IT Internal Audit & Technology Assurance Senior Consultant

A. Engagement lifecycle & delivery management (IT Internal Audit / Technology Assurance / Technology Advisory)

• Proven track record to scope plan execute & manage report & conclude on Internal Audit engagements that specialise in IT.
• Proven track record to deliver on Assurance and Advisory Internal Audit engagements by identifying risks performing testing researching governing policies / regulations and developing reports.
• Ensures findings and recommendations are aligned with the audit objectives by keeping in mind the engagement business context and also Board Expectations (ARC).
• Demonstrated technical skills and methodology application.
• Able to develop customised audit programs for ad hoc systems.
• Ability to perform specialised IT internal audit services such as: IT governance cloud risk project assurance emerging technology assurance and ESG
• Experience in performing project audits systems post-implementation reviews (incl. data migration reviews) for multiple systems (i.e: SAP ECC / SAP S/4 / Oracle / Coupa / Sage).
• Proven track record to run end-to-end ITGC and ACR audits independently.
• Ability to independently lead multiple concurrent IT Internal Audit engagements while maintaining quality timelines and stakeholder expectations.
• Ability to translate business objectives and strategic risks into a clear risk-based IT audit approach.
• Ability to manage engagement risk including scope creep dependency risks and data availability constraints.

B. Risk controls & assurance standards expertise

• Uses industry leading frameworks and tools to analyse clients documentation and identify risks that require control assurance.
• Tests validity of clients historical financial and non-financial information leveraging relevant standards (e.g. ISAE 3000) as appropriate.
• Ability to execute on Third party assurance engagements (ISAE3402 / SOC) and unstructured controls advisory projects.
• Articulates clients regulatory framework by leveraging Deloittes proprietary approaches and applicable audit standards and guidelines.
• A good understanding of how to link risks and controls to ensure test steps and controls and risks all speak to each other.

C. Technical IT & systems knowledge

• Demonstrated knowledge of ERP systems including SAP Oracle etc.
• Demonstrated knowledge and experience of key databases (SQL Oracle) and understanding of the associated security issues and vulnerabilities.
• Demonstrated knowledge and technical skills on core operating systems e.g. Windows UNIX etc.
• Ability to perform focused IT reviews including data conversion interface reviews segregation of duties and SAP authorisations.
• Ability to research unknown systems or audit in-house developed systems
• Experience analysing system evidence independently (configurations logs extracts) rather than relying solely on management-prepared documentation.

D. Digital emerging technology & unstructured advisory capabilities

• Fluent on Digital Risk and highly knowledgeable on Emerging Technologies.
• Ability to execute on unstructured controls advisory engagements including Cloud Payments IT risk & governance RPA etc.
• Developed skills in Agile and DevOps methodologies
• Developing Digital fluency and knowledge on Emerging technologies including Cloud RPA AI etc.
• Understanding of control considerations in cloud-native environments (e.g. shared responsibility models).
• Awareness of ethical data privacy and model governance risks relating to AI and advanced analytics.

E. Sales business development & client relationship management

• Ability to proactively identify client pain points and translate them into clearly articulated engagement opportunities.
• Experience contributing to proposal development including scope definition effort estimation and risk considerations.
• Ability to position IT Internal Audit and digital risk services as enablers of business value not only compliance.
• Ability to identify cross-service collaboration opportunities within broader assurance or advisory offerings.

Qualifications :

• Bachelor of Commerce Information Systems and / or Internal Auditing Bachelor of Science Computer Science
• Relevant Degree Honours or post graduate diploma preferably
• Professional certifications such as CISA and CRISC relevant CPD
• 47 years in a client facing role
• 47 years IT Audit Third Party Assurance and IT Controls Advisory experience

Professional Development:

• Ability to form a core technology and data risk skillset through proactively conducting research.
• Understands and applies major program management approaches and practices (e.g. SDLC ITIL).
• Develops strong knowledge of technology and data management frameworks (Technology Risk Data Risk Cyber Risk Maturity Model).
• Becomes familiar with technology and data risk as well as industry-specific regulations; keeps up to date with emerging trends.
• Demonstrated adaptability in learning new technologies tools and methodologies as client needs evolve.

Additional Information :

Note: The list of tasks / duties and responsibilities contained in this document is not necessarily exhaustive.  Deloitte may ask the employee to carry out additional duties or responsibilities which may fall reasonably within the ambit of the role profile depending on operational requirements.

Be careful of Recruitment Scams: Fraudsters or employment scammers often pose as legitimate recruiters employers recruitment consultants or job placement firms advertising false job opportunities through email text messages and WhatsApp messages. They aim to cheat jobseekers out of money or to steal personal information.

To help you look out for potential recruitment scams here are some Red Flags:

• Upfront Payment Requests: Deloitte will never ask for any upfront payment for background checks job training or supplies.
• Requests for Personal Information: Be wary if you are asked for sensitive personal information especially early in the recruitment process and without a clear need for it. Fraudulent links or contractual documents may require the provision of sensitive personal data or copy documents (e.g. government issued numbers or identity documents passports or passport numbers bank account statements or numbers parents data) that may be used for identity fraud. Do not provide or send any of these documents or data. Please note we will never ask for photographs at any stage of the recruitment process.
• Unprofessional Communication: Scammers may communicate in an unprofessional manner. Their messages may be filled with poor grammar and spelling errors. The look and feel may not be consistent with the Deloitte corporate brand.

If youre unsure make direct contact with Deloitte using our official contact details. Be careful not to use any contact details provided in the suspicious job advertisement or email.

At Deloitte we want everyone to feel they can be themselves and to thrive at workin every country in everything we do every day. We aim to create a workplace where everyone is treated fairly and with respect including reasonable accommodation for persons with disabilities.

We are committed to employment equity and building a diverse and inclusive workplace across the African continent. Our recruitment processes are aligned with our Employment Equity Plan and the principles of the Employment Equity Act. Preference may be given to candidates from designated groups.

We actively support the inclusion of people with disabilities and embrace neurodiversity in the workplace. We recognise and value the unique strengths that neurodivergent individuals bring and we are committed to creating an environment where everyone can thrive.

If you require reasonable accommodations in relation to your disability and neurodiverse needs during the recruitment process please let us know. We are happy to make adjustments to suit your individual needs.

Remote Work :

No

Employment Type :

Full-time