Senior Auditor - Information Technology

About The Position

Requirements

• Knowledge of IT auditing standards, principles, techniques, methodologies, and practices promulgated by the U.S. GAO, AICPA, ISACA, and NIST.
• Ability to communicate effectively orally and in writing.
• Ability to establish and lead a team, including planning, assigning, and overseeing procedures to fulfill audit objectives.
• Ability to interpret complex agency policies, procedures, and goals for audit planning purposes.
• Ability to conduct complex information technology control audits.
• Ability to apply, analyze, and interpret data extraction and data analytics techniques, form conclusions, and coordinate action plans based on results.
• Ability to research and interpret technology-related State and Federal laws, regulations, rules, and compliance requirements.
• Ability to interpret and implement new auditing standards or accounting pronouncements.
• Ability to analyze and interpret complex IT system designs, logic, functionality, and related processes, including organizational procedures and workflow.
• Ability to assess audit risk for complex information technology systems and processes, and effectively adjust to changes as necessary.
• Ability to effectively secure and document facts through investigation and interviewing.
• Ability to develop effective testing strategies to verify IT system functionality and controls.
• Ability to effectively and consistently conclude whether agency IT controls meet requirements based on audit testing results.
• Ability to effectively prepare and classify audit findings and recommend appropriate corrective action.
• Ability to effectively write technical workpapers, reports, and other documents.
• Ability to review work of professional staff for accuracy, completeness, and adherence to professional auditing standards.
• A Bachelor’s Degree in Computer Science and/or Management Information Systems, - OR- a four (4) year equivalent combination of education, training, and/or progressively responsible professional experience in a related field that demonstrates a thorough knowledge of IT systems audits, technical knowledge covering multiple areas, such as IT security, change management, operating systems, software development, databases, networks and cloud computing.

Nice To Haves

• Professional certification as a Certified Information System Auditor (CISA).

Responsibilities

• Conduct independent and objective audits of information technology systems.
• Provide technical and audit support by assisting in the planning, designing, and performance of audit assignments in accordance with GAO, AICPA, ISACA, and NIST guidance.
• Provide guidance on the proper interpretation and practical application of IT auditing principles.
• Perform audits, analysis, and testing of information technology controls across various computing environments (physical, operating system, database, network, application, end-user processes, and security).
• Provide direct supervision to staff auditors by reviewing their work for accuracy, completeness, and adherence to professional IT auditing standards.
• Research laws and regulations to ensure proper administration of information technology systems used for State and Federal programs.
• Provide technical assistance to Senior Leadership and financial and program auditors.
• Act as a resource for State agency personnel by identifying risks based on testing of technology controls.
• Ensure State-administered programs comply with Federal laws, regulations, contracts, and agreements.

Benefits

• 13 paid holidays
• 3+ weeks of vacation leave annually
• 12 days of sick leave annually
• Health Insurance Coverage (State pays 85%-95% of employee-only premiums)
• Dental Insurance (State pays 100% of employee-only dental premiums)
• Retirement Plan (State contributes 14.11% of employee's pay towards MainePERS)