Job Description

Main Purpose of Job is to focus on the delivery of IT Audit and IT Assurance related engagements. We are looking for an IT Auditor. The entire function aims to be a leading internal audit team with the use of best-in-class audit methodology, data analytics and advanced artificial intelligence. This is an office based role.
Key responsibilities of the role:

• Providing IT, data analytics and cyber security expertise to the Internal Audit Team.
• Lead and deliver ITGC (ISA315), application and cyber security reviews across different clusters and companies within the Division.
• Collaborate with the other members of the IA team to provide guidance and IT expertise to support delivery of non- IT audits.
• Collaborate with the other members of the IA team and enable their analytics needed - source the data, assist with building the analytic and support the interpretation thereof.
• Promote ALICE across the division, working with the relevant team members in interpreting the results and offer guidance on resolving their findings.
• Plan, scope and execute IT audits across the division for areas not covered by ALICE (projects/ BCP/ DRP's/ ITGC/ cyber reviews/ application controls etc.)
• Where needed, represent IA on various IT steering Committees for new system implementation.
• Perform annual IT Audit planning in collaboration with the various Divisional CIO's and IT Teams.
• Effective time management of concurrent projects and divisional initiatives, including providing support to junior staff.
• Innovation and investment of skills in developing a cost-effective approach to data analytics.

Specialised Technical Capabilities:

• Ability to form a core technology and data risk skillset through proactively conducting research, and participating to internal and external initiatives.
• Understands and apply major program management approaches and practices (e.g., COSO, ITIL, COBIT, NIST, CIS, COBIT for SOX)
• Develop a strong knowledge of technology and data management frameworks (e.g., Technology Risk, Data Risk, Cyber Risk Maturity Model) by conducting independent research, and attending workshops, seminars, and training programs.
• Become familiar with technology and data risk, as well as industry-specific regulations; keeps up to date with emerging trends.
• Business report writing demonstrating ability to 'translate' technical concepts to non-IT audience.

Executes Assurance Engagements:

• Ability to enhance quality of assurance engagements by identifying risks, performing testing, researching governing regulations, and developing reports.
• Uses industry leading frameworks and tools to analyse client's documentation and identify risks that require control assurance.
• Tests validity of client's historical financial and non-financial information, leveraging relevant standards (e.g. ISAE 3000), as appropriate.
• Develops timeous assurance reports to accurately present risks, related controls, and the effectiveness of those controls.
• Ensure findings and recommendations are aligned with the audit objectives by keeping in mind the engagement business context when performing technical work during the assessment process to ensure all risk facets are considered.

Technical competencies:

• Solid grasp of technical skills and methodology.
• Demonstrated knowledge and technical skills on "core operating systems" e.g., Windows, UNIX, etc. as well as awareness and ability to identify risks related to in-house developed systems.
• Demonstrated knowledge and experience in performance of business process and automated controls testing on the more common applications.
• ERP security and technical knowledge (SAP, Dynamics 365 etc) including financial accounting (FI) modules.
• A good understanding of how to link risks and controls to ensure test steps and controls and risks all speak to each other; ability to research "unknown" systems or audit in-house developed systems, i.e. problem-solving/logic capabilities.
• Developing Digital fluency and knowledge on Emerging technologies, including Cloud, RPA, AI, etc.

Behavioural Competencies:

• Demonstrates ability to work efficiently and meet all deadlines consistently.
• Displays initiative and confidence.
• Takes accountability for delivery of own work, running projects end to end individually and with minimal instruction.
• Active participation and proactive attitude to service delivery.
• Deadlines and quality driven, self- starter.
• Works well within a team and with client management, as well as individually when required.
• Strong analytical skillset.
• Good communicator and collaborator, strong business/ report writing skills.

Qualifications:
Minimum Qualifications

• Degree / Diploma.
• Relevant industry specific certification (CISA, CISM etc.)

Minimum Experience:
5 years' working experience in a client facing role.
Desired Experience:

• Experience in a client facing role.
• Demonstrate an understanding of large-scale information technology application systems, infrastructure, business processes and security standards.
• Demonstrate an understanding of the IT audit methodology and its application in major client industries.
• Power BI experience/ other data analytic tools.
• Ability to work with and document workflows (Visio etc.)
• Programming would be a bonus.

Salary - R1 mill pa CTC
Send cv to