About the position
The Senior IT Auditor will plan and perform information technology (IT) security audits on VEC applications to determine compliance with statewide information security standards and communicate control weaknesses and recommendations for correction to management. This role also involves managing and coordinating IT security audits performed by external auditors. The auditor will plan and perform compliance, financial, operational, and program audits at the VEC central office, local offices, and customer contact centers in accordance with the 'International Standards for the Professional Practice of Internal Auditing' of the Institute of Internal Auditors, Inc. and the approved audit plan of the Office of Internal Audit Services. Responsibilities include creating the audit survey, developing the audit program, conducting the audit, documenting results, reaching logical conclusions, effectively communicating with management, and writing an audit report that includes valid and reasonable recommendations. Additionally, the auditor will provide consultative services to management regarding system development projects, controls, data security, and management of information systems, and supervise assigned staff.
Responsibilities
- Plan and perform IT security audits on VEC applications.
- Manage and coordinate IT security audits performed by external auditors.
- Conduct compliance, financial, operational, and program audits.
- Create audit surveys and develop audit programs.
- Document audit results and communicate findings to management.
- Write audit reports with recommendations.
- Provide consultative services on system development projects and data security.
- Supervise assigned staff.
Requirements
- Knowledge of Information Technology and Information Security principles and standards.
- Experience with security requirements, risk management, internal controls, and IT best practices.
- Knowledge of Generally Accepted Auditing Standards and Generally Accepted Accounting Principles.
- Strong program evaluation and analytical skills.
- Ability to evaluate compliance and conduct audits.
- Ability to prepare reports and maintain an independent attitude.
- Effective verbal and written communication skills.
Nice-to-haves
- Certification as a Certified Internal Auditor, Certified Public Accountant, or Certified Information Systems Auditor.
- Experience conducting audits of sensitive IT systems.
- Knowledge of agency programs and internal security guidelines.
Benefits
- Equal Opportunity Employer/Program.
- Virginia Values Veterans (V3) certified employer.
- Encouragement for AmeriCorps, Peace Corps, and other national service alumni to apply.
