Senior Manager at MTN

Job description

Please note that this role is based in Roodepoort, Johannesburg (Innovation Centre)

Mission/Core purpose of the Job:

To manage the technology and cyber security sub-function, driving the internal audit programme framework, process innovation and meaningful analytics. To achieve excellence and effectiveness of overall internal information security management through process and system audits (IT system, network, and GRC system) ensuring alignment with Internal Audit strategy. Acting as an expert in the field, this role provides support to the GM in developing the overall IT and network audit framework, and continuous improvement.

Education/Business Degree:

• 4 Years Bachelor of Commerce/Bachelor of Science with Post Graduate qualification (Honours/Masters)
• Professional qualification in IT Internal Audit - CISA, CISM, CISSP

Work Experience:

• Minimum 5 years’ experience in a management position in internal audit,
• At least 3 years experience in Telco/ICT, in the specific area of technology and cyber security audit

Key Job Responsibilities

• Operational Delivery
• Manage internal IT systems, GRC and network audit sub function, ensuring the effectiveness of internal controls on information security, quality of work, and audit reports and analytics, in line with internal audit standards and methodologies, with full adherence to the internal audit framework.
• Lead and manage complex internal audits on IT systems and networks, review inconsistencies and advise on required changes/enhancements to improve technological risk management, control and governance processes, in line with company’s strategic objectives and best practice guidelines’;
• Assist internal departments to meet regulatory and compliance standards;
• Assess the likely/projected legal implications and ramifications of IT systems and network audits;
• Consolidate, review and sign off on all IT system and network audit reports for submission to top management and Audit Committee;
• Ensure cost effective operation of the internal IT system and network audit sub-function by driving excellence and effectiveness of the internal audit framework, which will increase internal controls and manage risk, which, due to the nature of the business, is changing constantly;
• Identify and drive where appropriate, opportunities for cost saving initiatives without compromising quality and effectiveness of the framework;
• Provide direction to staff, ensure that the standards for internal audit are compiled at the highest level;
• Report to management on IT systems and network audit results, highlighting new internal and external high level risks, cost controls and recommendations for improvements within the Internal Audit department;
• Develop and drive an annual risk based internal audit plan with regards to IT systems and the network in order to ensure adequate quality assurance over risk management;
• Ensure that the technology and cyber security audit sub-function remains independent, objective and ethical;
• Provide expertise, advice and support to management with by providing technical insights on new information security risks;
• Ensure that best practices in internal audit are incorporated into the framework, driving cost reduction and effectiveness in risk management;
• Provide assurance to management on the effectiveness of the internal controls over information security, internal processes and systems related to both virtual, as well as physical technology assets.