Group IT Audit Manager in Birmingham

Location: Birmingham or London

About the role

BT’s purpose is to ‘connect for good’ and its ambition is to become ‘the most trusted connector of people, devices and machines’. To achieve this, it’s important we are clear where we are on track and where we need to focus. Our Group Internal Audit team shines a light on what works well and where things can be improved, helping BT build solid foundations so it can go faster in delivering and achieving its purpose and ambition.

As an Internal Audit Manager you will play a key role in providing high quality assurance to the Board Audit and Risk Committee. You will support the delivery of audits across IT, Networks, and data in a professional manner to enable Group Internal Audit to provide independent and objective assurance to senior management and the Board, via the Board Audit & Risk Committee. This includes the tracking and testing of management actions to address audit findings to confirm resolution. You will also engage stakeholders throughout the audit process in a customer‑connected manner to provide high quality, reliable, efficient service and experience.

What you’ll be doing

• Accountable for delivering assigned audits e2e in a risk assessed, timely, and focused manner, utilising data analytics tools where appropriate; acting predominantly as lead auditor but may on occasion support others;
• Initial oversight and first level review of audit work papers prepared by individuals assigned to audit where acting as lead to ensure the work is of good quality;
• Preparation of initial draft audit reports;
• Tracking agreed audit actions to ensure implementation is achieved against targets and that the remediation is effective;
• Supporting the IA SM in ongoing liaison with CFU/CU management; this includes gathering business insights to provide input to Group Internal Audit’s annual strategy of a programme of objective audit work;
• Supporting on input to the various management fora across the CFUs such as production of papers for quarterly ARCs and other governance committees; attendance at assigned sessions with management;
• Contributing to initiatives underpinning the RCA goals and objectives;
• May line manage apprentices and graduates;
• Providing technical advice, coaching and mentoring to audit team members and direct reports where appropriate; sharing timely, insightful feedback to improve performance.

Essential Skills / Experience

• Proven ability to lead end-to-end IT audits independently: Demonstrated experience delivering risk-based audits from planning through to reporting and follow-up, with minimal supervision. Confident acting as the lead auditor in complex environments and ensuring high-quality outputs throughout.
• Strong background in IT audit within a complex organisation: Experience delivering internal IT audit engagements, ideally combining professional services training (Big Four or equivalent) with industry experience to bring both technical depth and commercial awareness.
• Expertise in risk, controls and audit methodologies: Deep understanding of risk-based auditing principles, control frameworks, and assurance processes, with the ability to assess control effectiveness and provide clear, insight-led recommendations to senior stakeholders.
• Excellent stakeholder management and communication skills: Ability to build strong, credible relationships across the business, confidently presenting findings and influencing senior stakeholders, including contributing to governance forums such as Audit & Risk Committees.

Desirable Skills / Experience

• Relevant professional certifications (e.g. CISA essential in ideal profile, plus CISM, CISSP, CRISC or similar) demonstrating strong technical credibility in IT audit and assurance.
• Knowledge of industry-standard frameworks and benchmarks such as ISO 27001, NIST, CIS Benchmarks or ISF SoGP, with the ability to apply these in audit environments.
• Experience across key technology and risk domains, such as cloud, networks, infrastructure, cyber/information security, data governance, GDPR, operational resilience or third‑party risk.
• Exposure to enterprise risk management / 1st and 2nd line of defence models, supporting broader risk and governance activities beyond audit delivery.
• Strong project management and organisational skills, with the ability to prioritise, manage multiple audits concurrently, and deliver to tight timelines.
• Experience using data analytics within audit engagements to enhance insight, efficiency and audit quality.
• Coaching, mentoring or line management experience, supporting the development of junior team members and contributing to team capability building.
• Growth mindset and commitment to continuous professional development, staying up to date with evolving technology risks and audit practices.

Our Package

Tailored benefits make a real difference. That’s why we offer a comprehensive range to support your growth, wellbeing, and everyday life. You can design the package to suit you and your lifestyle. Your core benefits include:

• 10% on target annual bonus
• Access to an online private GP 24/7 for you and your immediate family
• Market‑leading paid carers leave with up to 2 weeks off
• Equalised maternity, paternity, and adoption leave – 18 weeks’ full pay and 8 weeks’ half pay
• Discounted EE and BT products, including mobile and broadband
• Market leading Pension scheme – 5% from you and 10% from us
• Holiday purchase scheme

You can select additional benefits, including healthcare, dental, gym memberships and more when you’re ready.