Superintendent Internal Control IT at Sibanye-Stillwater

Minimum Required Qualification:

• Have NQF 7 (Bachelor’s Degree or Advanced Diploma) in a relevant field (e.g., Information Systems, Information Technology, Computer Science, IT Audit, or similar)

The Appointee should:

• Have at least 5 years’ experience in a related IT risk, IT controls, IT audit or SOX controls role, of which 2 years should have been at an IT supervisory level
• Have a minimum of 4 years SOX related experience with a strong focus on ITGCs and IT application controls / IT-dependent controls (documentation, evidence readiness, and/or testing support)
• Have a minimum of 2 years IT control testing experience (internal, external, or co-sourced), including evidence standards and audit interaction
• Be medically fit to work in the specific business area.
• Have a clear security screening record
• Have a clear credit record.
• Have a valid driver’s license.

Advantageous Qualifications:

• Professional certification such as Certified Information System Auditor (CISA), (or equivalent IT audit / security / controls certification)
• Experience with data analytics and/or process mining solutions supporting controls monitoring or evidence quality

Additional Requirements:

• IT controls and SOX execution skills: strong understanding of ITGCs, IT application controls (ITACs), and IT-dependent controls within SOX Section 404 and 302 requirements
• In-depth knowledge of the COSO Internal Control Framework as well as ISO 27001 and/or COBIT
• Experience with SOX control and process documentation/testing support, including evidence standards and report writing
• Good understanding of IT Systems such as SAP, JDE, Symplexity, Maxxess and Coupa (or equivalent ERP and business systems), including key IT configurations and interfaces impacting financial reporting
• Computer skills (MS Office and SAP GRC)
• Data analytics / process mining experience (advantageous)
• Apply the organisation's code of conduct in a work environment and act with integrity.

Key Responsibilities:

• Support the day-to-day execution of IT-related SOX activities for in-scope systems, in line with the approved SOX methodology and under the guidance of the Unit Manager SOX
• Perform and support walkthroughs with IT control owners and process owners to confirm control design, IT dependencies, and evidence requirements
• Coordinate IT control evidence readiness activities (PBCs), including evidence quality checks, completeness validation, and timely follow-up with control owners
• Maintain and update IT-related process/control documentation (including IT narratives and IT process flows) illustrating key IT dependencies for financial reporting processes and controls
• Support the maintenance of risk and control documentation inputs (including IT-dependent controls) and ensure documentation is accurate, complete, and audit-ready
• Perform IT-focused risk analysis to identify financial reporting risks arising from system functionality, configurations, interfaces, access/security, and change management for inscope accounts and processes
• Support the identification, design, documentation, and implementation of ITGCs and IT Application Controls (ITACs) to address identified risks, in collaboration with IT control owners and the Unit Manager SOX
• Provide guidance on IT control requirements and governance considerations for new projects and system/process changes impacting SOX in-scope environments
• Perform the evaluation of ITGCs/ITACs deficiencies (design and operating), evaluating evidence gaps, root cause analyses and coordinating responses with IT control owners
• Guide and assist IT control owners with the remediation of SOX IT control deficiencies, including action planning, tracking, and escalation of delays or blockers to the Unit Manager SOX
• Coordinate IT control owner inputs for quarterly CSA/CEQ activities for assigned areas, including follow-ups on overdue items and escalation of non-compliance to the Unit Manager SOX
• Assist with preparation of IT-focused inputs for SOX status reporting, and audit interactions, for review by the Unit Manager SOX
• Identify opportunities to improve the efficiency and effectiveness of IT control execution through automation, standardisation, and continuous monitoring techniques (where feasible)
• Explore process mining / data analytics use cases relevant to SOX and support pilots and implementation of agreed enhancements
• Provide guidance and training to operations, business departments, and corporate office process/control owners on pertinent IT-related control topics and trends

Deadline:4th June,2026