Job Description

Position summary
Industry: Auditing/Accounting
Job category: Internal Auditing
Location: Cape Town
Contract: Permanent
Remuneration: Market-related
EE position: No
Introduction
To deliver impactful and high-quality IT audit and advisory engagements across infrastructure, applications, and cybersecurity domains, which identify and drive improvements within the IT control environment. This includes assurance over IT governance, controls, and risk management processes using leading frameworks (e.g., COBIT, ITIL), as well as data analytics and cyber risk assessment.
Job description
Perform comprehensive reviews of IT General Controls (ITGCs), application controls, and supporting IT processes across infrastructure, cloud, and ERP environments.
Conduct pre-implementation reviews for major IT and digital transformation projects, with a focus on change control, data migration, and post-go-live stability.
Working together with financial auditors as part of an integrated team, review the IT/systems control elements of end-to-end business process reviews.
Leverage data analytics to identify anomalies, support sampling, and provide audit insights.
Deliver IT audit projects in accordance with the required standards.
Produce high quality reports that clearly identify control adequacy and effectiveness concerns.
Produce high-quality working papers and clear, actionable audit reports that highlight risks, root causes, and pragmatic recommendations.
Educate stakeholders on key IT and cyber risks, expected controls, and process improvement opportunities.
Draft quarterly inputs for Audit Committee reporting, summarising IT risk coverage, control themes, and emerging issues.
Prepare of quarterly IT audit committee submissions.
Maintain professional relationships with IT, business, and external audit stakeholders to ensure proactive risk coverage and integrated assurance.
Minimum requirements
Tertiary qualification in Information Systems, Computer Science, Finance, or a related discipline
Professional certifications such as CISA, CRISC, CISM, or CISSP (advantageous)
At least 5 years' internal or external IT audit experience, including at least 2 years in a senior/lead capacity
Strong data analytics capability using relevant tools
Experience in facilitating risk and control workshops, presenting findings, and building stakeholder buy-in
Internal/ External audit, financial or merchandising experience
Requisite systems knowledge/ process analysis and IT experience
Knowledge and understanding of risk-based approach to internal audit
Experience of agile audit skills
Strong verbal and written communication skills, with the ability to translate technical issues into business context
High integrity, analytical thinking, and the ability to manage multiple priorities in a fast-paced, evolving environment