Information Technology Audit Manager at AfroCentric Group

Information Technology Audit Manager 

AfroCentric Group is looking to hire an IT Audit Manager. The incumbent will be required to support the performance and completion of the approved internal audit plan and ad hoc projects to ensure audit objectives are met and audit working papers are of the appropriate quality to support the conclusions reached and the objectives of the project. 

Responsibilities & Duties

• Contribute to the development of the Internal Audit strategy and annual assurance plan.
• Build and maintain relationships with the AfroCentric companies and other assurance providers.
• Attend and present at client Audit and Risks committee meetings.
• IT General Controls;
• Application Controls;
• Technical Infrastructure;
• Project and Programme Management;
• Cyber and Information Security; and
• Data Assurance, Data Analytics, continuous auditing/monitoring via Computer Assisted Techniques (CAATS) advantageous.
• Direct, coordinate and manage IT Audit reviews (including Cyber Security) covering all audit phases according to the audit methodology. (including Understanding IT Environment, Preparing of Audit Memos, developing Risk and Control Matrix, Prepare Audit programs and Reports).
• Implement and manage IT Audit related tools (RPA tools and Virtual Audit tools) and ensure effectiveness thereof.
• Project manage all projects to ensure timeous delivery on milestones and quality of delivery is met.
• Perform assessments on IT Infrastructure, IT Processes and Policies, IT Financial and Non-Financial Systems, System Development Life Cycles etc.
• Provide consulting services on IT Innovations, new developments etc.
• Conduct research on IT Audits trends as well as innovative tools and facilitate debriefing sessions with Internal Audit and AfroTech.
• Manage internal and external stakeholder relationships.
• Assist with the implementation of Combined Assurance model where applicable.
• Provide assistance with the preparation of client schemes Audit Committee Packs.
• Represent Internal Audit at client Audit and Risk Committees.
• Conduct follow-ups on prior findings raised.
• Allocate follow ups accordingly and ensure timely review.
• Self- development: studying, attending courses, external courses, e-learning.
• Provide IT audit training to the audit team.
• Staff development.
• Conduct bi-annual appraisals with the team.
• Stay up to date with the Internal Audit profession, Information Technology developments and industry developments.
• Ongoing development and improvement of audit methodology.
• Travel if required.

Qualification(s):

• Bachelor’s Degree in Computer Science, Information Technology, Computer Auditing or Auditing.
• Post Graduate Degree will be an added advantage.
• Certified Information Systems Auditor (CISA).
• Certified Information Security Manager (CISM) and/or Certified Information Systems Security Professional (CISSP) will be an added advantage.

Competencies

• Strategic, analytical and critical thinker.
• Solution driven individual.
• Teamwork and collaboration.
• Drive performance excellence.
• The ability to independently run a project.
• Ability to advise and negotiate at management level.
• Innovation driven.
• Manage audits within allocated times.
• Manage audits in accordance with policies, procedures and legislative requirements.

Experience

• At least 3 or more years of specialized working experience as an audit manager which includes:
• Considerable knowledge of internal controls, business and information technology risks
• Demonstrated knowledge and practical IT Audit experience including IT General Controls Reviews, Application Controls Review (different applications and business processes), Project Assurance and Post Implementation reviews, Basic Data Analytics, Basic IT Security Reviews;
• Knowledge of IT Audit related tools such as RPA’s for ITGC’s, Virtual Audit tools etc.
• Demonstrated knowledge and practical audit experience of cyber security technologies including firewall, IDS/IPS, proxies, anti-malware, email security, remote access, security baseline, data encryption, database security, RACF security, operating systems, etc.
• Knowledge of IT risk identification (including threats, vulnerabilities, risk) and assessment
• Knowledge of IT governance theories and practices, including methods of implementation.

Qualifications

• Bachelor’s Degree in Computer Science, Information Technology, Computer Auditing or Auditing.
• Post Graduate Degree will be an added advantage.
• Certified Information Systems Auditor (CISA).
• Certified Information Security Manager (CISM) and/or Certified Information Systems Security Professional (CISSP) will be an added advantage.