Senior Manager : It Audit

Manage the effective and timeous cybersecurity audits of public sector Information Technology (IT) systems, thereby ensuring a service is provided to the people of South Africa in terms of relevant laws and regulations. Implement the business unit's strategic objectives by managing a portfolio of audits through the effective and efficient allocation of resources, management, stakeholder management and coordination of people to perform quality, effective and timely audits.

Provide input into the strategic objectives to assist in establishing the strategic direction of the Business Unit (BU).

Facilitate the implementation of the Business Unit and Specialised Audit Solutions (SAS) strategic plans in accordance with policies, procedures and legislation. Manage teams to ensure alignment to the vision, mission, strategic goals and values of the Auditor-General of South Africa (AGSA or Auditor-General). Provide feedback on implementation / achievement of strategic objectives to the relevant stakeholders.

Ensure effective execution of cybersecurity audits. Drive innovation, efficiency, and effectiveness in the cyber audit space. Identifying emerging risks, leveraging new audit techniques, and enhancing audit methodologies to strengthen the AGSA's cybersecurity assurance.

Key driver in positioning AGSA as a cybersecurity audit leader, both locally and internationally. Contribute in knowledge-sharing platforms, engage at all levels. Collaborate with INTOSAI and other key stakeholders to shape the future of cybersecurity audit excellence.

Manage Audits—Lead, direct and coordinate portfolio of audits covering the three audit phases: Planning, Execution, Reporting. Liaise with auditees in the provision of advice/recommendations, setting up meetings, etc. Initiate and lead meetings with the audit team regarding the direction and progress on the audits. Provide guidance to managers and assistance on audit related matters. Ensure that all risks are addressed for the specific audit engagements, for example: Appointment of specialist staff. Contract in and out. Conduct audit team visits to: Review work. Finalise the audit. Conclude working papers. Prepare audit report. Attend meetings with the team and auditees. Provide motivation talks and training on auditing matters to team members. Engage with contracted out partners. Project manage all projects to ensure timeous delivery on milestones and quality of delivery is met. Perform functions as required by an engagement manager as spelled out in the ISA's and the Auditor-General policies. Prepare and take responsibility for presentations. Report back to the audit steering committees and audit committees on the planning, execution and reporting of the audits. Manage audits within the allocated time frame. Manage audits in accordance with policies, procedures and legislation.

Ensure clear understanding of auditees' business requirements through efficient stakeholder engagement and that this is translated into clear deliverables. Build collaborative relationships with internal and external stakeholders. Liaise and interact with key stakeholders & management to share information, resolve challenges and make recommendations for improvements. Manage and report on stakeholder engagements. Promote the AGSA brand and reputation. Participate in Business Unit Leader / Deputy Business Unit Leader Discussions. Inform the Business Unit Leader and / or the Deputy Business Unit Leader on: Issues arising from audits. Focus areas for auditing administration matters: Financial issues. Compliance concerns. People and resourcing matters. Manage Internal Stakeholder Relationships: Engage with regularity audit on audit proceedings. Facilitate debriefing sessions with regularity audit on the previous year's audits performed. Engage with the team during the three audit phases (namely planning, execution and reporting). Communicate with the team on non-audit and strategic matters. Liaise with colleagues within the BUL. Liaise with colleagues within the portfolio. Manage External Relationships: Engage regularly with the management of the auditee on audit proceedings. Engage with audit firms regarding contracted out audits. Participate in audit and steering committee meetings. Attend Standing Committee on Public Accounts (SCOPA) and portfolio committee meetings by invitation. Engage with prospective employees.

• Implement the activities outlined on the BU People Plan.
• Manage team performance to drive productivity.
• Contribute to transformation / culture plans.
• Motivate, coach and mentor staff to ensure maximum productivity and development of the staff to their full potential.
• Participate in initiatives to attract talent.
• Contribute to effective administration of the BU training office.
• Cascade strategic organisational alignment messages and commitments.
• Implement relevant centre initiatives to bring about an inclusive culture, enhanced employee experience and employee well-being.
• Analyse the business plan to determine the applicable deliverables and targets.
• Determine and secure the human resource requirements to ensure that deliverables will be met in accordance with the expected targets.
• Manage the staff performance evaluation system for the centre: Compile Individual Performance Contracts (IPC)'s and Performance Development Plans (PDP)'s.
• Conduct coaching sessions to ensure staff member perform at the optimum level.
• Conduct performance reviews in accordance with policies and procedures and take corrective action where necessary.
• Conduct one-on-one sessions.
• Participate in the talent management of the Business Unit to drive a high performance culture in accordance with the AGSA's roles and responsibilities and competency framework.
• Manage the development of staff and ensure each staff member has a Personal Development Plan.
• Approve leave, timesheets, subsistence and travel (S&T) and cash advances.
• Act as a champion on one of the five strategic goals of the business unit (value add, visibility with impact, viability and visions and values) to ensure that the Business Unit achieves its objectives: Provide feedback at the monthly senior management meeting.
• Manage the centre's resources (staff, Contract Work Contractors (CWC) and funding): Participate in meetings Provide direction and guidance to achieve a timely high quality product.
• Develop the staff to optimum productivity levels.
• Improve on client relations within the overall business processes captured in the Business Scorecard (BSC).
• Manage Human Resources in accordance with policies, procedures and legal requirements.
• Complete Human Resource Management actions within the allocated time frames.

Responsible for compiling the centre budget. Manage the centre budget, income and cost to ensure adherence to the required financial performance standards for the portfolio. Manage debtor's collection. Ensure compliance with internal processes and procedures. Manage supply chain processes and other adhoc financial requests.

Perform and / or manage other projects, tasks and assignments not stipulated on the Job description as and when required. Monitor Information. Track the following to gather and monitor the centre: Audits (Own and CWC); Stakeholder engagements; Funding (income and expenditure); IPC's; HR / Culture Initiatives; Balanced Scorecard Initiatives; BU Initiatives; Compliance matters (internal control). Skills, Experience and Education.

Minimum qualification of National Qualifications Framework (NQF) Level 7 (i.e. 4 year Bachelor's Degree / post graduate Diploma) e.g. B Com with specialisation in Auditing and / or Information Technology. Certified Information Systems Auditor (CISA) or equivalent (e.g. a recognised IT auditing certification) AND At least one of the following: Offensive Security Certified Professional (OSCP) or equivalent (e.g. CEH); Certified Incident Handler (ECIH / GCIH) or equivalent (e.g. CRIA).

Minimum of 8 years' experience post qualification with at least 4 years' experience operating at a manager / middle management level. Extensive experience in managing cybersecurity and network security audits, with a strong understanding of networked environments that support various application hosting infrastructures, including Windows and Unix-based operating systems, as well as MSSQL and Oracle databases. Extensive experience in conducting cybersecurity maturity assessments, particularly within the Southern African context.

This includes a strong ability to position insights and control recommendations for clients, guided by leading frameworks such as NIST CSF, ISO, CIS, and COBIT.

NB : Please note that only shortlisted candidates will be contacted.

Should you not hear from us within four weeks, kindly consider your application unsuccessful.