Description
- Supervises IT Audits and IT Specialized Projects: Assists in ensuring the division IT Testing Labs contain the most up to date collection of hardware and software to allow simulations and tests of computing environments that will be audited. In this test environment, researches and tests new techniques, exploits, tools and technology to be used during audits and special projects for audit work. Trains appropriate staff in lab environment.
Assists in developing division audit plans and risk assessments of IT systems and operations and determines their impact on programmatic goals and objectives. Plans and defines areas and applications to audit and examine for special projects. Consults with other division auditors on IT areas within their audits/projects and assigns appropriate staff to help the teams.
Reviews overall IT testing methodologies used by the staff to ensure methodologies use sound IT techniques and follow standards. Reviews overall work of the audit team on the various audits and projects. Ensures work of staff addresses assigned activities, significant issues, is completed within assigned budget and ensures that staff is productive and efficient in their activities. Reviews and approves audit evidence and documentation of work prepared by staff for accuracy and compliance with IT and government audit standards. Conducts quality assurance responsibilities to comply with audit and OSC/division standards.
- Audit Reports: Reviews and edits reports written by staff to ensure reports are clear, concise, objective, complete, accurate, well organized, and meet OSC/division’s reporting standards.
- Train and Evaluate Staff: Trains Information Systems Auditor 1s on various IT audit-related techniques such as vulnerability assessment techniques and any new technologies, exploits, or tools. Prepare evaluations that are accurate, objective, balanced and timely.
- Other: Develops subject matter expertise for technology related agencies. Engages with external IT subject matter experts; for example, to help identify, research, and assess emerging technologies that will aid in the assistance of audits and special projects. May attend budget hearings for technology related agencies and issues.
Desired Competencies or Knowledge, Skills and Abilities:
- Demonstrates strong leadership abilities
- Strong interpersonal and team skills
- Strong verbal and written communication skills
- Demonstrates a vision which links goals of staff and team with OSC and SGA
- Strong experience in use of various IT audit software tools and techniques to identify system weaknesses
- Strong experience with network operating systems, security software system, and key application systems
- Advanced capacity in auditing skills, such as professional skepticism, persistence, creative thinking and risk taking
- Strong research skills in obtaining and validating critical information
- Strong analytical and problem-solving abilities
- Demonstrates knowledge of ongoing and emerging issues in technology and the audit profession.
- Strong supervisory skills, including coaching and developing staff
Minimum Qualifications:
The incumbent must have one year of service as an Information Systems Auditor 1 or at least 8 years of Information Technology audit experience, which must have been gained in any one of combination of the following (experience may be concurrent) See education and experience substitutions below.
- Responsibility for performing IT-related audits and examinations to determine the compliance of agencies, authorities, municipalities, and schools, including reviews of physical and logical access controls, general IT controls, and application controls, and the writing and presentation of findings reports of technical issues to a non-technical audience.
- Responsibility for the analysis and evaluation of information systems, such as platforms, applications, network infrastructure, and/or IT-related operational practices and the writing and presentation of reports of findings suitable for non-technical audience.
- Responsibility for supporting an audit group, such as designing, developing/programming, maintaining technological solutions in support of audit activity, and evaluating and developing artificial intelligence programs in support of audit activity.
- An associate’s degree may be substituted for up to two years of IT audit experience; a bachelor’s degree may be substituted for up to four years of IT audit experience; a master’s degree may be substituted for an additional one year of IT audit experience (i.e., up to five years of experience). There is a maximum of 5 years of educational substitution.
- Additionally, one year of generalized audit experience* may be substituted for one year of IT audit experience.
To Apply:
Submit a clear, concise cover letter, resume, and a completed copy of this template:
https://www.osc.state.ny.us/files/Jobs/docs/02916-information-systems-auditor-2-mq-template-10-2023.doc to recruit@osc.ny.gov, no later than November 30, 2023. Reference Item #02916-Monster-SAB in the subject line and on the cover letter for proper routing.
PLEASE NOTE: You MUST complete the linked template in full to demonstrate you meet the minimum qualifications for this position. Interview selection is based SOLELY on the information you provide in this document, incomplete or vague information will not be viewed in your favor. To access the required template, copy the link above and paste it into your web browser, then download, complete, and save to submit with your email response.
Human Resources mailing address:
Office of Human Resources
110 State Street, 12th Floor
Albany, NY 12236
Attn: Sara Burt
