Senior Manager, Global IT Audit, Risk and Advisory.

Posted 3 Days Ago
Be an Early Applicant
Santa Monica, CA, USA
In-Office
174K-220K Annually
Senior level
Music • News + Entertainment
The Role
Lead and execute risk-based global IT audits, strengthen SOX IT control assurance, assess cybersecurity/infrastructure/applications/third-party risks, translate findings into practical remediation, use data analytics for continuous monitoring, and advise stakeholders while coaching audit teams.
Summary Generated by Built In

We are UMG, the Universal Music Group. We are the world’s leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.
 

How we LEAD:

The Senior Manager, Global IT Audit, Risk & Advisory, will help develop, mature, and execute UMG's IT internal audit program in a publicly listed U.S. environment. This role is responsible for leading complex, risk-based technology audits, strengthening SOX IT control assurance; assessing cybersecurity, infrastructure, application, and third-party technology risks; and translating audit results into practical, business-oriented recommendations.

This role requires a hands-on technology risk leader who can manage end-to-end audits, coach audit team members, build productive relationships across technology and business teams, and support the continued development of UMG's IT audit methodology, reporting, tools, and control maturity.

How you'll CREATE:

  • Lead IT audit planning and execution

  • Lead complex IT audits from planning through reporting and remediation validation.

  • Contribute to the IT risk assessment and support development of the annual and multi-year IT audit plan.

  • Translate risk assessment results into clear audit objectives, scope, work programs, testing approaches, and resource plans.

  • Ensure audit workpapers, evidence, conclusions, and issue ratings meet methodology and quality standards.

  • Coordinate work performed by internal audit staff, co-source partners, and other assurance providers as applicable.

  • Cybersecurity & Technology Risk Oversight

  • Assess IT and cybersecurity governance, incident response, identity and access management, vulnerability management, and security operations controls.

  • Review cloud infrastructure environments, ERP platforms, financial systems, data platforms, and critical business applications.

  • Evaluate data governance, privacy controls, resilience, change management, and third-party/vendor technology risk management.

  • Assess control alignment with relevant frameworks, including COSO, COBIT, NIST, and SEC/SOX requirements.

  • Review risks associated with digital transformation, automation, system implementations, and emerging technologies.

  • IT General Controls

  • Review ITGC, IT application control, and interface control testing for in-scope SOX systems.

  • Support the assessment of control deficiencies; evaluate severity, support root cause analysis, and recommend sustainable remediation actions.

  • Continuous Improvement and Risk Monitoring

  • Provide clear, practical recommendations that balance risk mitigation with operational realities.

  • Track remediation activities and validate management action plans for high-risk and recurring findings.

  • Use data analytics, automation, and continuous monitoring techniques to improve audit coverage and efficiency.

  • Identify recurring deficiencies, control themes, and opportunities to improve governance, process maturity, and accountability.

  • Stakeholder Engagement

  • Communicate audit findings, root causes, and risk themes in clear business terms to technology, finance, and operational stakeholders.

  • Build trust and credibility with IT and business leaders while maintaining independence and objectivity.

  • Provide advisory support during major system, security, data, and transformation initiatives without assuming management responsibility.

  • Prepare concise reporting for Internal Audit leadership and contribute to executive-level risk updates.

  • Leadership Traits

  • Drive: Continuously looks for improvement areas for the department and drives implementation of enhanced processes and best practices. Drives own career by focusing on identified development areas and being vocal about next career steps.

  • Insight: Is curious and skeptical. Admits when wrong. Proactively identifies opportunities to adopt and implement data analytics and other improvements across departmental projects.

  • Authenticity: Always acts with unquestionable integrity and professionalism. Seeks out and respects diverse perspectives. Performs critical self-assessments and demonstrates self-awareness in interactions with others.

  • Connection: Team player with high EQ and strong listening skills. Proactively builds and maintains relationships with team members and key members of management. Enhances cross-functional and cross-geographical relationships, 
    contributing to a strong brand for the team.

  • Boldness: Takes calculated risks. Says yes to new initiatives. Speaks up in meetings. Makes the first move. Conducts rapid experiments.

  • Creativity: Brings in non-music inspiration. Fosters unlikely collaborations. Finds ways to say yes to requests. Helps both sides benefit and creates win-win scenarios.

Bring your VIBE:

  • 10+ years of progressive IT audit, IT risk, technology controls, cybersecurity, or related assurance experience.

  • CISA strongly preferred. Additional certifications (CISSP, CIA, CPA) preferred.

  • Experience leading complex IT audits across infrastructure, cloud, ERP, cybersecurity, data, third-party, and business application domains.

  • Strong SOX ITGC experience in a publicly traded U.S. company environment.

  • Experience evaluating and remediating control deficiencies in maturing high-growth organizations.

  • Big Four, national public accounting, consulting, or large multinational internal audit experience strongly preferred.

  • Strong project management, workpaper review, issue-writing, and stakeholder management skills.

  • Excellent verbal, written, and interpersonal communication skills, including constructive delivery of difficult messages.

  • Ability and availability to travel internationally and work independently.

