Job Description
Security, trust and strong controls are critical to how Sage operates — and this role helps make sure they stay that way.
We’re looking for an IT Compliance Auditor to join our Global IT Controls Compliance team. This is a hands‑on, mid‑level role where you’ll work across our technology landscape, partnering with teams to make sure our IT controls are not only compliant, but practical, effective and fit for a modern, global business.
Rather than acting as a “checker”, you’ll be a trusted partner — helping teams understand risk, strengthen controls and continuously improve how we govern our systems, data and change processes.
*** Please note: This is a hybrid role requiring 3 days per week in our Newcastle office ***
Key Responsibilities
What you’ll be responsible for
Driving meaningful IT controls assurance
Oversee IT compliance and operational audits across security, data, operations and change management
Assess how controls are designed and how they work in practice — not just whether they exist on paper
Produce clear, robust audit evidence that can be relied upon by both internal and external auditors
Improving how we do governance
Refresh and improve audit approaches as technologies, risks and ways of working evolve
Help strengthen and standardise governance processes through the effective use of GRC tooling
Identify where controls can be simplified, strengthened or made more effective — and help teams get there
Working in partnership across Sage
Collaborate with application, infrastructure and IT operations teams across multiple regions
Clearly communicate audit findings, risks and recommendations to senior stakeholders
Support teams in defining realistic remediation plans and seeing them through to completion
Supporting external audit and compliance activity
Work closely with internal and external auditors to support annual IT General Controls and SOx testing
Act as a key point of contact, helping ensure audits run smoothly and findings are well understood
What we’re looking for:
You don’t need to tick every box, but the right person will likely bring:
Experience in IT compliance, risk or audit roles, with exposure to ITGC, SOx and control frameworks
A working knowledge of how controls apply to applications, infrastructure, operations and change
Confidence to challenge, influence and support teams in a constructive way
Strong analytical skills and the ability to get to the root cause of control issues
Clear communication skills — especially when translating technical or risk topics for non‑technical audiences
A collaborative, pragmatic mindset and the ability to manage competing priorities
Nice to have (not essential)
CISA (Certified Information Systems Auditor) or equivalent experience
Benefits? We have plenty...
Video: https://www.youtube.com/watch?v=TCMtTYUUiuU
Generous bonuses and pension scheme: Up to 8% matched pension contribution plus 2% top-up by Sage.
25 days of paid annual leave with the option to buy up to another 5 days.
8 bank holiday days.
Paid 5 days yearly to volunteer through our Sage Foundation.
50% income protection.
Holiday buy + sell.
Comprehensive health, dental, and vision coverage.
Work away scheme for up to 10 weeks a year.
Ongoing training and professional development.
Hybrid working.
Healthy Mind app membership
Access to various helpful memberships for finances, health and wellbeing.
#LI-MD1