Manager: Cyber Security Auditor at Auditor-General of South Africa

Manage strategic alignment

• Assist with the development and implementation of an IT effectiveness audit strategy in accordance with policies, procedures and legislation.
• Assist with the alignment of the IT Effectiveness strategy to the strategic objectives of the business unit.
• Manage teams to ensure alignment to the vision, mission, strategic goals and values of the AGSA.
• Provide feedback on the implementation/ achievement of strategic objectives to the relevant stakeholders.

Manage audits

• Manage Network Security audits within the allocated time frame.
• Manage Network Security audits in accordance with policies, procedures and legislation requirements.

Lead, direct and coordinate the portfolio of Network Security audits covering the three audit phases:

• Planning
• Execution
• Reporting
• Liaise with auditees on the provision of advice/ recommendations, setting up meetings, etc.
• Initiate and lead meetings with the audit team regarding the direction and progress of the audits.
• Provide guidance to managers and assistance on audit-related matters.
• Ensure that all risks for the specific audit engagements are addressed. For example:
• Appointment of specialist staff
• Contract in and out
• Conduct audit team visits to:
• Review Work
• Finalise The Audit
• Conclude Working Papers
• Prepare Audit Report
• Attend meetings with the team and auditees.
• Provide motivational talks and training to team members regarding auditing matters.
• Facilitate the transfer of specialised skills for Network Security audits to the IT General Controls teams within the business unit.
• Engage with contracted-out partners.
• Manage all projects to ensure timeous delivery on milestones and the required quality of delivery.
• Perform functions as required by an engagement manager in accordance with the policies of ISA and the AGSA.
• Prepare and take responsibility for presentations.
• Report back to the audit steering committees and audit committees on the planning, execution and reporting of the audits.

Manage Human Resources 

• Analyse the business plan to determine the applicable deliverables and targets
• Participate in securing the human resource requirements to ensure that deliverables will be met in accordance with the expected targets
• Manage staff performance to implement a culture of performance management:
• Compile IPC’s and PDP’s
• Conduct coaching sessions to ensure subordinates perform at the optimum level
• Provide constant feedback to subordinates
• Provide mentorship to subordinates
• Conduct performance reviews in accordance with policies and procedures and take corrective action where necessary
• Manage the development of staff and ensure each staff member has a Personal Development Plan
• Create a conducive environment to maintain and enhance employee motivation
• Participate in transformational initiatives inclusive of change, organisational culture, CSI, diversity, etc 
• Continually improve own competence through personal development as per PDF and commitment:                                  
• Participate in learning and development programmes
• Participate on programmes for purposes of Continuous Professional Development (CPD)                           
• Manage Human Resources in accordance with policies, procedures and legal requirements
• Complete Human Resource Management actions within the allocated time frames 

Financial Management 

• Ensure the delivery of high quality, accurate and cost effective audits through effective planning and resource management.
• Assist with negotiating budgets with regularity audit and ensure that RFAs are signed and submitted on time
• Ensure effective and efficient management of projects in terms of time, cost and quality 
• Review and approve timesheets, S&T and advances in line with the allocated budget
• Monitor staff leave, training, non-recoverable activities and recoverability reports to ensure achievement of annual recoverability targets.
• Provide input on the centre income budget
• Assist with the review invoices of CWC before submission for approval

IT effectiveness

• Assist in maintaining industry, information technology and audit knowledge, skills and abilities relating to cyber security, cloud computing, enterprise mobility operating systems, network environments, applications and database management systems, programming languages, LAN / WAN communication concepts, and system development processes. 
• Monitor trends within the information technology and government sectors to identify emerging areas of risk facing government.

Assist with the coordination of the portfolio of IT effectiveness audits covering:

•  Value-for-money IT audits
• Effective and efficient deployment of IT infrastructure and services
• Compliance with ECT and PoPI (Protection of Personal Information) acts

Qualification

• B Degree in Auditing, Computer Science or Informatics

The following will be an added advantage:

• Certified Information Systems Auditor (CISA) or
• Certified Ethical Hacker (CEH) or equivalent

Experience

• Minimum 5 years IS auditing
• Minimum 2-3 years managerial experience 
• Extensive experience in vulnerability assessments and penetration testing. Candidates with managing / conducting purple team exersises will be preferred.