  • Multilingual: Fluent English. Another language is a plus

Perks Playlist:

Join an entrepreneurial, global organization where authenticity, boldness, creativity, connection, drive, and insight aren’t just values—they’re how we work every day. Here are some of the ways we support you along the way (and just a few of the benefits we offer):

  • Comprehensive medical, dental, and vision coverage

  • Including 100% coverage for out-patient in-network mental health services

  • Fertility coverage for eligible medical plan participants

  • Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)

  • Student Loan Repayment Assistance and Tuition Reimbursement

  • 401(k) with 100% immediate vesting on the first 5% of your contributions, plus an additional UMG contribution

A variety of ways to prioritize much-needed time away from work including:

  • Flexible Paid Time Off (PTO) for exempt employees

  • 3-weeks PTO for non-exempt employees

  • 2-weeks paid Winter Break

  • 10 Company Holidays (including Juneteenth and Wellbeing Day)

  • Summer Fridays (between Memorial Day and Labor Day)

  • Generous paid parental leave for every type of parent

Check out our full overview of benefits on the Perks Playlist page of the career site.

Disclaimer: This job description only provides an overview of job responsibilities that are subject to change.
Universal Music Group is an Equal Opportunity Employer

We are an E-Verify employer in Alabama, Arizona, Georgia, Mississippi, North Carolina, South Carolina, Tennessee, and Utah.

Please note, UMG is not enrolled in E-Verify in California and New York, and cannot support employment of candidates whose employer must enroll in E-Verify, for example candidates on STEM-OPT.

For more information, please click on the following links.

E-Verify Participation Poster: English / Spanish

E-Verify Right to Work Poster: English | Spanish


Job Category:
Finance & Accounting

Salary Range:

$174,050.00 - $220,000

The actual base salary offered depends on a variety of factors, which may include, as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.  All candidates are encouraged to apply.

Skills Required

  • 10+ years of progressive IT audit, IT risk, technology controls, cybersecurity, or related assurance experience
  • Experience leading complex IT audits across infrastructure, cloud, ERP, cybersecurity, data, third-party, and business application domains
  • Strong SOX ITGC experience in a publicly traded U.S. company environment
  • Experience evaluating and remediating control deficiencies in maturing high-growth organizations
  • Strong project management, workpaper review, issue-writing, and stakeholder management skills
  • Excellent verbal, written, and interpersonal communication skills
  • Ability and availability to travel internationally and work independently
  • Fluent English
  • CISA certification
  • Additional certifications (CISSP, CIA, CPA)
  • Big Four, national public accounting, consulting, or large multinational internal audit experience
  • Another language (multilingual) is a plus
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Santa Monica, CA
9,189 Employees

What We Do

Universal Music Group (UMG) is the world leader in music-based entertainment, with a broad array of businesses engaged in recorded music, music publishing, merchandising and audiovisual content in more than 60 countries. Featuring the most comprehensive catalog of recordings and songs across every musical genre, UMG identifies and develops artists and produces and distributes the most critically acclaimed and commercially successful music in the world. Committed to artistry, innovation and entrepreneurship, UMG fosters the development of services, platforms and business models in order to broaden artistic and commercial opportunities for our artists and create new experiences for fans. Universal Music Group's labels include A&M Records, Astralwerks, Blue Note Records, Capitol Christian Music Group, Capitol Records, Capitol Records Nashville, Caroline, Decca, Def Jam Recordings, Deutsche Grammophon, Disa, Emarcy, EMI Records Nashville, Fonovisa, Geffen Records, Harvest, Interscope Records, Island Records, Machete Music, MCA Nashville, Mercury Nashville, Mercury Records, Motown Records, Polydor Records, Republic Records, Universal Music Latino, Verve Label Group, Virgin Records, Virgin EMI Records, as well as a multitude of record labels owned or distributed by its record company subsidiaries around the world. UMG's catalog is marketed through two distinct divisions, Universal Music Enterprises (in the U.S.) and Universal Strategic Marketing (outside the U.S.). UMG also includes Universal Music Publishing Group, one of the industry's premier music publishing operations worldwide and Bravado, the leading provider of consumer, lifestyle and branding services to recording artists and entertainment brands around the world. Universal Music Group is a Vivendi company.

Why Work With Us

UMG's IT department delivers technology solutions and services that unlock business value and facilitate growth through strategic investment and operational efficiency. Our team is collaborative, dedicated and passionate about the work we do. Here you can work in a dynamic and flexible environment with evolving opportunities to grow!

Similar Jobs

Wipfli Logo Wipfli

Transaction Advisory Services Manager

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote or Hybrid
United States
3000 Employees
117K-158K Annually

Wipfli Logo Wipfli

Senior, Transaction Advisory Services

Cloud • Fintech • Software • Business Intelligence • Consulting • Financial Services
Remote or Hybrid
United States
3000 Employees
88K-118K Annually

ServiceNow Logo ServiceNow

Director, Technical Program Management

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
San Diego, CA, USA
29000 Employees
199K-348K Annually

ServiceNow Logo ServiceNow

Principal / Distinguished Engineer - Mulit-Cloud - Control Plane - Kubernetes

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Santa Clara, CA, USA
29000 Employees
255K-445K Annually

Similar Companies Hiring

TIDAL Thumbnail
Software • News + Entertainment • Mobile • Information Technology • Music • Consumer Web
New York, NY
450 Employees
Sandbox VR Thumbnail
Events • Gaming • News + Entertainment • Retail • Virtual Reality
Tsim Sha Tsui East, Kowloon
650 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account