT audits from planning through reporting and remediation validation.

  • Contribute to the IT risk assessment and support development of the annual and multi-year IT audit plan.

  • Translate risk assessment results into clear audit objectives, scope, work programs, testing approaches, and resource plans.

  • Ensure audit workpapers, evidence, conclusions, and issue ratings meet methodology and quality standards.

  • Coordinate work performed by internal audit staff, co-source partners, and other assurance providers as applicable.

  • Cybersecurity & Technology Risk Oversight

  • Assess IT and cybersecurity governance, incident response, identity and access management, vulnerability management, and security operations controls.

  • Review cloud infrastructure environments, ERP platforms, financial systems, data platforms, and critical business applications.

  • Evaluate data governance, privacy controls, resilience, change management, and third-party/vendor technology risk management.

  • Assess control alignment with relevant frameworks, including COSO, COBIT, NIST, and SEC/SOX requirements.

  • Review risks associated with digital transformation, automation, system implementations, and emerging technologies.

  • IT General Controls

  • Review ITGC, IT application control, and interface control testing for in-scope SOX systems.

  • Support the assessment of control deficiencies; evaluate severity, support root cause analysis, and recommend sustainable remediation actions.

  • Continuous Improvement and Risk Monitoring

  • Provide clear, practical recommendations that balance risk mitigation with operational realities.

  • Track remediation activities and validate management action plans for high-risk and recurring findings.

  • Use data analytics, automation, and continuous monitoring techniques to improve audit coverage and efficiency.

  • Identify recurring deficiencies, control themes, and opportunities to improve governance, process maturity, and accountability.

  • Stakeholder Engagement

  • Communicate audit findings, root causes, and risk themes in clear business terms to technology, finance, and operational stakeholders.

  • Build trust and credibility with IT and business leaders while maintaining independence and objectivity.

  • Provide advisory support during major system, security, data, and transformation initiatives without assuming management responsibility.

  • Prepare concise reporting for Internal Audit leadership and contribute to executive-level risk updates.

  • Leadership Traits

  • Drive: Continuously looks for improvement areas for the department and drives implementation of enhanced processes and best practices. Drives own career by focusing on identified development areas and being vocal about next career steps.

  • Insight: Is curious and skeptical. Admits when wrong. Proactively identifies opportunities to adopt and implement data analytics and other improvements across departmental projects.

  • Authenticity: Always acts with unquestionable integrity and professionalism. Seeks out and respects diverse perspectives. Performs critical self-assessments and demonstrates self-awareness in interactions with others.

  • Connection: Team player with high EQ and strong listening skills. Proactively builds and maintains relationships with team members and key members of management. Enhances cross-functional and cross-geographical relationships, 
    contributing to a strong brand for the team.

  • Boldness: Takes calculated risks. Says yes to new initiatives. Speaks up in meetings. Makes the first move. Conducts rapid experiments.

  • Creativity: Brings in non-music inspiration. Fosters unlikely collaborations. Finds ways to say yes to requests. Helps both sides benefit and creates win-win scenarios.

Bring your VIBE:

  • 10+ years of progressive IT audit, IT risk, technology controls, cybersecurity, or related assurance experience.

  • CISA strongly preferred. Additional certifications (CISSP, CIA, CPA) preferred.

  • Experience leading complex IT audits across infrastructure, cloud, ERP, cybersecurity, data, third-party, and business application domains.

  • Strong SOX ITGC experience in a publicly traded U.S. company environment.

  • Experience evaluating and remediating control deficiencies in maturing high-growth organizations.

  • Big Four, national public accounting, consulting, or large multinational internal audit experience strongly preferred.

  • Strong project management, workpaper review, issue-writing, and stakeholder management skills.

  • Excellent verbal, written, and interpersonal communication skills, including constructive delivery of difficult messages.

  • Ability and availability to travel internationally and work independently.

  • Multilingual: Fluent English. Another language is a plus

Before you apply -
Register now and turn on alerts for jobs like this!

  • To apply for this position, receive job notifications and manage your applications, click "Register with Diversity Jobs Group".
  • To apply for this position without registering, click "Apply with Customer".

By registering you agree to our terms and conditions.

Apply with Customer

IMPORTANT: Before applying for this role, please make sure you have the right to work in the country where the role is based. Unless it clearly stipulates within in the job advert above that the hiring company is looking to or able to sponsor applicants it is deemed that the hiring employer will only consider applications from those able to comply with and work in the country where the role is based.