Senior Legislative IT Auditor II and/or IT Audit Team ...

This recruitment may be used for multiple vacancies Become part of an enthusiastic, energetic team that is passionate about good government If your career goal is to make a difference, and you are looking for a rewarding career that supports work/life balance consider joining the dedicated professionals at the State of Colorado, Office of the State Auditor (OSA). Our professional staff strives to support state government and the citizens of Colorado while providing a healthy and opportunity based work environment for our staff. If you are the successful candidate for this exciting opportunity you can expect to benefit from: Central downtown location by the Capitol Building with transportation reimbursements for parking, and bicycle commuters. Eco-Pass for public transportation Outstanding opportunities for professional development and continued skills training Limited travel required Engaged and dedicated leadership Excellent work-life programs including options for flexible schedules Strong, secure, yet flexible retirement benefits including PERA Defined Benefit Plan or PERA Defined Contribution Plan, plus 401 K and 457 plans Medical and dental health plans Life insurance options 11 paid holidays per year plus vacation and sick leave Short and long-term disability coverage The Colorado Office of the State Auditor (OSA) serves as the government accountability arm for the citizens of Colorado auditing state agencies, colleges, universities, and other recipients of state funds. We are committed to promoting economical, effective, ethical, and equitable government. Our audits focus on reducing costs, improving the quality of services, and ensuring the accuracy and integrity of information. We are winners of National NLPES and NSAA awards for Excellence in Auditing award. Work Environment Primarily work hours 8:00 am - 5:00 pm, Monday-Friday Hybrid - staff are required to work in office at least one day a week. The Office of the State Auditor (OSA) currently has two full-time positions to perform audit work in our IT Audit Division. We are seeking a Senior IT Auditor II and/or IT Audit Team Leader. These positions will be responsible for conducting risk-based IT performance audits to assess whether government programs and systems are designed, implemented and operate effectively, in compliance with policies, procedures, laws, regulations, and/or industry leading practices. The Senior IT Auditor II or IT Audit Team Leader position will assist with and oversee all aspects of assigned IT performance audits, which includes planning, fieldwork, findings development, report preparation and production, Legislative Audit Committee (LAC) presentations, audit file workpaper reviews and finalizations, and follow-up work related to verifying implementation status of audit recommendations for audit status reporting. The positions will assist with or facilitate tasks including, but not limited to, the following: Development of audit planning deliverables, including risk assessments, audit scopes, audit budgets and schedules; Execution of fieldwork procedures, including tests of design, implementation, and operating effectiveness of information system and cybersecurity related processes and controls; Development of written audit findings, recommendations, and reports drafts. The positions may assist with or provide day-to-day oversight of all stages of the IT audit process for specific, assigned audit projects in consultation with the IT audit manager and/or chief IT auditor. The positions must manage their time effectively as well as be able to perform under heavy, diverse, and complex workloads to produce quality deliverables within established timeframes and deadlines. The positions may assist with or perform IT audit contract monitoring duties to ensure compliance with contract provisions. The positions may assist with or supervise, develop, train, mentor, and coach other IT audit staff, as it relates to audit processes, standards, and best practices, as well as operational IT or cybersecurity processes, controls, technologies, standards and practices. The positions will provide such trainings through activities such as, on-the-job training sessions and informal or formal presentations and communications. Other related IT audit functions and duties as deemed necessary. Minimum Qualifications: Senior IT Auditor II Bachelor's degree from an accredited university, in a field of study relevant to information technology, information security/assurance, management information systems (MIS), computer science, computer engineering. Three or more years of professional experience in IT auditing. This experience should include one year at the IT senior auditor level or equivalent and an active CISA certification that will be maintained throughout the duration of employment. Minimum Qualifications: IT Audit Team Leader Bachelor's degree or higher from an accredited university, in a field of study relevant to information technology, information security/assurance, management information systems (MIS), computer science, computer engineering, or other related fields. Five or more years of professional experience in IT auditing. This experience should include two years at the IT senior auditor level with one year of supervisory experience and an active CISA certification that will be maintained throughout the duration of employment. Please be advised if you have taken the examination for this position in the last 12 months you may not re-test. Your current score will be used for this recruitment. Substitutions: Progressively responsible for IT audit work, or other similarly related work experience, which provided the same kind, amount and level of knowledge acquired in the required education may substitute for the bachelor's degree on a year-for-year basis. Preferred Qualifications in addition to the Minimum Qualifications: A strong desire to utilize professional IT auditing skills and experience to perform IT audits for a state government organization, which may include audits of entity level and IT general controls across information security, systems development, change management, and computer operations processes, or any number of other IT or cybersecurity processes, controls, systems, services and projects. Knowledge of, or experience with, Generally Accepted Government Auditing Standards (i.e., the Yellow Book) and other internal control standards, such as GAO's Green Book or COSO. Knowledge of, or experience with, relevant IT auditing standards, frameworks, and regulations, such as COBIT, NIST SP 800-53, FISMA, CIS Controls, ISO/IEC 27001, HIPAA, PCI DSS, Cybersecurity Maturity Model Certification (CMMC), System and Organization Controls (SOC) Frameworks, Sarbanes-Oxley 404, ITIL, FISCAM, IIA GTAGs, etc. Other IT audit related certifications, such as CISM, CISSP, CRISC, CISSP, CGEIT, and GIAC-certifications. Commitment to ongoing career development, including audit project management skills. Strong critical thinking and problem solving skills, including the ability to anticipate issue and develop appropriate solutions. Ability to work independently and effectively under deadlines and heavy workloads. Excellent written and verbal skills. Competent interpersonal skills, demonstrating the ability to lead projects and mentor others. Experience providing support coaching, and feedback to other team members and assistance with onboarding and ongoing support to new team members. Competency with Microsoft Windows and Office applications, including Word, Excel, and PowerPoint. Knowledge of, or experience with, audit management software and electronic audit workpaper packages. Conditions of Employment: Must submit to and successfully pass a pre-employment background check. The OSA conducts background checks for all final candidates being considered for employment. Background checks may include, but are not limited to, criminal history, national sex offender search, and motor vehicle history. State employee transfer applicants must disclose any corrective actions within the last 2 years and must currently be in good standing. Must be a Colorado resident. Appeal Rights : If you receive notice that you have been eliminated from consideration for the position, you may protest the action by filing an appeal with the State Personnel Board/State Personnel Director within 10 days from the date you receive notice of the elimination. Also, if you wish to challenge the selection and comparative analysis process, you may file an appeal #J-18808-Ljbffr

Created: 2025-03-07