Previous Job
IT Security Auditor
Ref No.: 17-03027
Location: Richmond, Virginia
Job description:
The Department of State Police provides statewide law enforcement to preserve law and order and enforce criminal, traffic, and regulatory laws. The Office of Performance Management & Internal Controls supports the Superintendent's Office by conducting audits and reviews for the purpose of monitoring the agency's performance in maximizing the efficiency and effectiveness of Department operations, mitigating risks, and strengthening internal controls.

Purpose of Position:
The incumbent of this position plans and conducts IT, financial, operational, programmatic, and compliance audits in accordance with standards promulgated by the Institute of Internal Auditors; Also prepares reports to management of audit results and related recommendations for improving internal controls and assisting the department in attaining its objectives in an effective manner.

KSA's and/or Competencies required to successfully perform the work
Considerable working knowledge of information technology (IT) auditing principles and standards, to include IT systems security, general and application systems controls, and computer-assisted auditing techniques. Working knowledge of computer hardware, operating systems, network concepts, application programming, and database software. Working knowledge of IT frameworks, such as Control Objectives for Information and Related Technology (COBIT). Working skill in personal computers to include Microsoft applications. Demonstrated ability to evaluate information systems controls, workflows, and organizational/system issues, analyze data, reach logical conclusions, and develop recommendations. Must also possess the ability to define audit objectives and design procedures to accomplish those objectives. Ability to learn new systems quickly. Ability to effectively communicate, both orally and in writing, to non-IT personnel. Please refer to the physical demands worksheet attached to determine physical requirements for this position.

Education, Experience, Licensure, Certification required for entry into position:
Considerable experience in planning and conducting IT audits and other comprehensive internal audits with minimal supervision. A Bachelor's degree in accounting, information systems, computer science or closely related curriculum including such areas of study as information technology, accounting theory, auditing, and management information systems is strongly preferred. Expertise in IT and/or security management is preferred. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) is preferred.