- Responsibility for performing IT-related audits and examinations to determine the compliance of agencies, authorities, municipalities, and schools, including reviews of physical and logical access controls, general IT controls, and application controls, and the writing and presentation of findings reports of technical issues to a non-technical audience.
- Responsibility for the analysis and evaluation of information systems, such as platforms, applications, network infrastructure, and/or IT-related operational practices and the writing and presentation of reports of findings suitable for non-technical audience.
- Responsibility for supporting an audit group, such as designing, developing/programming, maintaining technological solutions in support of audit activity, and evaluating and developing artificial intelligence programs in support of audit activity.
- A master's degree may be substituted for an additional one year of IT audit experience (i.e., up to five years of experience).
- Information Systems
- Computer Science
- Information Technology
- Cybersecurity
- Supervise activities related to the audit engagement.
- Prepare for, and participate in, audit-related meetings, including the Scoping, Opening and Closing conferences.
- Utilize automated workpaper software to document IT audit plans, risk/control matrices, IT audit programs, sampling plans, potential observations, and draft IT audit reports.
- Document the detailed design of the area (function/unit) under audit via flowcharts and narratives.
- Discuss the design of the function under audit with relevant OSC management to ensure it accurately captures the detailed process under audit as well as the key risks (to achieving the unit's objectives) and related key controls.
- Assess the adequacy of the design of controls, identifying control weaknesses and other areas for improvement and developing recommendations for control improvement.
- Conduct detailed testing to determine the level of compliance with the design of the key IT control policies and procedures.
- Ensure that the IT audit work performed, and supporting documentation, complies with professional auditing standards and adequately supports any conclusions reached.
- Identify, with unit management's input, insightful recommendations for improving the function under audit.
- Prepare the initial draft of the proposed IT audit report for Internal Audit management.
- Research audit and IT related products and/or services.
- Remain current on IT industry trends and practices concerning IT infrastructure, new equipment and software, and any related vulnerabilities and issues that may impact OSC's IT internal control systems.
- Remain current on any changes to professional audit and IT standards.
- Comprehensive IT experience.
- Strong analytical skills.
- Working knowledge of internal controls.
- Security conscious.
- Ability to be objective and respect confidentiality.
- Ability to research IT products, IT industry changes, and industry-known vulnerabilities.
- Knowledge of industry standards/frameworks such as, International Professional Practices Framework (IPPF), Center for Internet Security (CIS) critical security controls, Standards for Internal Control in New York State Government, and National Institute of Standards and Technology (NIST).
- Strong verbal communication and interviewing skills.
Information Systems Auditor 1 - Albany, United States - StateJobsNY
Description
Do you want a career with a purpose that provides work/life balance? Apply today to join the Office of the New York State Comptroller.
No exam required under the New York Hiring for Emergency Limited Placement Statewide (NY HELPS)
Program:
Non-Competitive Qualifications for appointment under NY HELPS
Program:
A bachelor's degree in Computer Information Systems, Computer Science, Computer Programming, Software Development, Computer Networking, Cybersecurity, Information Security, Information Systems, Information Technology and three (3) years of IT auditing experience*; or an associate degree and five (5) years of IT auditing experience.
OR
OR
Education Substitution:
Preferred Qualifying Degrees:
A bachelor's degree in:
Duties Description Under the direction of the Information Systems Auditor 2 (SG-27), the Information Systems Auditor 1 (SG-23) is responsible for providing independent and objective appraisals of the IT environment and applications of OSC.
Strong written communication and documentation skills, i.e., ability to prepare workpapers, document meetings, document audit findings, and prepare draft reports.
Telecommuting:
The Office of the New York State Comptroller (OSC) supports telecommuting where it is reasonable to do so based upon the agency's mission and operational needs.
After the initial 8 calendar week restriction, if an employee's duties and work performance are aligned with telecommuting they may be allowed to do so.
Upon approval to telecommute, OSC employees may telecommute up to 5 days per pay period.Reasonable Accommodation:
The NYS Office of the State Comptroller provides reasonable accommodations to applicants with disabilities. If you need reasonable accommodation for any part of the application and hiring process, please notify the Division of Human Resources at
Candidates from diverse backgrounds are encouraged to apply.
The Office of the State Comptroller is an equal opportunity employer and is committed to workplace diversity, equity, and inclusion.
Some positions may require additional credentials or a background check to verify your identity.Name Jennifer Brantigan
Telephone
Fax
Email Address
Address
Street Office of Human Resources
110 State Street, 12th Floor
City Albany
State NY
Zip Code 12236
Notes on Applying Submit a clear, concise cover letter, resume, and a completed copy of this template:
via email to no later than July 1, 2024. Documents must be sent as unlocked and accessible attachments.
Reference NY HELPS- Info Sys Auditor 1 (Albany) in the subject line of your email and on your cover letter for proper routing.
Important Notes:
To access the required template, copy the link above and paste it into your web browser, then download, complete, and save to submit with your email response.
You MUST complete the linked template in full to demonstrate you meet the minimum qualifications for this position.Interview selection is based SOLELY on the information you provide in this document, incomplete or vague information will not be viewed in your favor.
Be sure to submit an unofficial copy of any transcripts you may have with your cover letter, resume as there are educational requirements for this position.