Complete Description
****Candidates MUST interview in-person. NO exceptions
****Strong candidates will have experience in system auditing experience using auditing standards such as Governmental Auditing or Institute of Internal Auditing. NOT just Security Auditing, but experience with formal write-ups (using mentioned standards) and the ability to convey findings to senior management. NIST Compliance Standard Experience is also highly desired.
Performs information security/system audits of client-server and web based applications in accordance with best practices and applicable Commonwealth of Virginia information security standards. Provide formal write-up of findings using established standards (similar to Governmental Auditing Standards or Institute of Internal Auditing standards) and present findings to Senior Management.
IT Auditor 3
Years of Experience:
3-6 years minimum
***Certified Information Systems Auditor highly desired***
Job Description:
Performs comprehensive information security and other information technology audits and reviews to ensure the agency adheres to applicable Commonwealth of Virginia information security standards and best practices.
• Plans and performs required information security audits of sensitive systems.
• Determines and recommends improvements in current risk management controls
• Plans and performs reviews of new systems development efforts.
• Performs other reviews of information system controls
• Submits required audit-related documentation
• Assists in developing clear and concise written audit reports.
• Reviews corrective action plans.
Skills:
Skill
Required / Desired
Amount
of Experience
Demonstrated experience in planning and performing information security audits
Required
3
Years
Knowledge of information security and internal control standards and best practices
Required
3
Years
Certified Information Systems Auditor (CISA)
Highly desired
Experience with Governmental Auditing Standards / Institute of Internal Auditing Standards
Highly desired
1
Years
NIST Compliance Standard Experience
Highly desired
1
Years
Does candidate have experience with Governmental Auditing Standards or Institute of Internal Auditing? If so, which one?
Is candidate a Certified Information Systems Auditor (CISA)? This is highly desired!