Director, Audit Response & Compliance Operations

State of Maryland•Anne Arundel, MD

9d•Onsite

About The Position

The Department of Information Technology (DoIT) leads the State in the creation and implementation of information technology solutions that improve IT infrastructure and government services and keep Maryland current within IT industry trends. Within DoIT, the Compliance Unit safeguards the integrity of the State’s IT operations by ensuring that audit, regulatory, and policy obligations are met with rigor, transparency, and enterprise-wide consistency. As a newly established function, Compliance Unit is building the structure, standards, and tooling that will define how Maryland responds to audit and regulatory scrutiny for years to come. This is an exciting opportunity to shape an enterprise capability from the ground up. This is a contractual position with limited benefits.

Requirements

Bachelor’s degree in Information Technology, Computer Science, Information Systems, Business Administration, Accounting/Finance, or a related field
Three (3) years’ experience performing one or more of the following in an information technology environment: audits, compliance reviews, risk management and/or quality assurance
Candidates may substitute two additional years of qualifying experience for the degree requirement

Nice To Haves

One year of audit, compliance, risk management or quality assurance experience in a public sector information technology environment (county, state, or federal)
Hands-on experience in ServiceNow, including workflow configuration and reporting
One year experience using workflow and routing platforms, as well as complex spreadsheets, to track audit activity as scale
Demonstrated experience partnering with Senior Leadership to enterprise governance, risk, or compliance initiatives.

Responsibilities

Direct enterprise intake operations across email and ServiceNow, ensuring every audit request – internal, external, or legislative – is formally captured, classified, and accountable to a defined owner from the moment it enters the organization.
Establish and enforce service level expectations, escalation thresholds, and operational throughput standards to prevent response degradation, missed commitments, or reputational exposure.
Govern workflow and routing automation so requests are assigned to the correct owners on first touch and escalated when delays or risks emerge.
Serve as steward of the authoritative audit repository, standard templates, operating procedures, and record retention discipline, preserving evidentiary integrity and audit defensibility.
Lead cross agency response coordination to deliver unified submissions, consistent messaging, and full enterprise visibility into open audit obligations and corrective actions.
Produce executive level reporting on audit posture, throughput, aging, and risk trends to inform Senior Leadership and external stakeholders.
Drive continuous improvement of SAROM by analyzing performance data, capturing lessons learned from completed engagements, and evolving intake, routing, and escalation standards to keep pace with changing regulatory and operational demands.
Partner with DoIT leadership, agency liaisons, and external auditors to build trusted working relationships, clarify expectations, and resolve disputed or ambiguous findings before they escalate.