Overview
On Site
USD 80,628.00 - 100,000.00 per year
Full Time
Skills
Recruiting
Supervision
Performance Management
Onboarding
Performance Improvement
Problem Solving
Human Resources
Performance Monitoring
Coaching
Professional Development
IT Security
Research
Risk Assessment
Documentation
Test Plans
OIA
Policies and Procedures
Internal Auditing
Management
Corrective And Preventive Action
Reporting
Program Management
Training
IT Audit
Auditing
Communication
CISA
CISSP
Information Security
Job Details
Title: Senior IT Auditor
State Role Title:Auditors, Internal
Hiring Range: $80,628 - $100,000
Pay Band: 5
Agency: Virginia Department of Health
Location:Dept of Health
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
A. Performance Management (for employees who supervise others)
Serves in a managerial/supervisory capacity to conduct performance management activities and ensure onboarding/offboarding and training for staff
Establishes and reviews work assignments and priorities and implements performance improvement strategies and/or problem resolution for related issues, in conjunction with program management and Human Resource staff
Ensures relevant training and workplace safety for staff
Conducts required performance monitoring and appraisals, establishes clear performance expectations, addresses deficiencies in a timely manner, and documents underperformance in accordance with state guidelines
Supports employee growth through regular feedback, coaching, and professional development opportunities
B. Planning Phase Audits
Assists the Internal Audit Director with planning the IT security audits to evaluate the adequacy and effectiveness of controls and procedures designed to protect COV information and IT systems
Familiarization - Conduct initial research and review of laws, policies, procedures and best practices
Preliminary Survey - Gather detailed information inclusive of reviewing procedures, diagrams, the systems boundary definition, risk assessment and other existing documentation combined with interviews and/or surveys of key personnel, documentation of key controls, walkthroughs and observations, an initial assessment of key controls and design of the audit test plan (e.g., determine likelihood of effective information system controls)
C. Fieldwork (Conducting the Audit)
Coordinate and execute the IT audit test plan by performing tests and evaluating results
Ensures audits and projects are conducted within timeline and in accordance with Office of Internal
Audit (OIA) guidelines and industry best practices
Communicates to OIA management findings and progress of work
D. Audit Workpapers
Ensures workpapers conform to OIA policies and procedures and in accordance with generally accepted government auditing standards GAGAS Yellow Book (Generally Accepted Government Auditing Standards) or the international standards for the professional practice of internal auditing IIA Red Book (Institute of Internal Auditors' Standards)
Ensures workpapers are prepared using the appropriate cross-referencing and scanned documents include a reference to the source and the purpose of the document. Develop recommendations on findings; ensures workpapers include sufficient evidence to support all conclusions.
Responsible for compiling quarterly reports on the status of corrective action plan (CAP) for all IT audit findings including findings from operational/performance internal Audits, APA, and other third-party external auditors (e.g., EPA)
E. Reporting
Draft audit report (develop draft findings and recommendations)
Arrange exit meeting with Division Directors, Business Managers, and IT Staff to discuss draft report
Obtain management's responses and corrective action plan for inclusion in final report
F. Program Management
Maintains the IT three-year Audit Plan
Monitors, advises and reports security of new systems
Updates IT audit program
Reports times spent on projects and admin functions
Attends training courses, lead/participate in staff meetings, working with third party auditors and participation on departmental committee task forces
Minimum Qualifications
Considerable IT audit experience
Knowledge and ability to plan and conduct a variety of Information Security audits
Knowledge of IT operating and application systems, infrastructure and networks
Ability to coordinate multiple concurrent audits, meet timeframes and establish/maintain effective working relationships
Excellent written and oral communication skills
Additional Considerations
Certification in one or more professional areas (CIA, CISA, CISSP)
Knowledge and work experience in Commonwealth Information Security Standards and guidelines
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
VDH accepts only on-line applications. Faxed, mailed, or e-mailed applications will not be considered. Applications are accepted until 11:55 p.m. on the job closing date. Applications and/or resumes should include relevant work history which indicates your qualifications for this position.
Employment is contingent upon satisfactory results of a state and federal criminal history background check and the Department of Social Service's Child Abuse and Neglect Central Registry check, U.S. HHSIG Exclusion List check, employment reference check and E-Verify. Other financial, credit, driving, background checks or completion of Statement of Economic Interests may be required for certain positions.
It is the policy of the Commonwealth and VDH that all aspects of human resource management be conducted without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists); sex; color; national origin; religion; sexual orientation; gender identity or expression; age; veteran status; political affiliation; disability; genetic information; and pregnancy, childbirth, or related medical conditions. VDH employees have a shared Code of Ethics, which can be found in the bottom banner of our website: ;br>
If you have been affected by DHRM Policy 1.30 layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card), you must submit the card before the closing date for this position. The Card may be submitted with the state application as an attachment.
As a V3 (Virginia Values Veterans) employer VDH Welcomes Veterans to apply!
Supplemental Questions: You may be required to respond to position-specific questions at the end of this application. This information will help us evaluate your credentials and qualifications for the job. Failure to respond to any questions may disqualify you from further consideration.
