Consultant - IT Controls Assurance

Company overview

Join a team where individuality is valued and your ideas can create meaningful impact. Deloitte’s Audit, Assurance and Reporting Advisory practice in Christchurch is seeking a Consultant to strengthen its IT Controls Assurance team.

This opportunity is suited to someone with a background in external audit, internal audit, or risk management within a professional services environment. The role calls for experience in general IT controls, automated controls, and/or IT risk management, along with at least 4 years of relevant experience.

About the team

The IT Controls Assurance group partners closely with financial auditors to understand client business models, strategies, processes, IT architecture, and risk exposure. The team keeps pace with emerging technologies, helps shape audit approaches for technology-related financial risks, and supports clients in improving the maturity of their IT control governance across multiple industries.

You will work in a highly integrated audit environment, helping plan audits with financial auditors, coordinating fieldwork, evaluating the design of controls, and assessing whether internal controls over IT processes and systems are operating effectively to protect the integrity of financial reporting.

What you will do

• Collaborate with project teams, internal specialists, and senior leaders across the business, with opportunities to work with colleagues nationally and sometimes internationally.
• Take ownership of fieldwork and deliver IT audits for clients across different industries, while supporting engagement managers with management and executive reporting.
• Coach and develop junior team members to support their learning and professional progress.
• Dig into how businesses use IT, understand their operating priorities, and identify where technology-related risk may arise.
• Contribute ideas for better ways of working and help design improvements to processes and controls.

What we are looking for

Bring your IT Controls Assurance background and add value to a team that works on complex client challenges.

• At least 2 years of IT audit experience, including general IT controls, automated controls, and service auditor reporting, preferably gained in a Big 4 or mid-tier professional services firm.
• A relevant professional accreditation such as CISA or CA.
• Strong attention to detail to ensure findings are complete and accurate.
• Solid problem-solving ability to identify control weaknesses and risks, and help implement improvements to security and financial processes.
• Excellent written and verbal communication skills for presenting audit findings, recommendations, and risk assessments.
• Ability to coach and mentor junior colleagues.
• Experience with IT systems and coding formats such as SAP, Oracle, Workday, SQL, or Java.

Additional information

The organisation is committed to making a positive difference for clients, communities, and employees. Its values include looking after one another and fostering inclusion so that people from all backgrounds can feel welcome and supported to reach their potential.

Rewards and benefits

The workplace is built around trust, balance, wellbeing, and personal connection, with recognition extending beyond pay.

• Flexible work arrangements tailored to fit you, the business, and clients.
• Subsidised professional qualifications and paid professional memberships.
• Subsidised health insurance.
• Income protection insurance.
• 22 days of annual leave.
• Social events, social sports teams, and monthly firm drinks.
• A strong emphasis on wellness and wellbeing.
• Volunteer days with a community focus.
• Commitment to environmental sustainability.
• Other benefits and opportunities not listed here.

Equal opportunity and application note

The employer is an equal opportunities organisation and encourages applications from people of all backgrounds. Candidates who are enthusiastic about the role are encouraged to apply even if their experience, working hours, or qualifications are not a perfect match.

Security notice

Be cautious of phishing attempts that may impersonate recruiters. Official communications are sent only from verified company domains and approved interview platforms. If an email looks suspicious, confirm its legitimacy through the organisation’s official contact channel.