Review Vacancy
AgencyInformation Technology Services, Office of
TitleSenior Internal Auditor, Ref #TBC
Occupational CategoryFinancial, Accounting, Auditing
Bargaining UnitPS&T - Professional, Scientific, and Technical (PEF)
Salary RangeFrom $52293 to $66494 Annually
Minimum Qualifications Open to New York State employees with one year of permanent competitive service as a Senior Internal Auditor; OR employees who are eligible to 70.1 transfer under Section 70.1 of Civil Service Law, such as Senior Accountant, G-18; Senior Auditor, G18; Senior Examiner Municipal Affairs, G-18; State Program Examiner, G-18; State Program Examiner 1 Fiscal, G-18; and Tax Auditor, G-18; OR employees who are eligible to transfer under Section 52.6 of Civil Service Law. Examples of eligible titles are ITS 2 and ITS 2 parenthetic titles, G-18.
Please note that candidates in ITS 2 and ITS 2 parenthetic positions must additionally demonstrate that s/he has:
1.) A bachelor's degree and two years of auditing experience defined below;
OR 2.) A master's degree and one year of ITS auditing experience described below;
OR 3.) Certification as an Internal Auditor by the Institute of Internal Auditors (IIA); Certified Information Systems Auditor (CISA); Certified Information Systems Security Professional (CISSP); or licensed as a Certified Public Accountant (CPA).
* Auditing is defined as experience that must include two of the following:
• The examination and evaluation of an organization's internal controls, accountability, and integrity.
• The examination and evaluation of an organization's ability to carry out its responsibilities economically, efficiently, and effectively.
• The examination and evaluation of an organization's ability to accomplish its objectives consistent with its policies, procedures, and mandates.
These duties must have included conformance with detailed audit plans; collection, analysis, and documentation of findings in audit work papers; and preparation of audit results and documentation including appropriate written and verbal recommendations.
The transfer cannot be a second consecutive transfer resulting in an advancement of more than two salary grades.
Candidates on the eligible list for this title will be considered through a canvass and are not required to respond to this posting.
Preferred candidates are those who have auditing experience in:
• General and application controls;
• Web based applications;
• Data center operations;
• Identity and access management;
• System development life cycles;
• Network security and firewalls;
• Help desk and incident response programs;
• Change management systems.
Duties Description Positions are located in the Internal Audit Bureau and Internal Audit Section within the Chief Administration Office.
Illustrative duties include, but are not limited to, the following:
• Performs audits in accordance with applicable auditing standards (e.g. Institute of Internal Auditors, ISACA, etc.);
• Obtains prior working papers, reports, and other documents and materials that are necessary to conduct field work;
• Organizes working papers to be used in writing the final audit or review report;
• Analyzes business unit activities and assesses risk levels to determine areas for audit;
• Reviews and evaluates computer systems to determine if applications system controls are adequate;
• Analyzes and evaluates the adequacy of IT policies and procedures;
• Evaluates systems and procedures relating to audit areas for compliance with applicable laws, rules and regulations, and contract terms;
• Examines internal controls to evaluate the extent to which proper and effective controls are in place for areas under audit;
• Writes narratives and conclusions based on the findings derived from the audit procedures;
• Conducts interviews with client personnel and performs walk-throughs to assist in the evaluation of internal controls;
• Evaluates agency systems and IT operating practices for efficiency and effectiveness in meeting agency and legislative goals and priorities;
• Examines transactions to determine legitimacy, fraud, waste, and abuse;
• Interprets technical IT matters that comprise the documented control deficiencies for purposes of classifying significant deficiencies, material weaknesses, and exit conference points;
• Reviews and evaluates the implementation of new systems to ensure that controls in the system are adequate and project management is utilized effectively;
• Uses computer-assisted auditing tools and techniques across various platforms to meet audit objectives;
• Prepares audit working papers to support work performed and conclusions drawn;
• Prepares preliminary audit findings or portions thereof;
• Assists with overseeing other trainees, and/or student assistants by providing guidance and support;
• May be assigned as a lead auditor and oversee the work of trainees and students assistants on small, low risk or fairly routine assignments;
• Discusses highly technical IT matters relating to deficiencies observed during control reviews;
• Identifies control procedures that enable the auditee to maintain integrity of programs processing and data and/or mitigate the potential for errors and fraud;
• Conducts inquires and observations to determine whether these control procedures are suitably designed to achieve the control objectives;
• Under the supervision of the grade 23, develops and performs adequate tests of these control procedures to determine whether they have been placed in operation and are operating effectively;
• Makes assessments of the effectiveness of the overall design and operation of related control procedures as it relates to the reduction of control risk;
• Prepares summaries of control deficiencies observed during IT control reviews which require the IT auditor to: Understand complex control procedures and determine whether they have achieved their objectives;
• Conducts data analysis or data mining;
• May perform tasks assessing program risks to plan potential audits, and work on special or audit research projects.
Additional Comments Some positions require fingerprinting.
Positions are pending DOB approval to fill.
Some positions may require additional credentials or a background check to verify your identity.
Email Address HR.recruitment@its.ny.gov
Address
Swan Street Building, Core 4
Notes on ApplyingTo apply, please send a cover letter and resume to the attention of Sharon Rutledge and clearly explain how you meet the minimum qualifications for this position. Also include your current Civil Service title and salary grade. Please indicate that you are applying for the Senior Internal Auditor, ref# TBC. Your Social Security Number may be requested in order to confirm your eligibility.