Manager, Internal Auditing

Your day at NTT DATA

Key Responsibilities:

• Assist in managing the planning, execution, and reporting of IT and cybersecurity audits in accordance with the annual audit plan.
• Evaluate the design and effectiveness of IT general controls (ITGCs), application controls, and cybersecurity controls across infrastructure, cloud, AI and business systems.
• Assess compliance with internal policies, regulatory requirements, and industry frameworks (e.g., NIST, COBIT, ISO 27001, CIS).
• Provide insight in cybersecurity risk assessments, incident response reviews, and third-party risk evaluations.
• Collaborate with IT, Security, and Risk stakeholders to identify control gaps and recommend practical, risk-based solutions.
• Prepare audit reports and present findings to management and governance committees.
• Monitor remediation of audit findings and validate closure of corrective actions.
• Support continuous improvement of audit methodologies, tools, and data analytics capabilities.
• Stay current on emerging cybersecurity threats, technologies, and regulatory developments.
• Determines and plans the scope and objective of an internal audit and relevant methods and process to be applied.
• Manages and ensures reporting with the external auditors, Governance, Risk & Compliance and ensure awareness of the workings in the audit and the areas of concern.
• Remains current with auditing best practice and legislation to advise on the analysis and review of a variety of areas in the business depending on the scope identified in the audit plan.
• Oversees the work of a team of auditors to ensure accuracy of process implementation and findings.
• Ensures the preparation of a final audit report for submission and distribution to the various stakeholders and ensure that the adequacy and effectiveness of stakeholder action plans are assessed, and implementation is monitored and reported in writing.
• Contributes to the review of the outcome of the audit process in terms of its objectives, quality, completeness and feedback.
• Ensures the communication and presentation of this information to the auditing committee and senior management, reporting on the policies adopted for auditing, and the programs and activities of the Auditing team.
• Ensures effective coordination and engagement with other assurance providers.
• Assists the senior managers with portfolio related priorities.

Knowledge and Attributes:

• Excellent management abilities to inspire and motivate team to perform well.
• Specialist auditing knowledge and are process driven individuals who have excellent interpersonal skills.
• Display impeccable attention to detail.
• Display excellent analyzing and problem-solving ability.
• Good knowledge and understanding of IT industry environment and business needs, combined with strong understanding of business process.
• Ability to provide continuous performance feedback and encourage growth and development of employees.
• Excellent written and oral communication skills, with the proven ability to present and explain complex information and suggest process improvements to diverse audiences.
• Ability to effectively establish and maintain working relationships with peers, senior leadership and all levels of the organization, with a positive and professional image.
• Ability to work successfully in a matrix/global organization.
• Excellent planning and organizational skills.
• Broad understanding of project management principles.
• Ability to thrive under pressure, function and deliver effectively in a fast-paced environment.

Academic Qualifications and Certifications:

• Bachelor’s degree in Information Systems, Computer Science, Information Technology, or a related field.
• Honours degree in Information Technology, Computer Auditing, or a related discipline is preferred.
• Professional certification(s) required: Certified Information Systems Auditor (CISA) and or Certified Public Accountant (CPA), Certified Internal Auditor (CIA) or related designation.
• Minimum of 6–8 years of progressive experience in IT audit, cybersecurity, or IT risk management, with at least 2 years in a supervisory or managerial capacity.
• Bachelor's or equivalent degree or equivalent in Accounting, Finance, or related field.
   

Required experience:

• Demonstrated knowledge and practical application of cybersecurity frameworks and standards, including NIST Cybersecurity Framework (CSF), COBIT, ISO/IEC 27001, and related regulatory requirements.
• Strong understanding of IT general controls (ITGCs), application controls, and cybersecurity governance.
• Experience in auditing cloud environments (e.g., AWS, Azure), enterprise applications, and infrastructure platforms.
• Familiarity with data privacy and protection regulations (e.g., GDPR, DORA, POPIA) is beneficial.
• Excellent written and verbal communication skills, with the ability to present complex technical issues to non-technical stakeholders.
• Proven ability to manage multiple priorities, lead audit engagements, and deliver high-quality outcomes under tight deadlines.
• Advanced audit management experience in a related environment, managing people, processes to achieve corporate, regulatory and divisional objectives.
• Advanced experience with and understanding of the deliverables of a regulatory and financial audit function.
• Advanced demonstrated experience management audit projects and teams.