Principal Specialist: IT Internal Audit

Apply now »

Date: 12 Mar 2026

Location: Midrand, ZA

Company: Vodafone

When it comes to putting people first, we're number 1. 

The number 1 Top Employer in South Africa. 
Certified by the Top Employer Institute 2026. 

 

Role Purpose/Business Unit:

 

The Principal Specialist: Cyber Security Auditor will be responsible for providing input into the annual audit plan and timely execution of risk-based independent assurance activities within the area of Cyber Security across the Vodacom Group. In addition, this role will provide guidance and best practices to the Internal Audit team and client departments on relevant current and emerging cyber-security threat management. In addition, this role will provide guidance and best practices to the Internal Audit team and client departments on relevant current and emerging cyber-security threat management. This position reports to the EHOD: IT Internal Audit, which in turn reports to the Vodacom Group Head of Audit.

Your responsibilities will include:

 

  • Lead the scoping, planning, delivery and reporting of cyber security audits in the Technology domain across all Vodacom Group in accordance with the Internal Audit methodology
  • Identify, develop, and document audit issues and recommendations using independent judgment concerning areas being reviewed
  • Document impactful audit reports
  • Perform technical audits on topics such as 5G, cloud, Internet-of-Things (IoT), Blockchain and other emerging technologies
  • Be the subject matter expert within the Technology domain in the areas of cyber security and ethical hacking
  • Incorporate the use of data analytics within the audit approach to increase the extent of assurance, quality of insight, and efficiency of our audits
  • Follow-up on outstanding cyber security audit actions
  • Support the EHOD: IT Internal Audit and peers, in delivery of audit plans by providing knowledge and expertise
  • Manage relationships with Technology Senior Stakeholder
  • Produce excellent quality audit work

 

Key performance indicators:

  • Assist with the preparation of the annual audit plan in terms of cyber security audits that should be performed
  • Preparation and delivery of end-to-end audits in line with Internal Audit Methodology and in this area of specialisation with minimal supervision
  • Lead cyber-security related audits
  • Ensure that audits are performed in accordance with the requirements of the Internal Audit methodology and IIA standards
  • Document high quality, impactful audit reports
  • Ensure that follow-ups of actions are conducted as per the Internal Audit methodology
  • Ensure audit quality is maintained through self- and peer-review of audit work and reports
  • Develop and maintain high quality knowledge base and share best practices in the area of cyber security

The ideal candidate for this role will have:

 

Technical: must have one of the following:

  • CEH or OSCP 

 

Professional qualification strongly preferred:

  • CISA, SSCP, CISSP, CISM, ISO27001 and CRISC or ITIL (Essential)
  • Relevant IT bachelor and/or postgraduate degree (e.g. BSC Computer Science, B. Com Informatics/ B.Com Information Systems) or any other relevant qualification) (essential)

 

Experience required:

  • Cyber security- either in implementation or operations or assessment role - minimum 3 years (essential)
  • Internal or External Audit experience-minimum 3 years (advantage)
  • Telecommunications and financial services industry experience (advantage)

Core competencies, knowledge, and experience:

 

  • Experienced in the area of Cyber Security – either in an implementation, operation or assessment role
  • Technical knowledge on penetration testing, ethical hacking, IT/information security/ cyber security standards and frameworks such as ISO27001, NIST CSF and GITC
  • In depth hands-on experience with Vulnerability Scanning Tools like Qualys, Nessus or TVM
  • Experience supporting Vulnerability Management, DLP, WAF, EDR and other solutions
  • A diverse security background with knowledge in several areas including: layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance
  • Web Security & Encryption
  • Experience in audit (external and internal) and familiar with Internal Audit standards
  • Industry specific experience with mobile/ financial services and telecoms or related businesses
  • Excellent English communication, report writing, presentation, negotiation and conflict management skills to interact effectively with senior management
  • Excellent English communication, report writing, presentation, negotiation and conflict management skills to interact effectively with senior management.
  • Ability to think analytically, creatively and independently.
  • Strong interpersonal, communication, negotiation and conflict management skills with the ability to interact with all levels of the organisation.
  • Strong organisational skills, including ability to multi-task, prioritise, in order to meet deadlines and be comfortable with a changing environment
  • Experience in data analytics (scoping, delivering and/or consuming) e.g. in tools such as PowerBI or QlikSense or SQL.
  • ‘Digital’ skills, i.e. fluent in working with audit software and the Microsoft Office365 suite (Excel, Word, PowerPoint, Teams, etc.)
  • Experienced in working within complex multinational and/or multi-cultural environments.
  • Willing to travel, mostly within the Africa continent.
  • Ability to adapt hybrid working (home/office balance).
  • Ability to work independently and within a team

We make an impact by offering:

 

  • Enticing incentive programs and competitive benefit packages
  • Retirement funds, risk benefits, and medical aid benefits
  • Cell phone and data benefits, advantages fibre connection discounts, and exclusive staff discounts offered in collaboration with partner companies

 


Closing date for Applications: 19 March 2026 

 


The base location for this role is Midrand, Vodacom Campus     

 

 

The company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.
Vodacom is committed to an organisational culture that recognises, appreciates, and values diversity & inclusion.