Senior IT Assurance Lead

Join to apply for the Senior IT Assurance Lead role at Sasol . Get AI-powered advice on this job and more exclusive features. Sasol is a global integrated chemicals and energy company with a 75-year heritage. Through our talented people, we use our expertise and selected technologies to safely and sustainably source, manufacture and market chemical and energy products globally. When you join Team Sasol, you are joining a company that puts people at the center of everything we do. Sasol invests in its employees along every stage of the career path and offers development opportunities to help you cultivate your career in a culture that embraces diversity and inclusion. Purpose of Job To Lead and execute IT second level assurance over IT General Controls (ITGCs) including Manage and execute audits with a specific focus on information technology and cyber security within the Sasol Group in order to mitigate risks impacting Sasol’s operations and to provide subject matter expertise and ensure compliance with Sarbanes-Oxley (SOX) requirements. The role includes monitoring, reporting, and advisory support for ITGC design and operating effectiveness. Support for control deficiency management by conducting risk and impact assessments and advising on remediation strategies in alignment with external audit standards such as PCAOB, COSO and Sasol Assurance Services Operating Manual. Advising on continuous improvement in control design and operational effectiveness, when performing Second-level assurance over IT General Controls (ITGC). Key Accountabilities Manage area of responsibility in respect of understanding the IT/IM environment, identification of high-risk areas, and to compile the audit plan for the area of responsibility. Maintain up to date knowledge in respect of the IT/IM area of responsibility to provide timely guidance to the stakeholders and team on controls, changes in the environment and emerging technologies and risks. Sharing changes and developments in the area of responsibility upwards to the Senior Manager IM GRC. Be the first contact point for IM stakeholders in respect of area of responsibility. In conjunction with other team members in IM GRC, manage the timing of audit engagements to ensure the timely completion of the audit plan. Compile and review planning memorandums and audit programs to ensure focus on high level risks and internal control taking into consideration strategic objectives. Execute audits by identifying risks and weaknesses and ensuring that processes and systems comply with applicable policies, standards, statutory and regulatory requirements. Manage and execute planned and ad-hoc audits (own and managed audits) as well as resources in line with planned budgetary requirements and set timelines to contribute to the completion of the IM GRC Audit Plan. Conduct audits to provide assurance that the internal system controls established by management to safeguard assets and liabilities of the company are adequately designed and operating effectively. Oversee and independently monitor IT General Controls (ITGCs) by developing assurance frameworks, performing second-level assurance, assessing key IT risks, and recommending remediation for identified control gaps. Ensure the submission of factual and timely reports (own and managed) within the required reporting protocol, and integrate changes as required from stakeholder feedback. Ensure that all audit working papers including the evidence supporting audit report findings and results are adequately captured/ documented. Review audit reports and working papers of audits managed when requested by Senior Manager or Head / Vice-President of IM Department. Plan, manage, execute and report on management requested audits, when required. Conduct quality reviews and peer reviews and adhere to quality improvement practices. Complete all review notes of audits managed and take appropriate corrective actions. Provide expert advice to IM Function on best practice and effective implementation of relevancy IT / group policy. Respond to management queries in relation to the internal control environment within area of responsibility. Contribute to the compilation and submission of reports to IM EXCO, the Group Executive Committee, Governance Committees, Executive Committees and Sasol Limited Audit Committee. Monitor progress against annual audit plan, identify significant governance issues, and elevate to top management as required. Engage with relevant stakeholders, attend relevant stakeholder forums and provide specialist advice. Contribute to the development and drive implementation of the integrated risk based annual assurance plan. Contribute to the development of auditing policies, procedures, and programs in alignment with Sasol Assurance Services methodologies. Keep up to date with and share knowledge in respect of new/ emerging developments in the internal audit profession and technological solutions. Stay abreast with new developments in the Sarbanes Oxley (SOX), COSO, PCAOB, the various accounting standards as well as auditing requirements related to the JSE and NYSE listings. Execute and provide support non-audit activities as allocated. Formal Education University Bachelor’s degree Information Systems, Computer Science, IT Auditing, or related field. Professional Certifications Professional certifications such as CISA, CRISC, CGEIT, or CIA advantageous. Minimum Experience 11+ relevant years of experience; 7+ years in IT audit, risk or assurance roles within large organisations. Key Skills Strong understanding of IT risk, COSO, COBIT, ITGCs, and governance / control frameworks. Experience in second-line assurance and control monitoring. Familiarity with GRC tools and data analytics platforms. Certification Requirements Minimum requirement is a University Bachelor’s degree in Auditing and/or Information Technology. Chartered Accountant – CA(SA) or Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) is advantageous. Chartered Accountant – CA(SA) is advantageous. Required Personal And Professional Skills TC_Policies and Procedures TC_Analyse Alternatives and Recommend Solutions TC_IM Application Development TC_Market Analysis TC_Document and Model User Requirements LC_Commercial Agility LC_Business Ownership LC_Drives Innovation LC_Customer Centricity LC_Collaborative LC_Inspirational LC_Builds Talent LC_Developing Self LC_Partnerships LC_Delivery Excellence Equal Opportunity Statement Sasol is an equal opportunity and affirmative action employer. Inspired by our Purpose of "Innovating for a better world", Sasol acknowledges that diversity is intrinsic to the fabric of our organisation and is the key to our growth and success. Sasol is committed to the full inclusion of all suitably qualified individuals. Preference will be given to applicants from designated groups and people with disabilities according to Sasol’s Employment Equity Plan. This includes reasonable accommodation to enable individuals with disabilities to perform essential job functions. Note on Application Process Our automated process is designed to efficiently assess a large volume of applications. Should you not hear from us within 60 days of the advert closing then kindly consider your application unsuccessful. Thank you once-more for your interest in Sasol as your employer of choice, and we wish you all the best with your career aspirations and future applications with us. #J-18808-Ljbffr