- To conduct risk-based technology focussed (IT) audit assignments ultimately to contribute to delivering on the internal audit plan approved by Santam's Group Audit Committee. This could include general computer control reviews, information & cyber security reviews, reviews of IT controls within the various business processes (Application Controls) as well as pre and post-implementation reviews with a focus on information security.
- Assignment work entails assignment planning, execution, reporting and audit follow up work (where applicable) including the following activities: Performing risk and control assessments; Developing, executing and in some cases, reviewing audit procedures; Preparing audit findings and unpacking root causes with management; Compiling an audit report and workshopping practical action plans with various levels of management which will support the achievement of the Santam Group's and our business partners strategic and financial objectives; Ensuring that audit work is documented on GIA's audit software tool and adheres to the required quality standards; and Ensuring that audit work is completed within time and cost budgets.
- Assist in reporting to various audit, risk & related committees.
- Provide input into annual audit planning.
- Follow up on audit issues raised and provide input into the reports to the audit committee and other relevant governance structures.
- Maintain quality standards in terms of the audit methodology, approach and documentation.
- Supporting and mentoring junior / trainee auditors.
- Client relationship management with internal Santam stakeholders as well as external stakeholders, with a focus on Information Security functions.
- Championing Internal Audit's role in the organisation by serving as GIA's representative at relevant, key Santam forums.
- National travelling to Santam offices and partners may be required.
- A relevant qualification (Diploma, Bachelors or Honours degree) in science, commerce, engineering, technology, information systems, informatics or similar.
- More than 4 years' experience in an audit/ consulting/ risk management/ governance or similar operations function and demonstrable exposure as per the job description.
- Experienced in performing IT general, information security and cyber security audits, including operating system and database security assessments/ reviews across a range of environments.
- Database and Operating systems security interrogation experience would be advantageous.
- An advanced understanding of internal audit disciplines, methodologies and practices.
- Experience in the insurance industry is preferred.
- Progress towards or completed CISA, CISM, CISSP or similar.
- Good understanding of relevant security and control frameworks such as COBIT, ITIL, COSO, OWASP, CIS & similar frameworks.
- Experience with industry leading audit software packages would be advantageous.
- Very strong numerical, analytical and conceptual skills
- Analytical ability and logical reasoning
- Understanding of key controls and risk management principles
- Strong time management
- Excellent interpersonal, communication and networking skills
- Relationship management (Strong client service orientation)
- Facilitation skills and ability to influence individuals, groups and teams
- Strong verbal and written communication skills
- Conflict management and negotiation skills
- Ability to work effectively in a team as well as by yourself
-
Information Security Analyst
1 day ago
Dimension Data Cape Town, South AfricaThe Information Security Analyst will be responsible for the planning, implementation and execution of daily/weekly/monthly security tasks that ensures that the clients are compliant with the required standards by providing analysis, administration, and advisory input. The focus ...
-
Information Security Solution Architect
2 hours ago
iLaunch Cape Town, South AfricaCollaborate with Information Security Architect · Ensuring compliance on Information Security Standards and controls · Manage enterprise information assets · Tertiary Qualification · CISSP, CISM, CISA & ISSAP · 5 Years experience in a lead role within IT Security environment · 5 ...
-
Information Security Administrator
23 hours ago
Sanlam Bellville, South AfricaWho are we? · Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services ...
-
Cyber Information Security Analyst I
1 day ago
Sanlam Bellville, South AfricaWho are we? · Sanlam Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. We operate the various technology platforms and shared services ...
-
Senior Manager: Compliance and Data Protection
23 hours ago
Dimension Data Cape Town, South AfricaCompliance and Data Protection Management is a global position that supports the NTT business by way of protecting NTT's brand, warranting compliance to its regulatory and contractual obligations. A critical component of this role is to ensure strategic and operational alignment ...
-
Senior Manager: Compliance and Data Protection
2 hours ago
HR Genie Cape Town, South AfricaOur Client a Global Tech firm is seeking a Senior Manager: Compliance and Data Protection to join their team in Cape town. They offer stability, growth, attractive salary along with excellent benefits and a great working environment. · Compliance and Data Protection Management is ...
-
Senior Specialist Cyber Security Defense
2 hours ago
Optimal Growth Technologies Cape Town, South Africa**Brief Description** · Reporting to **Manager Cyber Security Prevent & Defense**,as the **Specialist Cyber Security Defense**, you will be responsible for · **Key Roles**: · - Coordinate optimization of the Operational & Monitoring Defense cyber security baselines (CSB) controls ...
-
Senior Azure Cloud Security Architect
1 day ago
SUMMIT Africa Recruitment Cape Town, South Africaand Devops practices that meet strict regulatory security and compliance · requirements. · **Responsibilities** · - Work in collaboration with Devops and Cloud Engineers toward a DevSecOps practice that conforms to Security · - and Privacy by Design principles · - Guide business ...
