R700 000 a year
Description:
The incumbent will assist in understanding and effectively managing existing and emerging IT risks, perform moderately complex, high risk or high profile individual Internal IT Audit assignments in line with the annual audit plan across the Group. On-site audits are performed and therefore extensive travelling will be involved.
Education:
- Degree in Information Systems (BCom or B.Sc Computer Science)
- Professional qualification in either of the following: CISA/CISM/CRISC/CGEIT/ITIL/ Certified Ethical Hacker /
- Cyber Security Certification
Experience:
- Minimum of 5 years experience
- Experience in an IT auditing environment, conducting on-site IT audit engagements for the full project life cycle from planning through to reporting and socialising outcomes with senior management
- Strong scripting experience (Oracle, Windows, Linux, SQL)
- Strong technical skills in information security administration covering configuration (systems vulnerability assessment using tools such as:
- SekChek, SQL commands and scripts)
- Network penetration controls or system implementations including reviews of routers, switches, firewall security would be highly desirable
- Critical Security Controls for windows, Linux/Unix, etc.
- Nessus
- Firewall reviews
- Ethical hacking including penetration testing experience will be highly advantageous
- Must have conceptual and integrated understanding of IT risk
- Practical understanding of COBIT governance requirements, principles and practices
- Experience in IT risk assessments and models
- Experience in implementing and evaluating IT general and application environment controls and the use of CAATS
- Reasonable knowledge of King III/IV, ITIL, and ISO17799
- Advantage: work experience with TeamMate and analytical data mining tools such as IDEA and ACL
Please visit our website
