IT Audit Associate 3

Johannesburg - South Africa

Monthly Salary: Not Disclosed

Posted on: 21 hours ago

Vacancies: 1 Vacancy

Job Summary

Technology Consulting IT Audit Associate 3

Our national practice assists clients in providing IT audit services in support of our financial audits. Wealso provide IT governance and IT risk related services to a variety of clients and particularly in the Financial Services Oil & Gas Retail and government sectors.

The opportunity

Our structured career framework means youll continue to develop whatever level youre at. Sowhenever you join however long you stay the exceptional EY experience lasts a lifetime.

Key Responsibilities

Cybersecurity Audits

Plan and execute audits of IT systems networks and applications to identify vulnerabilities and compliance gaps.
Review cybersecurity frameworks (e.g. NIST CSF ISO 27001) and assess adherence.
Conduct penetration testing and vulnerability assessments where applicable.

IT General Controls (ITGC)

Evaluate user access management authentication and privilege controls.
Review change management backup and disaster recovery processes.

Risk Assessment & Compliance

Perform risk-based audits aligned with regulatory requirements (e.g. DORA NIS2 PCI DSS).
Prepare audit reports with actionable recommendations for remediation.

Incident Response & Governance

Participate in cyber incident simulations and wargaming exercises.
Advise on IT governance cyber risk management and business continuity planning.

Stakeholder Engagement

Collaborate with IT security and business teams to implement audit findings.
Communicate technical risks in clear business-friendly language.

Core Skills & Attributes

Strong analytical and problem-solving skills.
Ability to work independently and manage multiple audits simultaneously.
Excellent communication and report-writing skills.
High ethical standards and attention to detail.

Technical Skills

Knowledge of cybersecurity tools and technologies (Firewalls IDS/IPS VPN DLP).
Familiarity with IT audit methodologies and frameworks (COBIT ITIL).
Proficiency in data analytics for audit testing.
Understanding of cloud security and emerging cyber threats.

Qualifications

Minimum 3 years of IT audit experience with exposure to cybersecurity audits.
Bachelors degree in Information Technology Computer Science or related field.
Certifications: CISA (Certified Information Systems Auditor) preferred CEH CISSP or ISO 27001 Lead Auditor advantageous.

Additional Specialised Skills

Experience in regulatory compliance audits (SOX ISAE 3402).
Knowledge of cyber risk assessment and governance frameworks.
Strong IT audit experience including SOX compliance.
Sound knowledge of cybersecurity frameworks and practices with the ability to apply standards such as ISO 27001 and ethical hacking principles.
Excellent analytical interpersonal communication writing and presentation skills.

About EY
As a global leader in assurance tax transaction and advisory services we hire and develop the most
passionate people in their field to help build a better working world. This starts with a culture that
believes in giving you the training opportunities and creative freedom to make things better. So that
whenever you join however long you stay the exceptional EY experience lasts a lifetime

Required Experience:

Technology Consulting IT Audit Associate 3Our national practice assists clients in providing IT audit services in support of our financial audits. Wealso provide IT governance and IT risk related services to a variety of clients and particularly in the Financial Services Oil & Gas Retail and governm...