Please note: State agencies that contact job applicants do not usually request personal or financial information via text message or over the phone in connection with your response to a job posting. If you are contacted for such information by these methods, or any other method, please verify the identity of the individual before transmitting such information to that person.

Review Vacancy

Date Posted 10/11/17

Applications Due10/25/17

Vacancy ID44388

AgencyState Comptroller, Office of the

TitlePrincipal Internal Auditor DPA - Item #00133

Occupational CategoryFinancial, Accounting, Auditing

Salary Grade662

Bargaining UnitM/C - Management / Confidential (Unrepresented)

Salary RangeFrom $85244 to $107751 Annually

Employment Type Full-Time

Appointment Type Contingent Permanent

Jurisdictional Class Competitive Class

Travel Percentage 0%

Workweek Mon-Fri

Hours Per Week 37.50

Workday

From 8 AM

To 4 PM

Flextime allowed? No

Mandatory overtime? No

Compressed workweek allowed? No

Telecommuting allowed? No

County Rensselaer

Street Address RTP 1

200 Jordan Road

City Troy

StateNY

Zip Code12180

Minimum Qualifications Candidates must have one year of permanent, competitive service in a qualifying title allocated to salary grade 25 or higher.

Duties Description Under the supervision of Internal Audit management, the Principal IT Internal Auditor DPA serves as a valuable member of the OIA IT audit team (OIA-IT) responsible for providing independent and objective appraisals of the IT environment and applications of the Office of the State Comptroller (OSC). The purpose of OIA-IT is to assist the Comptroller and his management team in fulfilling their responsibilities and accomplishing their goals and objectives, which include the Comptroller’s responsibilities as chief fiscal officer of New York State and sole trustee of the New York State Common Retirement Fund. As part of OIA-IT, the Principal IT Internal Auditor DPA plays a key role in examining and evaluating the adequacy and effectiveness of the Comptroller’s Office system of internal control (including related external service providers) and the quality of performance in carrying out assigned responsibilities, as well as providing IT control advisory services and serving as a resource for Agency investigations.

Responsibilities of the Principal IT Internal Auditor (DPA) include, but are not limited to, the following:

? Research: On a frequent basis, review current IT industry trends and practices concerning IT applications and systems to remain current on new software, and any related vulnerabilities (e.g., viruses) and issues that may impact OSC’s IT internal control systems. This research involves reviewing periodicals, professional auditing Internet sites, and security-related Internet sites. It also involves reviewing documents posted to key OSC IT team rooms. Also remain current on any changes to professional audit and IT standards.

? Staff Development: Assist in the development of audit staff by providing direction or on-the-job training in audit and business application issues, and by updating IT-audit sections of OIA’s Audit Manual.

? Office Administration: Assist in the hiring process for IT auditor candidates (e.g. reviewing resumes, interviewing, and evaluating candidates.) Assist in the evaluations of current IT audit staff. Manage OIA’s team rooms.

? OIA Management: Member of OIA’s management team that assists OIA’s Assistant Comptroller with the establishment and updating of OIA’s office policies and procedures, and with any office issues requiring direction to the audit staff. Also provides the OIA Assistant Comptroller with feedback or recommendations concerning OSC issues whenever so requested.

? Investigations: Assist the OSC Inspector General and the Assistant Comptroller of OIA in investigations, primarily by providing data extracts and technical aid.

? LAN Administration: Provide assistance and guidance to OIA’s LAN Administrator as needed.

? Communication: Periodically communicate with key IT clients (e.g., the CIO, ISO, and the PgMO) to keep current with on-going IT application projects and upgrades within OSC. Keep OIA management apprised of any new developments.

? Advisory Services: Provide internal control and IT security advice to OSC Application projects whenever requested, and/or serve on related sub-committees. Review and comment on OSC’s draft IT security policies and procedures.

? IT Risk Assessment and Audit Planning: Manage the IT portion of OIA’s annual risk assessment and assist the IT Audit Director in the preparation of OIA’s IT Audit Plan.

? IT Governance: Monitor for any changes to OSC’s IT Governance and keep OIA management apprised of these changes.

? Audit Engagements: Responsible for planning, organizing and completing assigned IT audits and supervising and reviewing the work of the Associate IT Auditors and staff IT auditors. This includes:

? Preparing for and directing audit-related meetings including the scoping, opening and closing conferences.

? Utilizing automated workpaper software to document IT audit plans, risk/control matrices, IT audit programs, sampling plans, potential observations, and IT audit reports.

? Analyzing the detailed design of the area (function/unit) under audit via flowcharts and narratives.

? Assessing the adequacy of the design of controls, identifying control weaknesses and other areas for improvement and developing recommendations for control improvement.

? Ensuring that the IT audit work performed, and supporting documentation, comply with professional auditing standards and adequately support any conclusions reached.

? Reviewing workpapers of assigned audit staff, preparing coaching notes and ensuring that they are appropriately cleared or resolved, and providing guidance and constructive criticism as necessary.

? Identifying, with unit management’s input, insightful recommendations for improving the function under audit.

? Reviewing the initial draft of the proposed IT audit report for Internal Audit management.

? Keeping the OIA Director for IT adequately informed of the engagement status and any observations or potential issues. Assisting with the investigation of alleged wrongdoings or possible fraud.

? Assistance to OIA’s non-IT staff: Provide technical assistance to non-IT audit staff. Also, coordinate the IT audit steps performed as part of non-IT audits within OIA.

Additional Comments Desired Competencies

? Information technology background; i.e., system operations, application programming, systems programming, network management, mainframe, server administration, and/or systems analysis.

? Auditing experience.

? Strong analytical skills.

? Strong written communication and documentation skills; i.e., ability to provide review comments re: workpapers, document audit findings, and prepare draft reports.

? Strong verbal communication and interviewing skills.

? Working knowledge of internal controls.

? Ability to research IT products, IT industry changes, and industry-known vulnerabilities.

? Security conscious.

? Ability to be objective.

? Ability to respect confidentiality.

Some positions may require additional credentials or a background check to verify your identity.

Name Joanne Pirfo

Telephone (518) 474-1924

Fax (518) 486-6723

Email Address recruit@osc.state.ny.us

Address

Street Office of Human Resources

110 State Street, 12th Floor

City Albany

State NY

Zip Code 12236

 

Notes on ApplyingInterested candidates should submit a cover letter and resume to recruit@osc.state.ny.us no later than October 25, 2017. Please reference Item #133 GOER-JFP when responding.
When responding, please include the reference number and letters listed in this section. (The Vacancy ID # should not be included).

Printable Version