Job Opening: IT AUDIT MANAGER

 SALARY RANGE (Grade 15A) CSA325: $94,042.82 to $141,042.23/yr. (Commensurate with experience)

The IT Audit Manager oversees all aspects of occurring IT audits of state agencies, departments, programs, and/or vendors who contract with the Commonwealth. 

Work under the supervision of the IT Audit Director.

Exercise general supervision over Audit Supervisors, Auditors-in-Charge (AICs), and other assigned staff members; typically two to four staff per audit.

An IT Audit Manager in the OSA is expected to perform a variety of tasks, including, but not limited to, the following:

Work with the IT Audit Director, OSA executive/senior leadership and others as applicable, to establish an effective risk based annual audit plan which aligns with the goals of the OSA strategic plan.

Analyze assigned audits and projects to determine their complexity and the staff skills and resources needed for their timely completion. Making sure all audits are completed on schedule and in compliance with applicable policies and standards. Assessing the progress of ongoing audit engagements to:

• Determine whether changes in scope or objectives are required.
  • Provide technical advice and consultation.
  • Ensure completeness and accuracy of the audit work.
  • Ensure compliance with the standards and policies of the OSA and the U.S. Government Accountability Office’s “Yellow Book.”
  • Ensure conformity to approved audit programs.
• Ensure that audit progress reports, surveys, programs, and other internal reporting documents are submitted in a timely and accurate manner.
• Ensure that all audit reports are complete, accurate, and well written and that they follow standard format, with all findings fully attributed and supported by the audit work.
• Providing on-the-job training to all assigned staff members, supporting and evaluating the performance of AICs, and reviewing the personnel evaluations of the audit staff prepared by the AIC.
• Providing in-depth progress reports to the IT Audit Director for ongoing audits and preparing preliminary briefings on findings resulting from these audits.
• Making recommendations to the IT Audit Director and Audit Planning regarding what agencies, institutions, or programs should be audited and what specific areas should be targeted for review.
• Actively seeking input from AICs regarding staff training needs and make appropriate referrals.
• Professionally representing the OSA at meetings and presentations.
• Participating in departmental training.
• Evaluating staff.
• Performing other duties as assigned by the IT Audit Director.

The successful candidate will possess and/or demonstrate the following:

• A bachelor’s degree and 5 to7 years of experience in auditing primarily in the IT area, at least four of which must be in a supervisory role.
• CPA, CISA and/or CISSP certification.
• Functional knowledge of commonly used cloud services, including; AWS, Microsoft Azure and/or Google Cloud Platform.
• Experience in evaluating IT general controls and IT application controls within the COBIT Framework.
• Proficient in the use of Microsoft Office suite software.
• Experience in the preparation of clear, logical, and coherent audit reports.
• Demonstrated leadership and teambuilding skills.

Experience and expertise in the following areas will also be important considerations:

• A Master’s degree in Business Administration, Public Administration, Information Systems or a related field.
• Experience in performing and supervising performance audits of government agencies in accordance with GAGAS.
• Hands-on knowledge and understanding of information systems security strategies, policies, standards, and best practices. Understanding of defense in depth security architecture, tools, firewalls, and related devices.

We require that all applicants have a valid Massachusetts driver’s license and that they maintain a safe driving record.

No Phone Calls Please:

To apply, please submit an electronic copy of a cover letter and resume, no later than January 26, 2026 via the MassCareers website: Click Here

The Office of the State Auditor is committed to providing equal employment opportunities.  Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non-discrimination.  Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.