Assistant Manager: Cyber Security

To provide support to management in managing audit initiatives that promotes the secure, effective and efficient implementation of IT architectures and services within the government sector.

Participate in audit committee/steering committee meetings with Business Unit (BU) management as and when required

Conduct Network security audits covering the three audit phases:

• Planning
• Execution
• Reporting

Plan the network security audit:

• Define the objectives of the audit
• Define the scope of the audit
• Identify benchmarks to be utilised
• Assess the risks from source documentation
• Compile the audit plan
• Conduct a walk through process with the relevant role players

Execute tests, inclusive of:

• Compliance to policies, procedures, standards and specifications
• Adequacy on goals
• Reliability of information
• Efficiency and effectiveness of operations
• Safeguarding of assets
• Internal and External vulnerability assessments
• Firewall and Router assessments
• Web application reviews

Generate audit reports indicating:

• Audit findings
• Recommendations

Conduct a closure meeting, where appropriate, to discuss:

• Accepted recommendations to be implemented and timelines applicable
• Rejected recommendations and internal actions to be implemented
• Target dates for implementation and review

Supervise subordinates in the execution of the three audit phases.

Supervise team meetings regarding the direction and progress on the audits.

Provide guidance to auditors on audit related matters.

Conduct the field work in accordance with policies and procedures.

Communicate to Manager and Senior Manager on progress or obstacles during the audit.

Submit the audit report for publishing and archiving.

Finalise the audit file and submit for archiving in accordance with policies and procedures.

Provide support in the review of contract work and quality assurance.

Promote and manage sound internal controls within the Business Unit.

Keep abreast of the latest development at the AGSA.

Manage audits within the allocated time frame.

Manage audits in adherence to internal processes, policies and procedures.

Maintain internal stakeholder relationships:

• Participate in debriefing sessions with regularity audit on the previous year’s audits performed
• Engage with team members during the audit process
• Liaise with colleagues within the Business Unit

Maintain external stakeholder relationships:

• Liaise with audit firms
• Liaise with prospective employees
• Liaise with Auditees with regards to Audit requirements

Monitor staff performance to implement a culture of performance management:

• Participate in the compilation ofIPC’s and PDP’s
• Conduct coaching sessions of staff members
• Provide constant feedback to subordinates
• Provide mentorship to subordinates
• Conduct performance reviews in accordance with policies and procedures and take corrective action where necessary

Manage the development of staff and ensure each staff member has a Personal Development Plan

Create a conducive environment to maintain and enhance employee motivation

Participate in transformational initiatives inclusive of change, organisational culture, CSI, diversity, etc

Continually improve own competence through personal development as per PDF and commitment:

• Participate in learning and development programmes
• Participate on programmes for purposes of Continuous Professional Development (CPD)

Manage Human Resources in accordance with policies, procedures and legal requirements

Complete Human Resource Management actions within the allocated time frames

Support the Manager to ensure the delivery of high quality, accurate and cost effective audits through effective planning and resource management

Ensure effective and efficient management of projects in terms of time, cost and quality

Providing input to manager on:

• Planning of audits under her/his control
• Budgeting requirements
• Organisational reporting needs

Ensure that hours and expenses booked are in accordance with the allocated budget

Achieve own recoverability target

Manage budget in accordance with policies, procedures and legal requirements

Complete budget management actions within the allocated time frames

Assist the Manager in maintaining industry, information technology and audit knowledge, skills and abilities relating to cyber security, cloud computing, enterprise mobility operating systems, network environments, applications and database management systems, programming languages, LAN / WAN communication concepts, and system development processes.

Monitor trends within the information technology and government sectors to identify emerging areas of risk facing government.

Assist the Manager with the coordination of the portfolio of IT effectiveness audits covering:

• Value-for-money IT audits
• Effective and efficient deployment of IT infrastructure and services
• Compliance with ECT and Protection of personal information (PoPI) acts

Perform and/or manage other projects, tasks and assignments not stipulated on the Job description as and when required

• B Degree in Auditing, Computer Science, Informatics or equivalent
• CISA - Preferred
• CEH or equivalent - Preferred

Knowledge of Auditing

In-depth knowledge and skills in assessing/ auditing the security on a networked environment, i.e.:

• Knowledge/ skills in assessing the management and technical configuration of various types of firewalls.
• Knowledge of various types of vulnerability detection tools, how to use them to enumerate vulnerabilities, and how to interpret outputs using the respective tool.

Knowledge/ skills in assessing the security and configuration of various operating system and database types.

Knowledge and understanding of the principles of finance and the components involved in finance; must be able to apply PFMA and MFMA principles and adhere to due dates.

• Minimum 4 - 5 years IS auditing experience
• Minimum of 1-2 years’ supervisory experience

These appointments are subject to the preferred candidates obtaining the necessary security clearance, reference checking and competency assessment. We embrace employment equity and are committed to achievement of fair and equal representation of our workforce. Preference will be given to internal applicants and candidates from previously disadvantaged backgrounds.

Auditor General welcomes applications from all persons with disabilities

NB: Please note that only shortlisted candidates will be contacted. Should you not hear from the us application unsuccessful.