Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the implementation of IT controls and compliance frameworks across Costa Coffee.
- Company: Join Costa Coffee, a global brand reimagining coffee experiences.
- Benefits: Enjoy competitive perks like share ownership, discounts, and private medical cover.
- Why this job: Make a real impact in a dynamic environment while shaping compliance culture.
- Qualifications: Experience in risk management and knowledge of IT security standards required.
- Other info: Flexible working with a vibrant team culture and excellent career growth opportunities.
The predicted salary is between 43200 - 72000 £ per year.
At Costa Coffee, we are what we craft. We’re reimagining coffee experiences in over 50 countries and counting, as a key part of the Coca-Cola System. Our teams make a difference, whether that’s working on new tech for the perfect pour, helping our teams grow, creating award-winning campaigns, crunching the numbers, or developing the latest exciting menu item; together, we stir up success.
We may be a global brand, but we haven’t forgotten our roots. That’s where the Costa Foundation and our fantastic community agenda come in. Whatever your role, you can help us change lives in coffee growing communities and help your local community too. We also want to help you grow in your career through amazing experiences, our apprenticeship scheme, and development programmes. At Costa, you can go beyond the day-to-day.
As a Lead IT Audit & Controls Manager, we’re seeking a Risk & Compliance professional to lead the implementation of the SOX IT General Controls framework across the Costa Group. You’ll act as a subject matter expert, guiding complex control processes, influencing senior stakeholders, and embedding compliance across internal teams and third parties. The role also supports IT audit readiness, risk management, and regulatory compliance (e.g. SOX, ISA-315), ensuring governance standards are met and reporting is delivered to senior leadership and The Coca-Cola Company.
We didn’t become a global coffee brand by sitting back. When you work here, you join a community that values passion, progression and integrity, with some pretty brilliant perks to sweeten the deal:
- Own a piece of Costa’s success by becoming a share owner in Coca-Cola with our Share Investment Plan (SIP)
- A smart pension that saves you money on tax and national insurance, and matches your contributions up to 10%
- The Costa Financial Support Fund, supporting team members who find themselves in unexpected financial pressure
- 50% discount in all Costa-owned stores, and 25% off in other participating stores
- Private medical cover thanks to our Private Healthcare scheme
We’re passionate about being a great place to work, where you can bring your unique self into our mix. We firmly support diversity, equity and inclusion, and continue to work with our teams to shape the future of our culture and values: Disciplined to Deliver, Passion for Progress, Win with Warmth, Courage to Challenge and Trusted Team Players.
What you’ll do:
- Lead the development and implementation of the SOX IT General Controls and Risk & Compliance framework across the Costa Group.
- Act as a subject matter expert, providing guidance on complex controls and influencing strategic decisions at senior management level.
- Drive cultural change to embed SOX controls across internal teams and third parties, ensuring compliance and understanding.
- Support continuous improvement in IT Audit, Risk Management, and regulatory compliance (e.g. SOX, ISA-315) across global operations.
- Ensure effective risk monitoring, supplier assurance, and regular reporting to senior leadership.
Who you are:
- Awareness of information and cyber security standards (e.g. ISO27000, NIST, PCI-DSS, CIS) and their relevance in a global retail environment.
- Familiarity with security tools, processes, and risk management frameworks such as COBIT.
- Experience working in a global organisation, including engagement with third parties and suppliers.
- Exposure to developing policies, standards, and guidelines in a large-scale business context.
- Desirable: Understanding of SOX, ITGC, IT risk, and data protection, with relevant certifications (e.g. CISA, CISSP, CISM) and familiarity with frameworks like ITIL and ISF.
Right now, our Support Centre teams work flexibly, blending home working with in-person time whenever it matters most – whether that’s a team moment, a creative session, or simply coming together to share ideas. We’re excited to be moving into a new home for our brand in St Albans in January 2027 – an inspiring space from which our Support Centre teams will work three days a week to connect and collaborate in-person to bring our bold ambition to life.
Lead IT Audit & Controls Manager in St Albans employer: Costa Limited
Contact Detail:
Costa Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Lead IT Audit & Controls Manager in St Albans
✨Tip Number 1
Network like a pro! Reach out to current or former employees at Costa Coffee on LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
✨Tip Number 2
Prepare for the interview by researching Costa's values and recent projects. Show us how your skills align with their mission to stir up success and make a difference in communities.
✨Tip Number 3
Practice common interview questions, especially those related to risk management and compliance. We want to see how you handle real-life scenarios, so think of examples from your past experiences.
✨Tip Number 4
Don’t forget to follow up after your interview! A quick thank-you email can leave a lasting impression and show us that you’re genuinely interested in the role.
We think you need these skills to ace Lead IT Audit & Controls Manager in St Albans
Some tips for your application 🫡
Show Your Passion: When you’re writing your application, let your passion for coffee and the role shine through. We want to see how excited you are about joining Costa and making a difference in our community!
Tailor Your CV: Make sure your CV is tailored to the Lead IT Audit & Controls Manager role. Highlight your relevant experience with SOX, risk management, and compliance frameworks. We love seeing how your unique skills fit into our team!
Be Clear and Concise: Keep your application clear and to the point. Use bullet points where possible to make it easy for us to read. We appreciate straightforward communication, especially when it comes to complex topics like IT controls.
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy to navigate!
How to prepare for a job interview at Costa Limited
✨Know Your SOX Inside Out
As a Lead IT Audit & Controls Manager, you'll need to demonstrate a solid understanding of the SOX IT General Controls framework. Brush up on your knowledge of SOX compliance and be ready to discuss how you've implemented similar frameworks in past roles.
✨Showcase Your Stakeholder Influence
This role involves influencing senior stakeholders, so prepare examples of how you've successfully navigated complex control processes. Think about times when you’ve had to persuade others or drive cultural change within an organisation.
✨Familiarise Yourself with Cyber Security Standards
Costa Coffee values awareness of information and cyber security standards. Be prepared to discuss relevant frameworks like ISO27000 or NIST, and how they apply to risk management in a global retail environment. This will show that you’re not just knowledgeable but also proactive.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in risk management and compliance. Think through potential challenges you might face in this role and how you would address them, especially in relation to third-party suppliers and internal teams.
