Manager: Internal Audit IT at Liberty Group South Africa

Purpose

• The role is responsible for conducting audits on information technology systems and processes to identify potential risks and ensure compliance with legal and regulatory standards. This role requires a seasoned professional with expertise in IT systems, security, and compliance, particularly within the insurance industry, to lead a team of IT Auditors and ensure the effective and efficient execution of IT audits, risk assessments, and controls evaluation.

Key Responsibilities

• Develop and implement the annual IT audit plan, ensuring alignment with the company's objectives and regulatory requirements.
• Leading and managing IT audits from beginning to end, including planning, scoping, executing, and reporting on audit engagements.
• Developing and maintaining audit programs, checklists, and templates to ensure consistency and effectiveness of audits.
• Ensure audits are conducted in accordance with established audit standards and methodologies.
• Supervising and reviewing the work of others in the team
• Identifying and assessing IT-related risks and evaluating the effectiveness of IT controls and providing recommendations to mitigate those risks and improve processes.
• Prepare detailed audit reports summarising findings, conclusions, and recommendations.
• Meeting with stakeholders to communicate/present findings and discuss recommendations for improvement and tracking progress of remediation efforts.
• Maintain effective communication with stakeholders from the various business functions/departments.
• Collaborate with business and IT leaders to ensure compliance with regulations, standards, and policies.

Additional Key Responsibilities

• Work side by side with business leaders to solve complex challenges.
• Monitoring and staying abreast of emerging technology risks, security threats, and industry trends to ensure audit plans remain relevant and effective.
• Apply current knowledge of IT trends, techniques, and risks to identify security and risk management improvement opportunities to enhance value to our stakeholders.
• Develop understanding of core IT processes and look for opportunities to help IT management in gaining process efficiencies and control optimisation.
• Managing and mentoring a team of IT auditors, providing guidance, coaching, and training to ensure high-quality work and professional development.
• Maintaining relationships with external auditors and regulators to ensure a seamless and efficient audit process.
• Communicating effectively, both orally and in writing, to convey complex technical and business concepts to non-technical audiences.
• Assisting with special projects and initiatives as assigned by senior management.
• Ensure IT audits are compliant with regulatory requirements and industry standards.
• Stay updated on relevant laws, regulations, and best practices affecting the insurance industry and IT auditing.
• Identify opportunities for improving audit processes and methodologies.
• Implement new ways of work, tools and technologies to enhance the efficiency and effectiveness of the IT audit function.
• Contribute to the growth of the GIA IT Audit team to achieve key goals and initiatives.

Technical Competencies

• Demonstrate strong knowledge of IT, data and cybersecurity frameworks (COBIT, ITIL, COSO, ISO17799/ISO27001, TOGAF, NIST, etc)
• Strong technical skills in network controls or system implementations including reviews of routers, switches, firewall security

Technical/infrastructure knowledge is essential i.e. detailed knowledge of the following technology platforms:

• Operating systems - UNIX, LINUX, Windows
• Databases – e.g. SQL, Oracle
• IT Networks
• Firewalls
• Cyber Security
• Data Analytics (ACL)
• Relevant IT related laws (ECT act, POPI etc.)
• Enterprise Risk Management
• Audit software and tools (e.g. TeamMate).
• Demonstrates a broad overall understanding of IT governance, IT processes and Information Security functions.
• Provides insights and appropriate recommendations on the IT risk areas.
• Engages with senior stakeholders to clear adverse audit reports.
• Understands IT and data analytics including emerging IT trends
• Must be able to systematically identify, analyse and resolve existing and anticipated problems to reach optimum solutions in a timely manner

Minimum Experience

• 8 - 10 years experience in a similar environment, of which 3 - 4 years at senior management level

Minimum Qualifications

• Bachelor`s Degrees and Advanced Diplomas [NQF Level 07] in Information Technology and Computer Sciences

Additional Minimum Qualifications

• Certifications like CISA, CISM, or CRISC are essential.
• Additional certifications (e.g., CISCO, CISSP, Ethical Hacking etc) are advantageous
• Relevant bachelor degree (Essential)
• Minimum of 8 years IT audit experience (Essential)
• Experience managing audit teams (Essential)
• IT certification: CISA and CISM, or CISSP (Essential)
• Cyber security experience (Advantage)
• Insurance and Asset Management industry experience (Advantage)
• Relevant postgraduate degree (Advantage)