Principal Specialist: IT Internal Audit at Vodafone Global Enterprise

Role Purpose/Business Unit:

• The Principal Specialist: Cyber Security Auditor will be responsible for providing input into the annual audit plan and timely execution of risk-based independent assurance activities within the area of Cyber Security across the Vodacom Group.
• In addition, this role will provide guidance and best practices to the Internal Audit team and client departments on relevant current and emerging cyber-security threat management.
• In addition, this role will provide guidance and best practices to the Internal Audit team and client departments on relevant current and emerging cyber-security threat management. This position reports to the EHOD: IT Internal Audit, which in turn reports to the Vodacom Group Head of Audit.

Your responsibilities will include:

• Lead the scoping, planning, delivery and reporting of cyber security audits in the Technology domain across all Vodacom Group in accordance with the Internal Audit methodology
• Identify, develop, and document audit issues and recommendations using independent judgment concerning areas being reviewed
• Document impactful audit reports
• Perform technical audits on topics such as 5G, cloud, Internet-of-Things (IoT), Blockchain and other emerging technologies
• Be the subject matter expert within the Technology domain in the areas of cyber security and ethical hacking
• Incorporate the use of data analytics within the audit approach to increase the extent of assurance, quality of insight, and efficiency of our audits
• Follow-up on outstanding cyber security audit actions
• Support the EHOD: IT Internal Audit and peers, in delivery of audit plans by providing knowledge and expertise
• Manage relationships with Technology Senior Stakeholder
• Produce excellent quality audit work

Key performance indicators:

• Assist with the preparation of the annual audit plan in terms of cyber security audits that should be performed
• Preparation and delivery of end-to-end audits in line with Internal Audit Methodology and in this area of specialisation with minimal supervision
• Lead cyber-security related audits
• Ensure that audits are performed in accordance with the requirements of the Internal Audit methodology and IIA standards
• Document high quality, impactful audit reports
• Ensure that follow-ups of actions are conducted as per the Internal Audit methodology
• Ensure audit quality is maintained through self- and peer-review of audit work and reports
• Develop and maintain high quality knowledge base and share best practices in the area of cyber security

The ideal candidate for this role will have:

Technical: must have one of the following:

• CEH or OSCP 

Professional qualification strongly preferred:

• CISA, SSCP, CISSP, CISM, ISO27001 and CRISC or ITIL (Essential)
• Relevant IT bachelor and/or postgraduate degree (e.g. BSC Computer Science, B. Com Informatics/ B.Com Information Systems) or any other relevant qualification) (essential)

Experience required:

• Cyber security- either in implementation or operations or assessment role - minimum 3 years (essential)
• Internal or External Audit experience-minimum 3 years (advantage)
• Telecommunications and financial services industry experience (advantage)

Core competencies, knowledge, and experience:

• Experienced in the area of Cyber Security – either in an implementation, operation or assessment role
• Technical knowledge on penetration testing, ethical hacking, IT/information security/ cyber security standards and frameworks such as ISO27001, NIST CSF and GITC
• In depth hands-on experience with Vulnerability Scanning Tools like Qualys, Nessus or TVM
• Experience supporting Vulnerability Management, DLP, WAF, EDR and other solutions
• A diverse security background with knowledge in several areas including: layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance

Web Security & Encryption

• Experience in audit (external and internal) and familiar with Internal Audit standards
• Industry specific experience with mobile/ financial services and telecoms or related businesses
• Excellent English communication, report writing, presentation, negotiation and conflict management skills to interact effectively with senior management
• Excellent English communication, report writing, presentation, negotiation and conflict management skills to interact effectively with senior management.
• Ability to think analytically, creatively and independently.
• Strong interpersonal, communication, negotiation and conflict management skills with the ability to interact with all levels of the organisation.
• Strong organisational skills, including ability to multi-task, prioritise, in order to meet deadlines and be comfortable with a changing environment
• Experience in data analytics (scoping, delivering and/or consuming) e.g. in tools such as PowerBI or QlikSense or SQL.
• ‘Digital’ skills, i.e. fluent in working with audit software and the Microsoft Office365 suite (Excel, Word, PowerPoint, Teams, etc.)
• Experienced in working within complex multinational and/or multi-cultural environments.
• Willing to travel, mostly within the Africa continent.
• Ability to adapt hybrid working (home/office balance).
• Ability to work independently and within a team

We make an impact by offering:

• Enticing incentive programs and competitive benefit packages
• Retirement funds, risk benefits, and medical aid benefits
• Cell phone and data benefits, advantages fibre connection discounts, and exclusive staff discounts offered in collaboration with partner companies

Closing date for Applications: 19 March 2026