Company Profile
Training Catalogue
POPIA Compliance

    Join Our Team

    Information Security Auditor

    Ideal Start Date:
    Proposed Salary:
    Dependent on background/ experience
    Contract Type:
    Fixed Term Contract
    Office Location:
    Pretoria Office

    General Job Specifications

    • Implements security controls, risk assessment framework, and program that align regulatory requirements, ensuring documented and sustainable compliance that aligns and advances College business objectives.
    • Evaluate risks and develops security standards, procedures, and controls to manage risks. Improves PCC’s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
    • Implements processes, such as GRC (governance, risk, and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
    • Defines and documents business process responsibilities and ownership of the controls in GRC tool. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
    • Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally Identifying Information (PII) data, and Payment Card Industry Data Security Standards (PCI DSS).
    • Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
    • Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
    • Assists other staff in the management and oversight of security program functions.
    • Trains, guides, and acts as a resource on security assessment functions to other departments within the College.
    • Remains current on best practices and technological advancements and acts as the College’s technical resource for security assessment and regulatory compliance.
    • Performs other related duties as assigned.

    Experience and Qualification Requirements

    • A degree in information technology/ computer information systems or related. (essential)
    • Certified Information Systems Auditor (CISA) (essential).
    • 2 years of work experience as an IT auditor.
    • Experience with Firewalls (functionality and maintenance), Office 365 Security, VSX and end point security.
    • Expert in firewalls, VPN, Data loss prevention, IDS/IPS, Web-Proxy, and security audits.
    • Clear understanding if Information Security audit methodologies.
    • Ability to work under pressure in a fast-paced environment.
    • Strong attention to detail with an analytical mind and outstanding problem-solving skills.
    • Great awareness of cyber security trends and hacking techniques.