-
Senior Security Officer
1 day ago
De Beers Group of Companies Cape Town, South Africa**Company Description · - ABOUT THE DE BEERS GROUP OF COMPANIES**: · De Beers is a member of the Anglo-American plc group. Established in 1888, De Beers is the world's leading diamond company with unrivalled expertise in the exploration, mining and marketing of diamonds. Together ...
-
Network Security Architect
2 hours ago
CareerfinderZA Cape Town, South AfricaKey Performance Area: · - Expertise in SIEM, anti-virus software, intrusion detection, firewalls, and content filtering. · - Expertise in routing, switching, Wi-Fi technologies, load balancers and QoS. · - Deep understanding of networking protocols (IPSEC, HSRP, BGP, OSPF, 802.11 ...
-
Woolworths Cape Town, South AfricaAdvert reference: woolw_000641 · Advert status: Online · - **Position Summary** · **Industry**:IT & Internet · **Job category**:Others: IT and Telecommunication · **Location**:Cape Town · **Contract**:Permanent · **Remuneration**:Market-related · **Introduction** · We are searchi ...
-
Security Operations Analyst
23 hours ago
DigiCert, Inc. Cape Town, South Africaat DigiCert · Cape Town · ABOUT DIGICERT · We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire in ...
-
Senior Manager: Compliance and Data Protection
2 hours ago
Centrax Systems Cape Town, South AfricaCompliance and Data Protection Management is a global position that supports the NTT business by way of protecting NTT's brand, warranting compliance to its regulatory and contractual obligations. A critical component of this role is to ensure strategic and operational alignment ...
-
Security Operations Analyst
23 hours ago
DigiCert Cape Town, South Africa**ABOUT DIGICERT** · We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and ...
-
Cloud Security Consultant Associate
1 day ago
EY Cape Town, South AfricaAt EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build ...
-
Security Analyst
23 hours ago
Impact Cape Town, South Africa**Our Company**: · If you are looking to join a team where your opinion is valued, your contributions are noticed, and enjoy working with fun and talented people from all over the world then this is the place for you. · If you have a desire to work in an organisation that is: · - ...
-
Cyber Security Audit Manager
2 hours ago
Adept Advisory (Pty) Ltd Cape Town, South AfricaMinimum Experience Level · - 4-5 years cyber and information security experience within an Audit function. Essential Qualifications - NQF Level · - Advanced Diplomas/National 1st Degrees Preferred Qualification · - Qualifications: Relevant BCom (Informatics/Information Systems) O ...
-
Customer Success Representative
1 day ago
The Vocation Station Cape Town, South Africa**Customer Success Representative (technical Cyber Security)** · **_ · **_We do have a great company culture with a hybrid / remote work policy_** · - The Customer Success Representative (CSR) is responsible for general communication, oversight of initiatives and being a single p ...
-
Cyber Security Analyst
1 day ago
Exclusively Remote Cape Town, South AfricaOne of our US based clients are looking for experienced Cyber Security Analyst/Specialist with a strong background in Cyber Security and prior experience working for a Managed Service Provider (MSP). · Responsibilities: · - **Cyber Security**: Implement and manage cyber security ...
-
Corporate Security Manager
2 hours ago
NCR Atleos Cape Town, South AfricaAbout NCR Atleos · NCR Atleos, headquartered in Atlanta, is a leader in expanding financial access. Our dedicated 20,000 employees optimize the branch, improve operational efficiency and maximize self-service availability for financial institutions and retailers across the globe. ...
Senior IT Auditor: IT, Information Security - Cape Town, South Africa - Sanlam
Description
What will you do?
A position as a Senior Auditor exists within Group Internal Audit : Santam Corporate Services, based in the Cape Town office.
To conduct various types of assurance and consulting reviews with the primary focus on IT, Information Security and Cyber Security audits across the Santam Group (Santam Ltd, subsidiaries, brokers, portfolio managers, underwriting agencies and partners). This will be done in accordance with the annual audit plan approved by Santam's Audit Committee and conducted in terms of International Standards for the Professional Practice of Internal Audit. The role requires someone with strong IT skills as well as the ability to engage the information and cyber security landscape and be comfortable interacting with IT security personnel. The role also requires a person who can apply our risk-based methodology, as well as lead and manage multiple audit assignments and work independently.
What will make you successful in this role?
Qualification and Experience
Skills
Core Competencies
Cultivates innovation - Contributing through othersCustomer focus - Contributing through othersDrives results - Contributing through othersCollaborates - Contributing through othersBeing resilient - Contributing through othersAbout The Company
Santam is the leading short-term insurer in South Africa. Along with its subsidiaries, the business transacts all classes of short-term insurance. Santam is a large, diversified, and transforming company and our success is rooted in our passion for our clients. Everything we do is centered on our delivery of insurance good and proper.