Audit Manager

JOB DETAILS

JOB BAND: E

CONTRACT TYPE: Permanent, Full-time.

In-house Title:  Audit Manager

DEPARTMENT: Audit & Assurance, Quality Risk and Assurance, BBC Chief Operating Group

LOCATION: London or Birmingham. Hybrid working with a minimum requirement of two days per week in the office (please note this is the current requirement, and may change in future

PROPOSED SALARY RANGE: £70,000 - £85,000 (plus LW £5,441pa if London based) depending on relevant skills, knowledge and experience. The expected salary range for this role reflects internal benchmarking and external market insights.

We're happy to discuss flexible working. If you'd like to, please indicate your preference in the application – though there's no obligation to do so now. Flexible working will be part of the discussion at offer stage.

PURPOSE OF THE ROLE

Join our high-performing Audit and Assurance team at the heart of the BBC. We deliver impactful audits that shape the organisation and focus on the BBC’s most significant risks. Highly regarded across the Group, our work drives strategic decisions and supports continuous improvement. If you're passionate about making a difference, influencing change, and working where your insights matter, this is your opportunity to be part of a team that truly makes an impact.

WHY JOIN THE TEAM
Do you want to join a team where your work truly makes a difference? At the BBC, our Audit and Assurance team thrives on a great team culture, where collaboration, support, and innovation are at the core. No two days are the same as we tackle the BBC’s biggest risks and help shape its future. It’s a fantastic place to work— diverse, dynamic, and driven by purpose—within a world-renowned organisation that values integrity, impact, and continuous improvement.

YOUR KEY RESPONSIBILITIES AND IMPACT:

As Audit Manager, you will

• Take a primary role in the timely delivery of a portfolio of audit assignments, to be carried out using a team of internal Senior Auditor resource and resource provided through the co-source internal audit providers; and take ownership of audit delivery from planning, through fieldwork to reporting, and obtaining buy-in from key stakeholders.
• Conduct audits across a wide range of technology domains including products, cybersecurity, cloud computing, data privacy, IT governance, infrastructure, and application controls.
• Negotiate with, and influence, senior management in the development of appropriate controls responses.

• Provide expert advice and challenge to senior technology and business stakeholders on IT risk, control, and compliance matters. Stay abreast of emerging technologies, digital transformation initiatives, and evolving cyber threats to inform audit planning and execution.
• Contribute to the development and continuous improvement of audit methodologies, tools, and data analytics capabilities. Promote a culture of innovation, integrity, and continuous improvement within the audit function, to identify opportunities to digitise and streamline audit processes.

• Maintain knowledge of the BBC strategy, external and organisational risk environment and business changes to help inform audit approach and activity

YOUR SKILLS AND EXPERIENCE

We are looking for the ability and assurance to deliver a range of audit activity under high quality standards and demanding deadlines in a complex environment, as well as:

ESSENTIAL CRITERIA:

• Successful applicants will be fully qualified with at least one of the following professional qualifications, with a preference for Chartered Accountancy qualifications:
  • Qualified Accountant through a recognised professional body (e.g. CA, ACA, ACCA, ACMA)
  • Chartered Member of the Institute of Internal Auditors (UK)
  • Certified Information Systems Auditor (CISA), Certified Information Security Manager certification (CISM), Certified Information Systems Security Professional (CISSP) or equivalent.
• Proven experience in leading and delivering complex technology audits in a large, multifaceted organisation, and demonstrable ability to influence and collaborate with senior technology leaders and stakeholders.
• Strong understanding of IT risk management, cybersecurity frameworks (e.g., NIST, CAF, ISO 27001), and regulatory compliance (e.g., GDPR, SOX, EU AI Act).
• Experience leading or contributing to digital transformation initiatives within internal audit, including the design and implementation of innovative audit techniques, agile auditing, and the use of emerging technologies to enhance assurance delivery.
• Ability to negotiate and work alongside a range of contacts including senior management and the motivation and energy to actively promote control improvements.

DESIRED BUT NOT REQUIRED: 

• It would be a significant advantage to have additional, substantial, experience in one or more of the following areas:
  • Cybersecurity and information security audits
  • Cloud and infrastructure audits
  • Data analytics and automation in audit
  • Agile and DevOps environments
  • Digital transformation and emerging technologies
  • IT risk and control frameworks (e.g., COBIT, ITIL)
  • Data Analytics;
  • Internal Consulting;
  • IT Audit;
  • Project Audit;
  • Media related industry experience

If you can bring some of these skills and experiences, along with transferable strengths, we’d love to hear from you and encourage you to apply