Senior IT Auditor at Grant Thornton South Africa

Job description

Purpose

Leading IT audit teams, under the supervision of a manager.

Job Description   

• Planning IT audits/advisory work/solutions for private and public sector:  IT strategy, governance and IT policy assessments/implementations

  o   IT strategy, governance and IT policy assessments/implementations

  o   IT and business risk assessments

  o   IT security (firewall, O/S, application, database, logical & physical IT security)

  o   Disaster recovery planning (DRP) and Business continuity planning (BCP)

  o   Application control reviews

  o   Systems Development Life Cycle (SDLC) reviews and application-under-development auditing

  o   General computer control reviews

  o   Service Organization Control (SOC) audits - SOC1, SOC2 & SOC3 – ISAE 3402, SSAE 16, AT 101

  o   Sarbanes Oxley (SOX) IT audits

  o   Confidentiality and data privacy (POPI) audits, advice

• Documenting and testing IT controls using Grant Thornton and international methodologies and standards (e.g. COBIT, ISAE3402 (SOC1), SSAE16 (SOC1), AT101 (SOC2 & 3) etc.) 
• Identifying risks associated with clients’ systems 
• Identifying key IT controls from a financial statement and/or risk perspective 
• Performing compliance testing 
• Performing Computer Assisted Audit Techniques (CAATS), where required 
• Drafting reports on findings 
• Liaising with Financial Audit, Internal Audit and Corporate Finance staff 
• Involvement from time to time in special assignments
• Excellent “soft” and PR skills - building client relations and networking

Competencies required

• Strong interest in information technology and limited knowledge of new IT trends in market as well as average understanding of Microsoft operating systems and database management systems.                                          
• Understanding of business processes; average general IT control, disaster recovery and application audit skills and average experience in testing and knowledge of application controls (both in-house developed systems and off-the-shelf systems, including ERP systems).  
• Good working knowledge of Windows, MS Word, MS Excel & MS PowerPoint.                
• Basic knowledge of IDEA or ACL is preferred.                                                                    
• Excellent report writing skills.                                                                      

• Good English language communication skills, both verbal and written.

Experience

• Practical (NOT theory about!) IT auditing experience required (solid 3 – 4 years of experience required).
• Preferably the candidate should have a strong consulting background, and should be able to work on multiple assignments, under huge pressure and should be willing to work overtime.

Personal attributes

• Professional at all times      
• Integrity
• Initiative                
• Attention to detail  
•  Hands-on technical abilities and experience
• Strong work ethic  
• Excellent interpersonal (“soft”) and networking skills to deal with difficult clients                 Team player with multi-tasking and leadership skills to manage a team as supervisor
• Good organisational skills

Qualifications

• B.Com/B.Sc (Information Systems), H.Dip (Computer Audit), B.Com (Internal Auditing) or equal B-degree qualification.
• CISA certified (must be able to demonstrate practical understanding of theory) or honours degree.