Senior Manager, Global IT Audit, Risk and Advisory.

Universal Music GroupSanta Monica, CA
$174,050 - $220,000Onsite

About The Position

We are UMG, the Universal Music Group. We are the world’s leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world. How we LEAD: The Senior Manager, Global IT Audit, Risk & Advisory, will help develop, mature, and execute UMG's IT internal audit program in a publicly listed U.S. environment. This role is responsible for leading complex, risk-based technology audits, strengthening SOX IT control assurance; assessing cybersecurity, infrastructure, application, and third-party technology risks; and translating audit results into practical, business-oriented recommendations. This role requires a hands-on technology risk leader who can manage end-to-end audits, coach audit team members, build productive relationships across technology and business teams, and support the continued development of UMG's IT audit methodology, reporting, tools, and control maturity.

Requirements

  • 10+ years of progressive IT audit, IT risk, technology controls, cybersecurity, or related assurance experience.
  • Strong SOX ITGC experience in a publicly traded U.S. company environment.
  • Experience evaluating and remediating control deficiencies in maturing high-growth organizations.
  • Strong project management, workpaper review, issue-writing, and stakeholder management skills.
  • Excellent verbal, written, and interpersonal communication skills, including constructive delivery of difficult messages.
  • Ability and availability to travel internationally and work independently.
  • Fluent English.

Nice To Haves

  • CISA strongly preferred.
  • Additional certifications (CISSP, CIA, CPA) preferred.
  • Experience leading complex IT audits across infrastructure, cloud, ERP, cybersecurity, data, third-party, and business application domains.
  • Big Four, national public accounting, consulting, or large multinational internal audit experience strongly preferred.
  • Another language is a plus

Responsibilities

  • Lead IT audit planning and execution
  • Lead complex IT audits from planning through reporting and remediation validation.
  • Contribute to the IT risk assessment and support development of the annual and multi-year IT audit plan.
  • Translate risk assessment results into clear audit objectives, scope, work programs, testing approaches, and resource plans.
  • Ensure audit workpapers, evidence, conclusions, and issue ratings meet methodology and quality standards.
  • Coordinate work performed by internal audit staff, co-source partners, and other assurance providers as applicable.
  • Cybersecurity & Technology Risk Oversight
  • Assess IT and cybersecurity governance, incident response, identity and access management, vulnerability management, and security operations controls.
  • Review cloud infrastructure environments, ERP platforms, financial systems, data platforms, and critical business applications.
  • Evaluate data governance, privacy controls, resilience, change management, and third-party/vendor technology risk management.
  • Assess control alignment with relevant frameworks, including COSO, COBIT, NIST, and SEC/SOX requirements.
  • Review risks associated with digital transformation, automation, system implementations, and emerging technologies.
  • IT General Controls Review ITGC, IT application control, and interface control testing for in-scope SOX systems.
  • Support the assessment of control deficiencies; evaluate severity, support root cause analysis, and recommend sustainable remediation actions.
  • Continuous Improvement and Risk Monitoring
  • Provide clear, practical recommendations that balance risk mitigation with operational realities.
  • Track remediation activities and validate management action plans for high-risk and recurring findings.
  • Use data analytics, automation, and continuous monitoring techniques to improve audit coverage and efficiency.
  • Identify recurring deficiencies, control themes, and opportunities to improve governance, process maturity, and accountability.
  • Stakeholder Engagement
  • Communicate audit findings, root causes, and risk themes in clear business terms to technology, finance, and operational stakeholders.
  • Build trust and credibility with IT and business leaders while maintaining independence and objectivity.
  • Provide advisory support during major system, security, data, and transformation initiatives without assuming management responsibility.
  • Prepare concise reporting for Internal Audit leadership and contribute to executive-level risk updates.

Benefits

  • Comprehensive medical, dental, and vision coverage
  • 100% coverage for out-patient in-network mental health services
  • Fertility coverage for eligible medical plan participants
  • Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)
  • Student Loan Repayment Assistance and Tuition Reimbursement
  • 401(k) with 100% immediate vesting on the first 5% of your contributions, plus an additional UMG contribution
  • Flexible Paid Time Off (PTO) for exempt employees
  • 3-weeks PTO for non-exempt employees
  • 2-weeks paid Winter Break
  • 10 Company Holidays (including Juneteenth and Wellbeing Day)
  • Summer Fridays (between Memorial Day and Labor Day)
  • Generous paid parental leave for every type of parent
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service