Global IT Compliance Auditor

Security, trust and strong controls are critical to how Sage operates — and this role helps make sure they stay that way.



We’re looking for an IT Compliance Auditor to join our Global IT Controls Compliance team. This is a hands‑on, mid‑level role where you’ll work across our technology landscape, partnering with teams to make sure our IT controls are not only compliant, but practical, effective and fit for a modern, global business.



Rather than acting as a “checker”, you’ll be a trusted partner — helping teams understand risk, strengthen controls and continuously improve how we govern our systems, data and change processes.



This is a hybrid role – three days per week in our Newcastle office.
What you’ll be responsible for



Driving meaningful IT controls assurance



• Oversee IT compliance and operational audits across security, data, operations and change management

• Assess how controls are designed and how they work in practice — not just whether they exist on paper

• Produce clear, robust audit evidence that can be relied upon by both internal and external auditors



Improving how we do governance



• Refresh and improve audit approaches as technologies, risks and ways of working evolve

• Help strengthen and standardise governance processes through the effective use of GRC tooling

• Identify where controls can be simplified, strengthened or made more effective — and help teams get there



Working in partnership across Sage



• Collaborate with application, infrastructure and IT operations teams across multiple regions

• Clearly communicate audit findings, risks and recommendations to senior stakeholders

• Support teams in defining realistic remediation plans and seeing them through to completion



Supporting external audit and compliance activity



• Work closely with internal and external auditors to support annual IT General Controls and SOx testing

• Act as a key point of contact, helping ensure audits run smoothly and findings are well understood





What we’re looking for:



You don’t need to tick every box, but the right person will likely bring:



• Experience in IT compliance, risk or audit roles, with exposure to ITGC, SOx and control frameworks

• A working knowledge of how controls apply to applications, infrastructure, operations and change

• Confidence to challenge, influence and support teams in a constructive way

• Strong analytical skills and the ability to get to the root cause of control issues

• Clear communication skills — especially when translating technical or risk topics for non‑technical audiences

• A collaborative, pragmatic mindset and the ability to manage competing priorities



Nice to have (not essential)

• CISA (Certified Information Systems Auditor) or equivalent experience





#LI-MD1