Contact Information
Name: Rose Sandra Bose
Phone:
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
State Role Title:Auditors, Internal
Hiring Range: $80,628 - $100,000
Pay Band: 5
Agency: Virginia Department of Health
Location:Dept of Health
Agency Website:;br>
Recruitment Type: General Public - G
Job Duties
A. Performance Management (for employees who supervise others)
Serves in a managerial/supervisory capacity to conduct performance management activities and ensure onboarding/offboarding and training for staff
Establishes and reviews work assignments and priorities and implements performance improvement strategies and/or problem resolution for related issues, in conjunction with program management and Human Resource staff
Ensures relevant training and workplace safety for staff
Conducts required performance monitoring and appraisals, establishes clear performance expectations, addresses deficiencies in a timely manner, and documents underperformance in accordance with state guidelines
Supports employee growth through regular feedback, coaching, and professional development opportunities
B. Planning Phase Audits
Assists the Internal Audit Director with planning the IT security audits to evaluate the adequacy and effectiveness of controls and procedures designed to protect COV information and IT systems
Familiarization - Conduct initial research and review of laws, policies, procedures and best practices
Preliminary Survey - Gather detailed information inclusive of reviewing procedures, diagrams, the systems boundary definition, risk assessment and other existing documentation combined with interviews and/or surveys of key personnel, documentation of key controls, walkthroughs and observations, an initial assessment of key controls and design of the audit test plan (e.g., determine likelihood of effective information system controls)
C. Fieldwork (Conducting the Audit)
Coordinate and execute the IT audit test plan by performing tests and evaluating results
Ensures audits and projects are conducted within timeline and in accordance with Office of Internal
Audit (OIA) guidelines and industry best practices
Communicates to OIA management findings and progress of work
D. Audit Workpapers
Ensures workpapers conform to OIA policies and procedures and in accordance with generally accepted government auditing standards GAGAS Yellow Book (Generally Accepted Government Auditing Standards) or the international standards for the professional practice of internal auditing IIA Red Book (Institute of Internal Auditors' Standards)
Ensures workpapers are prepared using the appropriate cross-referencing and scanned documents include a reference to the source and the purpose of the document. Develop recommendations on findings; ensures workpapers include sufficient evidence to support all conclusions.
Responsible for compiling quarterly reports on the status of corrective action plan (CAP) for all IT audit findings including findings from operational/performance internal Audits, APA, and other third-party external auditors (e.g., EPA)
E. Reporting
Draft audit report (develop draft findings and recommendations)
Arrange exit meeting with Division Directors, Business Managers, and IT Staff to discuss draft report
Obtain management's responses and corrective action plan for inclusion in final report
F. Program Management
Maintains the IT three-year Audit Plan
Monitors, advises and reports security of new systems
Updates IT audit program
Reports times spent on projects and admin functions
Attends training courses, lead/participate in staff meetings, working with third party auditors and participation on departmental committee task forces
Minimum Qualifications
Considerable IT audit experience
Knowledge and ability to plan and conduct a variety of Information Security audits
Knowledge of IT operating and application systems, infrastructure and networks
Ability to coordinate multiple concurrent audits, meet timeframes and establish/maintain effective working relationships
Excellent written and oral communication skills
Additional Considerations
Certification in one or more professional areas (CIA, CISA, CISSP)
Knowledge and work experience in Commonwealth Information Security Standards and guidelines
Special Instructions
You will be provided a confirmation of receipt when your application and/or rsum is submitted successfully. Please refer to "Your Application" in your account to check the status of your application for this position.
VDH accepts only on-line applications. Faxed, mailed, or e-mailed applications will not be considered. Applications are accepted until 11:55 p.m. on the job closing date. Applications and/or resumes should include relevant work history which indicates your qualifications for this position.
Employment is contingent upon satisfactory results of a state and federal criminal history background check and the Department of Social Service's Child Abuse and Neglect Central Registry check, U.S. HHSIG Exclusion List check, employment reference check and E-Verify. Other financial, credit, driving, background checks or completion of Statement of Economic Interests may be required for certain positions.
It is the policy of the Commonwealth and VDH that all aspects of human resource management be conducted without regard to race (or traits historically associated with race including hair texture, hair type, and protective hairstyles such as braids, locks, and twists); sex; color; national origin; religion; sexual orientation; gender identity or expression; age; veteran status; political affiliation; disability; genetic information; and pregnancy, childbirth, or related medical conditions. VDH employees have a shared Code of Ethics, which can be found in the bottom banner of our website: ;br>
If you have been affected by DHRM Policy 1.30 layoff and possess a valid Interagency Placement Screening Form (Yellow Card) or a Preferential Hiring Form (Blue Card), you must submit the card before the closing date for this position. The Card may be submitted with the state application as an attachment.
As a V3 (Virginia Values Veterans) employer VDH Welcomes Veterans to apply!
Supplemental Questions: You may be required to respond to position-specific questions at the end of this application. This information will help us evaluate your credentials and qualifications for the job. Failure to respond to any questions may disqualify you from further consideration.
Contact Information
Name: Rose Sandra Bose
Phone:
Email:
In support of the Commonwealth's commitment to inclusion, we are encouraging individuals with disabilities to apply through the Commonwealth Alternative Hiring Process. To be considered for this opportunity, applicants will need to provide their AHP Letter (formerly COD) provided by the Department for Aging & Rehabilitative Services (DARS), or the Department for the Blind & Vision Impaired (DBVI). Service-Connected Veterans are encouraged to answer Veteran status questions and submit their disability documentation, if applicable, to DARS/DBVI to get their AHP Letter. Requesting an AHP Letter can be found at AHP Letter or by calling DARS at .
Note: Applicants who received a Certificate of Disability from DARS or DBVI dated between April 1, 2022- February 29, 2024, can still use that COD as applicable documentation for the Alternative Hiring Process.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.