Senior Global IT Audit & Controls Manager

Join to apply for the Senior Global IT Audit & Controls Manager role at Costa Coffee

Join to apply for the Senior Global IT Audit & Controls Manager role at Costa Coffee

At Costa Coffee, we are what we craft. We’re reimagining coffee experiences in over 50 countries and counting, as a key part of the Coca-Cola System. Whether you get your coffee in a store, from a machine, at home, or on the go – we’ve got you covered.

Our teams make a difference. Whether that’s working on new tech for the perfect pour, helping our teams grow, creating award-winning campaigns, crunching the numbers, or developing the latest exciting menu item; together, we stir up success.

We may be a global brand, but we haven’t forgotten our roots. That’s where the Costa Foundation and our fantastic community agenda come in. Whatever your role, you can help us change lives in coffee growing communities and help your local community too.

We also want to help you grow in your career through amazing experiences, our apprenticeship scheme, and development programmes. At Costa, you can go beyond the day-to-day.

And as a Senior Global IT Audit & Controls Manager there’s never been a better time to join.

So, why Costa?

We didn’t become a global coffee brand by sitting back. When you work here, you join a community that values passion, progression and integrity, with some pretty brilliant perks to sweeten the deal:

• Own a piece of Costa’s success by becoming a share owner in Coca-Cola with our Share Investment Plan (SIP)
• A smart pension that saves you money on tax and national insurance, and matches your contributions up to 10%
• The Costa Financial Support Fund, supporting team members who find themselves in unexpected financial pressure
• 50% discount in all Costa-owned stores, and 25% off in other participating stores
• Private medical cover thanks to our Private Healthcare scheme
• And that’s not all. Explore even more of our perks here: https://bit.ly/costaperks

We’re passionate about being a great place to work, where you can bring your unique self into our mix. We firmly support diversity, equity and inclusion, and continue to work with our teams to shape the future of our culture and values: Disciplined to Deliver, Passion for Progress, Win with Warmth, Courage to Challenge and Trusted Team Players.

What you’ll do

Being a Senior Global IT Audit & Controls Manager is about so much more than bringing our coffee to the world. It’s your chance to stir up real success - which means you’ll:

• Design and deliver a SOX / ISA-315 awareness and culture change programme that caters for differing cultural and language requirements across the global Costa Coffee business.
• Support the Principal Delivery Assurance & Portfolio Manager in the ongoing development of the Costa IT Audit & Controls team
• Responsible for providing management and oversight of processes that ensure previously deployed IT general controls continue to operate as designed, that they evolve to meet changing requirements and that they remain effective
• Responsible for management and oversight of the SOX, ISA315 and TCCC rotational scope annual audits including the planning of resource required, quality of evidence produced by the wider Costa business and management of the observations raised to ensure they are remediated in a timely manner resulting in a desirable audit outcome.
• Responsible for management and oversight of the SOX / ISA-315 3rd Party Vendor processes to ensure our suppliers appropriately handle Costa’s information
• Provide guidance and oversight to projects / programmes and where a change in process is required or a new application / infrastructure is being implemented and falls in to the scope of SOX / ISA-315 ensuring all required IT General Controls are implemented and Costa’s IT systems are ‘secure by design’
• Responsible for overseeing the annual Costa InfoSec Standards Exception review process and approving the reviewed exceptions. Ensuring that where applications or infrastructure cannot meet the requirement of the Costa Standard, mitigations, additional controls and management of the mitigations are implemented and monitored throughout their lifetime.

Who you are

It’s your unique ingredients we’re interested in:

• Previous experience of working as an SME in a IT audit and / or controls environment e.g. SOX, ISO 27001, NIST etc
• Knowledge of SOX, data privacy, Information security or Cyber security practises and standards (GDPR, ISO27000) and their applicability to a worldwide leading retailer
• Previous experience of large scale audit management and co-ordination in multiple countries
• Experience of managing supplier IT General Control 3rd party assurance processes and associated risks
• Previous experience of designing and delivery of a programme of SOX / ISA-315, ITGC education, awareness and training
• Strong written and verbal communication skills, negotiation skills and stakeholder management
• Previous experience of developing and mentoring colleagues in SOX, ITGC’s and risk management
• Previous experience of risk management processes
• ITIL/ISF/iRAM/COBIT frameworks and methodologies, CISSP, CISM
• Self driven, able to work to tight deadlines and results orientated

Location – Loudwater or London– Hybrid

• Seniority level
  Mid-Senior level

• Employment type
  Full-time

• Job function
  Accounting/Auditing and Information Technology
• Industries
  Retail and Technology, Information and Media

Referrals increase your chances of interviewing at Costa Coffee by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.