Spotify Internal Audit (IA) is looking for an Internal Audit Senior Manager to support the evolution of our Enterprise Risk Management program; enhance the risk-based internal audit methodology; and support and execute on operational, compliance and financial internal audit reviews.
We are looking for a highly qualified risk management and internal audit professional, who will work across our global organization to identify risks, help manage their impact on the organization, and influence decisions in the business. You will lead assurance and advisory projects within areas such as revenue and sales, bundle partnerships, finance and accounting, compliance and legal.
To be effective, you’ll stay close to Spotify’s business and technology strategy roadmaps to ensure that IA is engaged where it counts and to develop a deep understanding of Spotify’s business. You’ll thrive in this position if you are a master relationship builder, and effective in agile, fast-moving organizations and enjoy working in a high-performing and highly-collaborative international team environment. Additionally, you’ll provide insights on new ways to perform internal audits, guidance to junior auditors, and counsel to teams about control improvements. Ideal candidates have experience working with technology companies working in cloud environments and developing products via Agile methodologies.
This role is based in New York City and will report to the Director, Internal Audit Operations & Enterprise Risk Management. Some travel will be required.
What You’ll Do:
- Support the Director, Internal Audit Operations & Enterprise Risk Management in the development of the IA Operations and Enterprise Risk Management pillar. While people management is not part of this role at this time, the candidate will provide coaching to team members as appropriate.
- Drive risk assessments and dynamic audit planning, to develop and deliver a risk based Internal Audit plan, taking direction from the Board of Directors, Audit Committee, and Senior Management.
- Coordinate Enterprise Risk Management activities including risk identification, continuous risk assessment, risk mitigation/risk acceptance, risk remediation including driving accountability for risk management through the organization.
- Develop and enhance ERM practices, tools and policies to identify, prioritize, assess, mitigate, monitor and report on risks and opportunities across the enterprise, based on best practices and benchmarking against other technology and non-technology company ERM programs.
- Fosters an integrated risk management approach through coordination with other risk functions (e.g., Legal, Privacy and Information Security) to align on methodology and approach, to enhance operating controls, minimize duplication of effort and maximize execution.
- Manage and perform the full lifecycle of internal audits, including scoping, testing, deficiency confirmation, and reporting for audits that cover both business and technology risks
- Together with the team, lead and support assurance and advisory projects, working with and managing stakeholder expectations.
- Lead, coach and mentor a team of audit professionals to execute internal audits and projects, ensuring proper training, consistent execution and audit skill development.
- Bring thought leadership, leading practice frameworks, audit process improvements, and contribute to the continuous improvement of the department.
- Develop and enhance Internal Audit methodology and tools to ensure consistency in quality and execution of internal audits.
- Prepare reporting for the Head of Internal Audit, Senior Management, and the Audit Committee on risks, portfolio of audits, and outcomes.
Who You Are:
- Bachelor degree with a major in Business Administration, Accounting or Finance. CPA/CA, CIA, or CISA is a merit.
- Big 4 experience and internal audit experience in industry are strong merits.
- 12+ years of experience working, implementing and auditing key risk frameworks including COSO, ISO, NIST.
- Strong knowledge of internal audit and internal control principles (e.g. COSO), financial and operational processes, risks and risk management is required.
- You have experience working in the technology industry and/or with companies that develop software with a worldwide consumer user base. Experience with the music and entertainment industry is a merit.
- Demonstrated ability to assess complex issues through root cause analysis and other analytical techniques; structure potential solutions; drive to resolution with senior stakeholders.
- Possesses a high energy level, intellectual curiosity and strong work ethic with a commitment to continuous improvement in a dynamic and changing environment.
- Strong relationship management, communication and interpersonal skills to interact comfortably and persuasively with senior/executive level management.
- Strong presentation skills with the ability to articulate complex problems and solutions through concise and clear messaging
- Track record of effectively assessing and managing competing priorities to deliver high quality and timely work.
- Experience working with multinational organizations is required; experience working with a SEC FPI is a merit.
- Experience working with Archer or other similar GRC tool is a merit.
We strongly believe that diversity of experience, perspectives, and background will lead to a better workplace for our employees and a better product for our users and our creators. This is something we value deeply and we encourage everyone to come be a part of changing the way the world listens to music.