Job Opening: Field Auditor I - IT Audits - Boston Office (2020-08)

SALARY RANGE (Grade 10A) CSA230: $46,485.37 to $66,823.33/yr. (Commensurate with experience)

Participate in the development of information technology (“IT”) performance audits of state agencies, departments, programs, and vendors who contract with the Commonwealth. Contribute to efforts that lead to quality audit work and the preparation of IT audit reports in accordance with generally accepted government auditing standards.  IT auditors perform IT focused audits including, but not limited to, general and application control reviews, system security reviews, and disaster recovery and business continuity reviews. The incumbent in this position will also be tasked with assisting audit staff by providing technical expertise on IT aspects of assigned audits to support data reliability assessments.

Work under the direct supervision of a Senior IT Auditor or IT Audit Supervisor who reviews work product for accuracy and completeness.

None.

IT Field Auditors in the Office of the State Auditor are expected to carry out the following work:  

• Participate in small IT audits, sections of large IT audits of the accounts and related activities of Massachusetts state departments, institutions, authorities and/or contractors, and other activities and functions of the Commonwealth which are subject to state and federal accounting rules and regulations.  
• Assist audit staff in the Information Technology aspects / findings or detail of their assigned audits by providing technical expertise. 
• Perform detailed IT audit tests as outlined in the approved IT audit program. 
• Prepare quality work papers and schedules, which support the work performed during the IT audit, and meet all required department standards. 
• Prepare IT audit findings when assigned by the Auditor-in-Charge. Compile and edit materials essential to the production of the audit report. 
• Analyze and review minutes of meetings; policy and procedures manuals; contracts and agreements to determine the framework within which the entity should be operating. Inspect and test when appropriate to ensure compliance with the provisions of such documents. 
• Review applicable State and Federal laws, rules, and regulations governing the auditee’s IT operations and perform IT testing to ensure compliance with such laws, rules, and regulations. 
• Attend meetings and interviews held with department representatives and record results of such meetings. 
• Prepare stand-alone work papers that adequately document work performed and conclusions reached; work papers are properly and clearly documented (i.e. - SPAC'ed).
• Identify and clearly write the elements of a finding(s)Assist audit employees on IT issues as needed applicable practice self-initiative in obtaining needed Certified Professional Education (CPE) credits on an ongoing basis (i.e. - per definition of being 'on track' during CPE training cycle). 
• Evaluate or compare IT data in order to provide information to management for making sound conclusions to solve problems, to plan course of action and/or to recommend / or refine agency policies and procedures. 
• Participate in meetings/presentations with agency representatives relative to the conduct of the audit. 
• Perform other duties as assigned. 
  Field Auditors are required to travel to audit sites within the state and are expected to complete all of their assigned work in a timely and professional manner in accordance with OSA policies and Generally Accepted Government Auditing Standards (GAGAS).

At the completion of an audit, Field Auditors undergo an end-of-audit evaluation that involves assessing their work performance, compliance with GAGAS, and professionalism.

The successful candidate will possess and/or demonstrate the following: 

• BA/BS in Computer Science, Information Systems Administration, Business Administration, Accounting, or related field. 
• CISA certification is required.
• Ability to write report segments and to participate in presentations. 
• Experience in Microsoft Word, Excel, and Access.  Preference may be given to candidates who are also familiar with the Teammate audit software.
• Strong analytical, problem-solving, and organizational skills and ability to think critically and creatively.
• The ability and desire to be a self-starter and follow through with assigned tasks within established timeframes with a minimum amount of supervision.
• Strong collaboration, interpersonal management, and relationship skills
• Ability to exercise sound judgment.

Experience and expertise in the following areas will also be important considerations: 

• Masters in Computer Science or Information Systems 
• Knowledge of management structures and operations; 
• Experience within IT auditing or professional services, internal audit or IT audit preferred. 
• Working knowledge of CIS Critical Security Controls and the NIST Cybersecurity Framework ; 
• Experience in IT auditing .
• Knowledge of the fundamentals of information technology auditing and accounting theory and practice. 
• Basic knowledge of the Office of the State Auditor’s manuals and Comptroller’s Accounting Manual and Internal Control Guide. 
  •Understanding of information technology audit processes. 
  •Understanding of generally accepted auditing standards and related guidelines. 
  •Understanding of IT-related objectives, risks, and control practices. 
   
  We require that all applicants have a valid Massachusetts driver’s license and that they maintain a safe driving record.

No Phone Calls Please:

To apply, please submit an electronic copy of a cover letter and resume, no later than January 29, 2020 via the MassCareers website: Click Here 

The Office of the State Auditor is committed to providing equal employment opportunities. Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non-discrimination. Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.