Duties Description Works on specialized IT audits, projects and studies that incorporate advanced and complex IT matters, IT auditing tools and/or emerging technologies.
Work is in accordance with Generally Accepted Government Auditing Standards, IT security requirements and industry standards.
Researches and develops proposals recommending topics for future specialized IT audits, projects, audit tools, publications and/or training.
Provides internal/external training on cybersecurity governance and various IT topics.
This position requires frequent travel across New York State.
Minimum Qualifications Seven years of Information Technology audit experience, which must have been gained in any one of combination of the following (experience may be concurrent).
See education and experience substitutions below.
• Responsibility for performing IT-related audits and examinations to determine the compliance of agencies, authorities, municipalities, and schools, including reviews of physical and logical access controls, general IT controls, and application controls, and the writing and presentation of findings reports of technical issues to a non-technical audience.
• Responsibility for the analysis and evaluation of information systems, such as platforms, applications, network infrastructure, and/or IT-related operational practices and the writing and presentation of reports of findings suitable for non-technical audience.
• Responsibility for supporting an audit group, such as designing, developing/programming, maintaining technological solutions in support of audit activity, and evaluating and developing artificial intelligence programs in support of audit activity.
An Associate’s degree may be substituted for up to two years of IT audit experience; a Bachelor’s degree may be substituted for up to four years of IT audit experience; a Master’s degree may be substituted for an additional one year of IT audit experience (., up to five years of experience).
There is a maximum of 5 years of educational substitution.
Additionally, one year of generalized audit experience* may be substituted for one year of IT audit experience.
*Generalized audit experience is defined as - Performed performance audits in accordance with Generally Accepted Government Auditing Standards; analyzed areas for audit, addressed areas of risk; evaluated systems and procedures relating to audit areas for compliance with applicable laws, rules and regulations and contract terms, as appropriate; ensured funds are utilized in accordance with laws and regulations, and proper and effective controls are in place for areas under audit; used computer assisted auditing tools and techniques across various platforms to meet audit objectives; determined the accuracy and completeness of computer-processed data, prepared audit work papers to document work done and conclusions; prepared preliminary audit findings or portions thereof, discussed findings with auditee representatives, and participated in exit and entrance conferences.
Required Skill Profession
Financial Specialists