The Information Technology (IT) Auditor Senior is responsible for performing advanced, senior-level information systems auditing. The incumbent is responsible for leading and conducting technical audits of information systems, platforms, and operating procedures; prepares audit findings regarding information technology. The position will proactively work with Internal Audit staff, Information Security staff, Information Technology staff, the Legal & Compliance team, Executive staff, and agency employees.

​

WHAT WILL YOU DO:

Audit, Consulting, and Advisory Projects

• Performs information systems audits, including IT governance and strategic planning, IT general controls, application controls, information security, and evaluation of information technology operating procedures and internal controls.

• Conducts interviews of audit clients and prepares system and data diagrams to identify manual and systems process interaction and critical controls.

• Prepares audit reports dealing with complex and sensitive issues in a timely manner for internal and external audiences.

• Conforms to standard audit procedures in performing complex audit work, including identifying issues and developing recommendations, developing criteria for procedures, reviewing and analyzing relevant information, evaluating evidence, documenting business processes and procedures, and completing audit documentation.

• Evaluates and provides the appropriate levels of consulting, testing, assistance, and recommendations for the use, integration, maintenance, and enhancement of IT systems throughout the agency.

Risk Assessment and Annual Audit Plan

• Participates in the identification and evaluation of risk in the information technology/systems areas as part of the risk assessment process.

• Provides input and assists with the development of the Annual Audit Plan.

Departmental Support

• Maintains good rapport with IT management and keeps abreast of key IT projects and TRS initiatives

• Serves as an advisor or observer on TRS key committees or workgroups that are related to information technologies and/or key processes that may have data security or IT vulnerability concerns.

• Performs related work as assigned.

WHAT WILL YOU BRING

Required Education

• Bachelor’s degree from an accredited college or university in computer science, information systems, business administration or a closely related field.

​

Required Experience

• Five (5) years of full-time progressively responsible experience, including three (3) years of experience in:

• auditing information systems, controls, and security, or

• experience as an information security analyst or a cyber security analyst

• Experience may be concurrent.

• A master's degree or doctoral degree in a closely related field may be substituted on an equivalent year-for-year basis.

​

Required Registration, Certification, or Licensure

• Certification as a Certified Information Systems Auditor (CISA) or Certified Information Systems Security Profressional (CISSP).

​

Preferred Qualifications

• Bachelor or Master’s Degree in computer science or information systems

• Experience planning and coordinating audits in information systems.

• Experience performing complex information technology audit-related data analysis.

• Experience with ACL or similar data-mining tool.

• Experience with TeamMate Audit Management System or similar audit management tool.

• Experience in information security/cybersecurity background.

​

Knowledge, Skills, and Abilities

Knowledge of:

• Generally accepted information technology audit standards and practices.

• Information technology security and control practices.

• Information technology terminology, concepts, and practices.

Skills in:

• Evaluating information and systems, and drawing logical conclusions, assessing internal controls over key information systems risks.

• Planning and project management, and maintaining composure under pressure while meeting multiple deadlines.

• Conducting quality control reviews of audit work products.

• Negotiating issues and resolving problems.

• Using a computer in a Windows environment with Microsoft Office word processing, spreadsheet, and other business software to prepare reports, memos, summaries, and analyses.

• Effective verbal and written communications, including interpersonal and active listening skills and presenting findings and recommendations.

Ability to:

• Establish and maintain harmonious working relationships with co-workers management, staff, and external contacts.

• Work effectively in a professional team environment.

• Maintain professional ethical standards.