Technology Audit Manager

• Job Band: E
• Contract Type: Permanent Full-time.
• In-house Title: Audit Manager
• Department: Audit & Assurance Quality Risk and Assurance BBC Chief Operating Group
• Location: London or Birmingham. Hybrid working with a minimum requirement of two days per week in the office (please note this is the current requirement and may change in future)
• Proposed Salary Range: 70000 - 85000 (plus LW 5441pa if London based) depending on relevant skills knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights.
• Flexible working: We’re happy to discuss flexible working. If you’d like to please indicate your preference in the application though there’s no obligation to do so now. Flexible working will be part of the discussion at offer stage.

Join our high-performing Audit and Assurance team at the heart of the BBC. We deliver impactful audits that shape the organisation and focus on the BBC’s most significant risks. Highly regarded across the Group our work drives strategic decisions and supports continuous improvement. If you’re passionate about making a difference influencing change and working where your insights matter this is your opportunity to be part of a team that truly makes an impact.

Do you want to join a team where your work truly makes a difference? At the BBC our Audit and Assurance team thrives on a great team culture where collaboration, support and innovation are at the core. No two days are the same as we tackle the BBC’s biggest risks and help shape its future. It’s a fantastic place to work – diverse, dynamic and driven by purpose within a world‑renowned organisation that values integrity, impact and continuous improvement.

As Audit Manager you will

• Take a primary role in the timely delivery of a portfolio of audit assignments to be carried out using a team of internal Senior Auditor resources and resources provided through the co‑source internal audit providers; and take ownership of audit delivery from planning through fieldwork to reporting and obtaining buy‑in from key stakeholders.
• Conduct audits across a wide range of technology domains including products, cybersecurity, cloud computing, data privacy, IT governance, infrastructure and application controls.
• Negotiate with and influence senior management in the development of appropriate controls responses.
• Provide expert advice and challenge to senior technology and business stakeholders on IT risk control and compliance matters. Stay abreast of emerging technologies, digital transformation initiatives and evolving cyber threats to inform audit planning and execution.
• Contribute to the development and continuous improvement of audit methodologies, tools and data analytics capabilities. Promote a culture of innovation, integrity and continuous improvement within the audit function to identify opportunities to digitise and streamline audit processes.
• Maintain knowledge of the BBC strategy, external and organisational risk environment and business changes to help inform audit approach and activity.

We are looking for the ability and assurance to deliver a range of audit activity under high quality standards and demanding deadlines in a complex environment as well as:

• Successful applicants will be fully qualified with at least one of the following professional qualifications with a preference for Chartered Accountancy qualifications:
• Qualified Accountant through a recognised professional body (e.g. CA, ACA, ACCA, ACMA)
• Chartered Member of the Institute of Internal Auditors (UK)
• Certified Information Systems Auditor (CISA), Certified Information Security Manager certification (CISM), Certified Information Systems Security Professional (CISSP) or equivalent.
• Proven experience in leading and delivering complex technology audits in a large multifaceted organisation and demonstrable ability to influence and collaborate with senior technology leaders and stakeholders.
• Strong understanding of IT risk management, cybersecurity frameworks (e.g. NIST CAF, ISO 27001) and regulatory compliance (e.g. GDPR, SOX, EU AI Act).
• Experience leading or contributing to digital transformation initiatives within internal audit including the design and implementation of innovative audit techniques, agile auditing and the use of emerging technologies to enhance assurance delivery.
• Ability to negotiate and work alongside a range of contacts including senior management and the motivation and energy to actively promote control improvements.

It would be a significant advantage to have additional substantial experience in one or more of the following areas:

• Cybersecurity and information security audits
• Cloud and infrastructure audits
• Data analytics and automation in audit
• Agile and DevOps environments
• Digital transformation and emerging technologies
• IT risk and control frameworks (e.g. COBIT, ITIL)
• Data Analytics
• Internal Consulting
• IT Audit
• Project Audit
• Media related industry experience

If you can bring some of these skills and experiences along with transferable strengths we’d love to hear from you and encourage you to apply.

Before your start date you may need to disclose any unspent convictions or police charges in line with our Contracts of Employment policy. This allows us to discuss any support you may need and assess any risks. Failure to disclose may result in the withdrawal of your offer.

BPS25

Required Experience: Manager

Key Skills: Auditing, GAAP, Accounting, Research Experience, SOX, Project Management, Customer relationship management, Financial Report Interpretation, Internal Audits, Mentoring, Supervising Experience, GAAS

Employment Type: Full-Time

Experience: years

Vacancy: 1