IT Internal Audit / IT Audit Senior Consultant at Deloitte

Job Description


This role will primarily focus on the sales and supervision and management of IT Internal Audit and related IT controls assurance engagements.


Specialised Technical Capabilities:

The applying candidate should demonstrate experience in selling and managing the delivery of IT internal audit and related controls assurance engagements as follows:


Ability to scope, plan, execute & manage, report & conclude on IT Internal Audit engagements.
Ability to drive sales and business development in the form of new engagement requests including new targeting opportunities, RFP bid requests, client relationship building and opportunity identification and targeting etc.
Work closely with the Internal Audit teams to sell and manage IT Internal audit scope and plans
Ability to deliver on Assurance engagements by identifying risks, performing testing, researching governing policies / regulations, and developing reports
Uses industry leading frameworks and tools to analyze client's documentation and identify risks that require control assurance
Tests validity of client's historical financial and non-financial information, leveraging relevant standards (e.g. ISAE 3000), as appropriate
Articulates client's regulatory framework by leveraging Deloitte's proprietary approaches and applicable audit standards and guidelines
Develops assurance reports to accurately present risks, related controls, and the effectiveness of those controls
Ensures findings and recommendations are aligned with the audit objectives by keeping in mind the engagement business context when performing technical work during the assessment process to ensure all risk facets are considered
Demonstrated technical skills and methodology application
Able to develop customised audit programs for ad hoc systems
Demonstrated knowledge of ERP systems including SAP, Oracle etc.
Demonstrated knowledge and experience of key databases (SQL, Oracle) and understanding of the associated security issues and vulnerabilities
Ability to perform focused IT reviews including data conversion, interface reviews, segregation of duties and SAP authorisations.
Ability to execute on Third party assurance engagements (ISAE3402/SOC) and unstructured controls advisory projects
Fluent on Digital Risk and highly knowledgeable on Emerging Technologies
Ability to execute on unstructured controls advisory engagements including Cloud, Payments, IT risk & governance, RPA etc. Developed skills in Agile and DevOps
Strong industry experience in key industries.
Ability to supervise others and impart knowledge.
Ability to develop, manage, coach and lead the IT Internal Audit team


The candidate should also demonstrate the willingness to develop themselves in the following areas:


Ability to form a core technology and data risk skillset through proactively conducting research, and participating to internal and external initiatives
Understands and applies the major program management approaches and practices (e.g., SDLC, ITIL)
Develops a strong knowledge of technology and data management frameworks (e.g., Technology Risk, Data Risk, Cyber Risk Maturity Model) by conducting independent research, and attending workshops, seminars and training programs
Becomes familiar with technology and data risk, as well as industry-specific regulations; keeps up to date with emerging trends.
Ability to perform specialised IT internal audit services, such as: IT governance, cloud risk, project assurance, emerging technology assurance and ESG.


Qualifications


Bachelor of Commerce Information Systems and / or Internal Auditing, Bachelor of Science Computer Science.
Relevant Degree, Honours or post graduate diploma preferably.
Professional certifications such as CISA and CRISC + relevant CPD that establishes credibility and capability in the IT Risk / Audit market.
4-7 years in a client facing role.
4-7 years IT Audit, Third Party Assurance and IT Controls Advisory experience selected industries of experience (e.g. financial services, TMT or consumer business, etc.)
Solid grasp of technical skills and methodology
Demonstrated knowledge and technical skills on "core operating systems" e.g. Windows, UNIX, etc.
Experience in performing project audits, systems post-implementation reviews (incl. data migration reviews)
Demonstrated knowledge and experience in performance of business process and automated controls testing on the more common applications
Developing knowledge of ERP systems like SAP
A good understanding of how to link risks and controls to ensure test steps and controls and risks all speak to each other; ability to research "unknown" systems or audit in-house developed systems, i.e. problem-solving/logic capabilities
Developing Digital fluency and knowledge on Emerging technologies, including Cloud, RPA, AI, etc.
Developing skills in Agile and DevOps.
Developing further Industry experience (FSI, TMT, CB, ER&I, etc.)