Audit Manager: Digital & Cyber

SUMMARY:

We are seeking an experienced Audit Manager: Digital Cyber to lead and execute audit and advisory engagements across the organisation, engaging with senior and middle management. The role focuses on identifying and evaluating risks in strategic, operational, compliance, reporting, and internal control areas, with a strong emphasis on digital tr...

POSITION INFO:

We are seeking an experienced Audit Manager: Digital Cyber to lead and execute audit and advisory engagements across the organisation, engaging with senior and middle management. The role focuses on identifying and evaluating risks in strategic, operational, compliance, reporting, and internal control areas, with a strong emphasis on digital transformation, cyber security, data governance, cloud computing, AI, and evolving IT architectures.

The successful candidate will collaborate with IT, Risk, Compliance, and Business Units to ensure effective governance and risk mitigation. They will also contribute to the development and execution of the Internal Audit plan, drive innovation in audit practices, and mentor junior staff. This position requires a strategic thinker with the ability to deliver data-driven insights and promote continuous improvement in audit quality and relevance.

What you'll do:

• Strategy and Planning
  • Set the internal audit strategy and audit plan and oversee the implementation thereof.
  • Deliver on the internal audit strategic objectives by developing deeper perspectives and options for how to best serve our clients, solve problems, being proactive about suggesting meaningful improvements, leveraging subject matter expertise and considering broader organisational implications in terms of risk assurance.
  • Continuously drive internal audit process improvement to enhance value delivery and strengthen partnerships with business stakeholders
• Operational / Technical:
  
  • Assist in developing the annual audit and advisory plan as well as determining resource needs.
  • Manages overall audit and advisory engagements to ensure the timely delivery of the highest quality work, reports and value-add recommendations.
  • Develops a thorough and comprehensive understanding of the overarching risk universe, processes and associated internal controls, issues, pertinent regulations and risks associated with the engagement scope.
  • Assesses the design adequacy and effectiveness of the control environment, identifies control gaps and opportunities for continuous improvement and relates it divisionally and enterprise-wide, as appropriate.
  • Performs audit work and analysis on complex audit areas.
  • Provides draft opinions on audit and advisory findings, ratings and recommendations to senior Internal Audit management.
  • Serves as trusted advisor and consultant to the department and business leaders to share knowledge and perspective on topics related to governance, risk, control and areas of expertise.
• Stakeholder Engagement:
  • Effectively build and maintain business relationships with all internal and external stakeholders, to become a credible and trusted advisor and business partner.
  • Maintain a deep understanding of the business environment, strategic priorities, risks and challenges as well as prevailing legislation and emerging industry trends.
  • Effectively collaborate with second-line functions to support a coordinated and efficient combined assurance approach and avoid duplication of efforts.
• Management and Leadership:
  
  • Build a high performance team through managing resources, coaching, mentoring, retention of critical staff, and talent development.
  • Promote continuous learning and professional growth within the team.
• Financial Management:
  • Responsible for effective budget management and control within area of responsibility and projects.

Your expertise:

• Minimum of 5 - 6 years relevant experience in IT Audit of which 2 years are in a management/leader role, with a strong focus on digital technologies, infrastructure, and IT architecture.
• Proven experience in leading and managing high-performing teams.
• Strong track record of building and maintaining effective stakeholder relationships.
• Ability to manage and deliver complex projects within scope, time, and budget.
• Experience in project management.

Qualifications:

• Relevant BSc degree as a minimum, as well as one or more of the following
• Certified Information Security Manager (CISM)
• Offensive Security Certified Professional (OSCP)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• Certified Internal Auditor (CIA) / Professional Internal Auditor (PIA)
• Certification in Risk Management Assurance (CRMA)
• Certified in Risk and Information Systems Control (CRISC)

Other information applicable to the opportunity:

• Permanent position
• Location: Johannesburg

Skills

• Good business acumen combined with the ability to identify, assess, and interpret strategic and operational risks
• Ability to take a holistic view of the organisation in determining and positioning internal audit’s role.
• Ability to identify strategic issues through critical reasoning.
• Ability to effectively influence across all relevant levels within the business unit, including senior and middle business management.
• Ability to effectively plan and set priorities for self and engagement team.
• Strong leadership skills.
• Professional communication.
• Strong project management skills.
• Results oriented with a strong deadline focus.
• Ability to build strong relationships and to work with others towards shared goals.
• Team player able to collaborate and support colleagues and peers across the organisation, while still being able to work independently when needed.
• Flexible and open to change and innovation.
• Good conflict management skills.
• Good negotiation and problem solving skills.
• Strong attention to detail and quality.
• Good report writing and presentation of findings skills.
• Strong analytical skills.
• Ability to use Nessus, Kali, NMap and other security tools

Core Competencies:

• Business Acumen
• Integrity and ethics
• Innovative thinking
• Building relationships, collaborating and influencing others
• Customer focus
• Managing Complexity
• Delivering results
• Strategic and analytical thinking

Technical Competencies:

• Technical Report Writing
• IT Audit Methodologies
• General Insurance principles
• Data Governance Privacy
• Practice management
• Risk assurance and management
• Well versed in IT General Controls (ITGCs)
• Governance, Risk Compliance (GRC) Platforms
• Third-Party Risk Management
• Regulatory Industry Standards