Nkululeko Mazibuko
Senior IT Auditor
Durban
Summary
Dynamic Senior IT Auditor with extensive experience at Ernst & Young, specializing in ITGC and application controls. Expert in vulnerability assessment and compliance reporting, I effectively identified risks and enhanced internal controls. Proven problem-solver, delivering impactful audit findings and collaborating with cross-functional teams to strengthen cybersecurity measures.
Information technology professional with strong background in auditing and compliance. Adept at identifying risks, ensuring regulatory adherence, and optimizing security practices. Proven track record in team collaboration and achieving results, adaptable to changing needs. Skilled in risk assessment, cybersecurity protocols, and data analysis with focus on delivering measurable impact.
Overview
2
2
years of professional experience
1
1
Certification
Work History
Senior IT Auditor
Ernst & Young (EY)
02.2024 - Current
- Performed IT General Controls (ITGC) and Application Controls (ACs) testing across ERP systems to support financial audits, ensuring compliance with regulatory and client requirements.
- Conducted walkthroughs with process owners to document and evaluate access management, change management, and IT operations controls.
- Assessed privileged user access and system administration practices across Operating Systems (OS), Databases (DB), and applications, identifying risks and recommending control improvements.
- Utilized EY Helix tools to analyze large datasets and perform data-driven testing for audit efficiency and accuracy.
- Assisted in System and Organization Controls (SOC 1 & SOC 2) reporting by reviewing control design and operating effectiveness.
- Prepared audit reports and delivered presentations of findings and recommendations to management, highlighting risks, control weaknesses, and remediation strategies.
- Collaborated with cross-functional teams, including external auditors and client IT staff, to resolve control gaps and align on testing procedures.
- Prepared audit documentation with clear narratives, evidence, and supporting screenshots to meet PCAOB and EY audit quality standards.
- Supported risk assessments by analyzing IT environments, identifying key risks, and aligning testing strategies to organizational objectives.
Education
Bcom IT -
University of KwaZulu-Natal
Durban, South Africa 04.2001 -
Skills
Vulnerability assessment
Access control
Audit planning
Security awareness training
Application security
Internal controls
Incident response
Compliance reporting
Database security
Cybersecurity
Cloud security
Problem-solving
Incident response management
Certification
CISA - Certified Information Systems Auditor
Timeline
CISA - Certified Information Systems Auditor
06-2025
Senior IT Auditor
Ernst & Young (EY)
02.2024 - Current
Bcom IT -
University of KwaZulu-Natal
04.2001 -
Similar Profiles
Nina VannNina Vann
Manager/ Vice President at EY- PARTHENON (Ernst & Young – EY)Manager/ Vice President at EY- PARTHENON (Ernst & Young – EY)
Paloma LimaPaloma Lima
Audit & Data Intelligence Delivery Associate at Ernst & Young (EY)Audit & Data Intelligence Delivery Associate at Ernst & Young (EY)
Sydney AlloySydney Alloy
Senior People Consultant at Ernst & Young (EY)Senior People Consultant at Ernst & Young (EY)
ANELE NGCOBOANELE NGCOBO
Customer Service Representative at Exhibition PhotosCustomer Service Representative at Exhibition Photos
Tatenda MapongaTatenda Maponga
Care Assistant at Benevolent Home Health CareCare Assistant at Benevolent Home Health Care