Location; Johannesburg 

At MCTG Consulting, we believe in the importance of empowering our people to be leaders at all levels. We connect our purpose and shared values to identify issues as well as to make an impact that matters to our clients, people and the communities. 

Overall scope of the work

• The IT Audit/ IT Consultant will be responsible for the examination and analysis of internal controls and business risks by performing IT audit work, developing audit scope, procedures, and preparing audit reports.
• He/she must have demonstrated knowledge of IT and experience executing audits that include network platforms 

Responsibilities 

• Manage multiple engagements at same time for various industries/sectors (e.g. Financial Services, Manufacturing, Automotive, Telecommunication, Life Science & Hospitality, Energy, Consumer Business, etc.)
• Provide both IT Audit support to Financial Audit team, and IT Risk services to clients (e.g. IT General Control & Application Controls Review, IT Compliance Review, IT Governance & Security Audit, IT Audit for SOX/JSOX/ICFR, Third Party Assurance & Risk Management, Data Analytics for Auditing, etc.
• Assess information security policies and supporting processes and help ensure IT compliance with regulatory requirements.
• Evaluate the effectiveness of clients’ information-processing controls across industries and business process cycles.
• Report key findings and outcomes of the assessment of the business and IT risk environment and its related controls
• Proactively identify other areas of business initiatives and changes in the business environemnt and assess their impact on the business control environment
• Establish and maintain good relationships with clients
• Establish policies, roles and responsibilities across organizations hierarchy with regard to business continuity management 
• Develop business continuity plans and crisis management plans
• Working specifically with leadership, identify new and emerging risks and then planning internally to monitor and control those risks
• Conduct information security risk assessments, vulnerability assessments through the incorporation of automated scanning and audits tools, performing IT General Controls, Application Controls and security audit.
• Perform control design and implementation services during process change and SAP implementation projects
• IT audit: Executing advisory engagements, including but not limited to IT audit reviews, ISAE 3402 assurance engagements and compliance reviews across a portfolio of local and international clients.
• Cyber specialist: Delivering security risk engagements supported by leading practices like ISO 27001, NIST 800-53, PCI, data privacy and relevant risk management frameworks.
• Providing support to management in engagement planning and management processes.
• Identifying additional opportunities to develop business for Advisory or other service lines
• Preparing reports for Clients’ Senior Management and Audit Committees 
• Staying involved in the preparation of proposals to Clients and preparing presentations & pitch materials.

Skills and Knowledge 

• Rigorous and autonomous 
• Strong communication and report writing skills
• Demonstrating ability to manage multiple engagements 
• Team player with a strong analytical mindset
• Ability to travel for business
• Good Knowledge of MS Office Tools
• Experience for IT audit: General IT controls, IT applications testing, IT internal audit, data analytics
• Experience for cyber specialist: Information governance and information security assessments using industry framework: ISO, NIST, SOC-2, PCI

Qualifications & Experience

• Professional qualifications would be an advantage
• Undergraduate and or master’s degree, preferably in accounting, IT, IS, AIS, Computer Science
• Proven experience in External or Internal Auditing and regulatory works
• Experience Internal Audit/ ISAE 3402 assurance preferable
• Relevant working experience of minimum 2 years or 5 for senior role, as IT Auditor or IT Administrator
• Able to appreciate business process issues and understand business transaction scenarios and how an application system (e.g. T24, Flexcube, Oracle, etc.) can support them
• Basic understanding of ERP configurations, e.g. SAP, Oracle, Navision. Ability to apply best practices of ERP systems in other ERP systems
• Resourceful and able to work out technical solutions.
• Good appreciation of fundamental accounting knowledge and or audit knowledge and financial controls
• Good grasp of IT technical concepts, e.g. Operating Systems (Unix, Windows, OS/400, etc.), Databases (Oracle, SQL, etc.)
• Able to handle multiple tasks and assignments
• Logical thinking, good attitude, fast learner and good team player
• Able to work under pressure and meet deadlines
• Proven experience in IT audit or Cyber
• Any of the Licensing or Certifications: CISA, CPA, CIA, CRISC, CISM, CIPP, PMP, CEO/CFO, SOC, CISSP

Salary range

• R615 000 – R1 995 900 per year depending on experience, skills and qualifications 

How to Apply? Send your resume by email to: careers@mctg-consulting.co.za

Application close: 21 June 2025