SALARY RANGE (Grade 10A) CSA230: $58,591.61 to $87,319.19/yr. (Commensurate with experience)

This position will be based out of the Boston, Lawrence or Quincy OSA offices. Please indicate your geographical preference in office location when applying per the application instructions below.

The Office of the State Auditor (OSA) offers a unique opportunity to work in a government environment that is high profile and has high expectations but is also committed to sustaining a healthy work/life balance.

GENERAL STATEMENT OF DUTIES:

Participate in the development of information technology (“IT”) performance audits of state agencies, departments, programs, and vendors who contract with the Commonwealth. Contribute to efforts that lead to quality audit work and the preparation of IT audit reports in accordance with generally accepted government auditing standards. IT auditors perform IT focused audits including, but not limited to, general and application control reviews, system security reviews, and disaster recovery and business continuity reviews.

SUPERVISION RECEIVED:

Work under the direct supervision of a Senior IT Auditor or IT Audit Supervisor who reviews work product for accuracy and completeness.

SUPERVISION EXERCISED:

None

DUTIES AND RESPONSIBILITIES:

IT Field Auditors in the Office of the State Auditor are expected to carry out the following work:

• Participate in small IT audits, sections of large IT audits of related activities of Massachusetts state departments, institutions, authorities and/or contractors, and other activities and functions of the Commonwealth

• Assist in the Information Technology aspects of their assigned audits by providing technical expertise

• Perform detailed IT audit tests as outlined in the approved IT audit program

• Prepare quality work papers and schedules, which support the work performed during the IT audit, and meet all required department standards

• Prepare IT audit findings when assigned by the Auditor-in-Charge. Compile and edit materials essential to the production of the audit report

• Analyze and review minutes of meetings; policy and procedures manuals; contracts and agreements to determine the framework within which the entity should be operating. Inspect and test when appropriate to ensure compliance with the provisions of such documents

• Review applicable State and Federal laws, rules, and regulations governing the auditee’s IT operations and perform IT testing to ensure compliance with such laws, rules, and regulations

• Attend meetings and interviews held with department representatives and record results of such meetings

• Prepare stand-alone work papers that adequately document work performed and conclusions reached; work papers are properly and clearly documented (i.e. - SPAC'ed)

• Identify and clearly write the elements of a finding(s) practice self-initiative in obtaining needed Certified Professional Education (CPE) credits on an ongoing basis (i.e. - per definition of being 'on track' during CPE training cycle)

• Evaluate or compare IT data in order to provide information to management for making sound conclusions to solve problems, to plan course of action and/or to recommend / or refine agency policies and procedures

• Participate in meetings/presentations with agency representatives relative to the conduct of the audit

• Perform other duties as assigned

Field Auditors are required to travel to audit sites within the state and are expected to complete all of their assigned work in a timely and professional manner in accordance with OSA policies and Generally Accepted Government Auditing Standards (GAGAS).

At the completion of an audit, Field Auditors undergo an end-of-audit evaluation that involves assessing their work performance, compliance with GAGAS, and professionalism.

The Office of the State Auditor is committed to providing equal employment opportunities. Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non-discrimination. Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.

SALARY RANGE (Grade 10A) CSA230: $58,591.61 to $87,319.19/yr. (Commensurate with experience)

This position will be based out of the Boston, Lawrence or Quincy OSA offices. Please indicate your geographical preference in office location when applying per the application instructions below.

MINIMUM QUALIFICATIONS:

The successful candidate will possess and/or demonstrate the following:

• BA/BS in Computer Science, Information Systems Administration, Business Administration, Accounting, or related field.

• Ability to write report segments and to participate in presentations.

• Experience in Microsoft Word and Excel. Preference may be given to candidates who are also familiar with the Teammate audit software.

• Strong analytical, problem-solving, and organizational skills and ability to think critically and creatively.

• The ability and desire to be a self-starter and follow through with assigned tasks within established timeframes with a minimum amount of supervision.

• Strong collaboration, interpersonal management, and relationship skills.

• Ability to exercise sound judgment.

PREFERRED QUALIFICATIONS:

Experience and expertise in the following areas will also be important considerations:

• Master in computer science or information systems.

• CISA Certification.

• Knowledge of management structures and operations;

• Experience within IT auditing or professional services, internal audit or IT audit preferred.

• Working knowledge of CIS Critical Security Controls and the NIST Cybersecurity Framework ;

• Experience in IT auditing.

• Knowledge of the fundamentals of information technology auditing and accounting theory and practice.

• Basic knowledge of the Office of the State Auditor’s manuals and Comptroller’s Accounting Manual and Internal Control Guide.

• Understanding of information technology audit processes.

• Understanding of generally accepted auditing standards and related guidelines.

• Understanding of IT-related objectives, risks, and control practices.

We require that all applicants have a valid Massachusetts driver’s license and that they maintain a safe driving record.

The Office of the State Auditor is committed to providing equal employment opportunities. Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non-discrimination. Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.