IT Internal Auditor
Mukuru
- Cape Town, Western Cape
- Permanent
- Full-time
- Participate in the development of the IT risk-based audit plan and strategy
- Understand and review and organisation's IT business and various system risks, and processes and policies
- Review IT application controls , general controls, access security, change control, configuration management, IT back-up and continuity, and IT service and security management (infrastructure security, network security, application security, information security, cloud security, data security as well as end-user security)
- Build and manage relationships with IT stakeholders
- Conduct IT risk analysis and audit planning relevant to the business processes and systems
- Perform audits in terms of the IIA/ISACA standards, IT Frameworks and IA Methodology
- Identify shortcomings, inefficiencies, inadequacies in IT controls and governance processes.
- Propose value-added recommendations for improvements to business processes and systems.
- Engage with relevant management on findings and obtain management actions.
- Conduct follow-up reviews and ensure that management actions have been addressed.
- IT Projects and systems in development involvement. Providing assurance and/or advise on the various phases of their life-cycle.
- Perform Data analytics to conduct audit work or for continuous monitoring.
- Protect against fraud and theft of the organisations assets
- Ensure fraud checks and safe guarding of assets are top of mind and included in all audit procedures
- Ensure red flags are identified for fraud and theft and respond with detailed checks
- Support investigators on IT fraud related matters
- Guide management on IT internal controls that need to be in place to mitigate against fraud and theft of assets
- Support the IT Group Risk management process
- Ensure governance procedures are adhered to and escalate all non-compliance
- Maintain audit working papers in line with IA methodology
- Compile value adding internal audit reports in line with IIA Standards and IA Methodology
- Prepare reporting for Audit Committee meetings
- Manage the IT audit plan and ensure completion of audit activities within the required timelines.
- Manage own professional and self-development
- Grade 12 / or equivalent (Essential)
- B. degree in Commerce/Internal Auditing/ Computer Science/Informatics or equivalent qualification (Essential)
- 5 years' experience as a IT Internal Auditor (Essential) with 2 at a senior level
- Proven experience of recommending effective IT controls, frameworks and best practices (Essential)
- Data analytics (Essential)
- CISA qualified (Desirable)
- Knowledge of IT threats, vulnerabilities and, risks
- Knowledge of COBIT, ITIL and NIST Frameworks
- Knowledge of ISO27001
- Knowledge of Project methodology and phase involvement
- Knowledge of Internal Audit principles and IIA/ISACA standards
- Computer literate (MS Office)
- Strong verbal & written communication
- Organised
- Attention to detail and high quality work
- Assertive
- Analytical skills
- Interpretation skills
- Research and data mining/analytics skills
- Aware of latest IT risks and trends
- ACL