Senior IT Auditor : IT & Application Controls

What will you do?

A position as a Senior Auditor exists within Group Internal Audit: Santam Corporate Services, based in the Cape Town office.

To conduct various types of assurance and consulting reviews with the primary focus on IT and Application Control audits across the Santam Group (Santam Ltd, subsidiaries, brokers, portfolio managers, underwriting agencies, and partners). This will be done in accordance with the annual audit plan approved by Santam’s Audit Committee and conducted in terms of International Standards for the Professional Practice of Internal Audit. The role requires someone with strong IT skills, the ability to engage IT and IS personnel, and comfort discussing application and database architectures, infrastructure, and complex business processes. The role also requires applying our risk-based methodology, leading and managing multiple audit assignments, and working independently.

What will make you successful in this role?

• Conduct risk-based technology-focused (IT) audit assignments to contribute to the internal audit plan approved by Santam’s Group Audit Committee. This includes general computer control reviews, application control reviews, and reviews of IT controls within business processes, such as data interfaces and pre/post-implementation reviews focusing on application controls.
• Plan, execute, report, and follow up on audit work, including risk and control assessments, developing and reviewing audit procedures, preparing findings, analyzing root causes, and creating audit reports. Facilitate practical action plans with management to support strategic and financial objectives. Ensure audit work is documented properly and completed within time and budget constraints.
• Assist in reporting to audit, risk, and related committees.
• Provide input into annual audit planning.
• Follow up on audit issues and contribute to reports for governance structures.
• Maintain high-quality standards in audit methodology, approach, and documentation.
• Support and mentor junior/trainee auditors.
• Manage relationships with internal stakeholders and external partners, especially in Information Security.
• Represent GIA at relevant forums within Santam.
• Travel nationally to Santam offices and partners as required.

Qualification and Experience

• A relevant qualification (Diploma, Bachelor’s, or Honours degree) in science, commerce, engineering, technology, information systems, informatics, or similar.
• Over 4 years of experience in audit, consulting, risk management, governance, or related operations, with demonstrable exposure as per the job description.
• Experience in performing IT general, application controls, and similar audits across various environments.
• Solid understanding of business processes at an application and database level.
• Advanced knowledge of internal audit practices, methodologies, and frameworks.
• Experience in the insurance industry is preferred.
• Progress towards or completion of CISA, CRISC, or similar certifications.
• Good understanding of security and control frameworks such as COBIT, ITIL, COSO, OWASP, CIS, and similar.
• Experience with leading audit software packages is advantageous.

Skills

• Strong numerical, analytical, and conceptual skills.
• Analytical thinking and logical reasoning.
• Understanding of key controls and risk management principles.
• Excellent time management skills.
• Exceptional interpersonal, communication, and networking skills.
• Relationship management with a client service orientation.
• Facilitation, influencing, and negotiation skills.
• Strong verbal and written communication abilities.
• Conflict management skills.
• Ability to work independently and in teams.

Core Competencies

Innovation, customer focus, results-driven, collaboration, resilience—contributing through others.

About The Company

Santam is South Africa’s leading short-term insurer, transacting all classes of short-term insurance through its subsidiaries. As a large, diversified, and transforming company, our success is rooted in our passion for clients. Everything we do is centered on delivering insurance good and proper.