The successful candidate will lead and participate in integrated audit reviews to provide assurance on the adequacy and effectiveness of management controls and risk management through review of IT Security and IT General Controls, at divisional and business unit level within FNB. Participation in Group Wide Reviews at a FirstRand level will also be required.
- Efficiency improvements in the audit process, including the use of CAATs, which are critical throughout the audit process.
- To execute IT General Controls Review testing and be able to analyse security configurations for operating systems, database management systems and othertechnologies and prepare related working papers.
- To also draft reports highlighting relevant control weaknesses,risks and recommendations, as well as effective communication with clients and all audit staff.
- This individual should also participate in internal departmental work and assist in the development of junior team members.
- The candidate will (inter alia)conduct preliminary surveys of the area and processes under review to establish the scope of the audit, ensuring that all key risks and controls are included.
- Applicants should also be able to audit major database management systems such as Microsoft SQL, Oracle and/or DB2; as well as understand and analyse firewallrules; and have an understanding of TCP/IP networking.
- A relevant Honours degree would be advantageous. Completed CISA/CISSP qualifications would also be preferred, as would programming/scripting skills.
- Candidates should have a passion fortechnology; be delivery focused whilst maintaining the required quality ofwork.
- Further beneficial competencies would include: analyticalthinking; attention to detail; multi-tasking; innovative problem-solving;report writing; and presentation skills.
- Applicants should hold a BSc (Computer Science or Engineering) or BCom (Information Systems) degree with majors in inter alia IT Security and Information Management, or a BCom Informatics or similar.
- Applicants should also boast a solid understanding of process analysis to identify risks and controls; conduct data analytics; root cause analysis; and be familiar with the concepts of combined assurance and agile auditing.
- In addition, applicants should have a minimum of 3 years internal/external audit experience in IT General Controls testing or consulting and be able to audit Windows, UNIX and other operating systems without the use of automated tools such as SekChek.
- Experience in the banking industrywould be preferable.
- Applicants should display an understanding and be able to apply the IIA Audit Standards.
Vacancy Type: Full Time
Job Location: Johannesburg, Gauteng, South Africa
Application Deadline: N/A