As an IT auditor you will assist in understanding and effectively managing existing and emerging IT risks, perform moderately complex, high risk or high profile individual Internal IT Auditassignments in line with the annual audit plan across the Group.
To qualify for the role you must have the following:
- Degree in Information Systems (BCom or B.Sc Computer Science)
- Professional qualification in either of the following: CISA/CISM/CRISC/CGEIT/ITIL/ Certified Ethical Hacker / Cyber Security Certification
- Minimum of 5 years experience in an IT auditing environment, conducting on-site IT audit engagements for the full project life cycle
- Strong scripting experience (Oracle, Windows, Linux, SQL)
- Strong technical skills in information security administration covering configuration (systems vulnerability assessment using tools such as:
- SekChek, SQL commands and scripts)
- Network penetration controls or system implementations including reviews of routers, switches, firewall security would be highly desirable
- Critical Security Controls for Windows, Linux/Unix, etc.
- Nessus
- Firewall reviews
- Practical understanding of COBIT governance requirements, principles and practices
- Experience in IT risk assessments and models
- Experience in implementing and evaluating IT general and application environment controls and the use of CAATS
- Reasonable knowledge of King III/IV, ITIL, and ISO17799
- Advantage: work experience with TeamMate and analytical data mining tools such as IDEA and ACL