Digital Risk Senior Associate (Internal IT Audit)
EY · Johannesburg, CA · 2 wk ago
On-siteAccountingFull-time
Key Responsibilities
- Lead the execution of ITGC reviews, including access management, change management, and IT operations controls.
- Assess design and operating effectiveness of key controls across systems and platforms.
- Take ownership of sections of IT audit engagements from planning through to completion.
- Perform and review control testing, ensuring quality and alignment with audit methodology.
- Identify key risks and provide practical, value-adding recommendations.
- Conduct and guide risk-based audits aligned with regulatory and internal requirements (e.g., SOX, King IV, ISAE 3402).
- Review working papers and ensure findings are clearly documented and supported.
- Contribute to the preparation of high-quality audit reports for stakeholders.
- Evaluate IT governance frameworks and control environments.
- Provide insights on improving processes, controls, and risk management practices.
- Support business continuity and disaster recovery assessments.
Stakeholder Engagement
- Act as a key point of contact for clients on day-to-day audit matters.
- Communicate findings, risks, and recommendations clearly and confidently.
- Build and maintain strong client relationships.
Coaching & Team Leadership
- Coach and mentor junior team members, providing guidance on audit approach, testing, and documentation.
- Review team members’ work, ensuring quality, accuracy, and completeness.
- Provide constructive feedback and support team development.
- Contribute to creating a high-performing, collaborative team environment.
Core Skills & Attributes
- Strong analytical thinking and problem-solving ability.
- Ability to take ownership and manage multiple deliverables.
- High attention to detail and commitment to quality.
- Strong communication and stakeholder management skills.
- Leadership mindset with a focus on coaching and team development.
Technical Skills
- Strong experience in IT audit and ITGCs (access, change, operations).
- Good understanding of control frameworks (COBIT, ITIL).
- Ability to review and assess control design and effectiveness.
- Exposure to data analytics in audit is advantageous.
Qualifications & Experience
- 3–4+ years’ experience in IT audit, internal audit, or IT risk.
- Degree in IT, Information Systems, Computer Science, or related field.
- CISA preferred; progress towards certification is advantageous.