Jobs at du (Now Hiring) — 3 open

Key Accountabilities:

• IT Audit Planning & Execution – Develop and deliver comprehensive risk‑based IT/technology audit plans covering ITGCs and key technology domains (e.g., application and interface controls, infrastructure/operations, identity & access, change/release, backup/recovery, cybersecurity, cloud, data, and DevSecOps).
• End‑to‑End Engagement Management – Lead the full IT audit lifecycle from scoping and planning through fieldwork, issue validation, reporting, and remediation tracking in line with Internal Audit methodology.
• Reporting & Communication – Produce clear, concise, and impact‑oriented IT audit reports for the Director, articulating key risks, control gaps, root causes, and actionable technology‑focused recommendations.
• Stakeholder Partnership – Collaborate with IT service owners, architects, security, and business leaders to agree pragmatic action plans, set remediation timelines, and monitor closure of findings to sustainably reduce risk.
• Regulatory & Standards Alignment – Maintain current knowledge of relevant frameworks and regulations (e.g., COBIT, ISO/IEC 27001, NIST CSF, ITIL, data privacy/cyber mandates) to ensure audit approaches remain fit‑for‑purpose and comprehensive.
• Continuous Improvement & Analytics – Enhance audit methods, tooling, and automation, leveraging data analytics, control telemetry, and continuous monitoring to increase coverage, efficiency, and the insight quality of IT assurance.

Qualifications, Experience and Skills:

• Bachelor's degree in IT, Cybersecurity, or related field
• Professional certification (CISA, CISM, CISSP, or equivalent) mandatory requirement 
• 10+ years of progressive experience in internal audit, external audit, IT audit, cybersecurity, or technology control functions.
• 2–3 years of supervisory or managerial experience leading IT or technology audit teams.
• Demonstrated expertise in assessing IT controls, including ITGCs, application controls, cybersecurity processes, and technology elements supporting financial reporting (ICOFR).
• Strong understanding of risk‑based audit methodologies and assurance frameworks (e.g., COSO, COBIT, NIST, ISO 27001, IIA Standards).
• Experience with data analytics, automation, and audit‑support tools (preferred), with the ability to leverage technology to enhance audit efficiency and insight quality.
• Strong understanding of technology‑enabled control environments, including how IT processes, systems, and configurations impact financial reporting, compliance, and operational integrity.
• Advanced knowledge of internal control frameworks and IT risk management principles, including ITGCs, application controls, cybersecurity controls, and technology governance.
• Excellent analytical, critical‑thinking, and problem‑solving skills, with the ability to evaluate complex IT environments and identify control gaps with precision.
• Proficiency in data analytics tools and audit management platforms, leveraging automation and analytics to enhance IT audit coverage and insight quality.
• Strong project management capabilities, with the ability to lead and coordinate multiple technology audit engagements concurrently.
• Exceptional written and verbal communication skills, enabling clear articulation of technical risks, control deficiencies, and recommendations to stakeholders at all levels.
• Advanced proficiency in Microsoft Excel, data visualization tools, and experience working with ERP and core IT systems, including understanding of system configurations, logs, and automated controls.
• Ability to build strong, collaborative relationships with IT, cybersecurity, operations, and business teams to drive effective remediation and strengthen the control environment.