Careers

Job Summary:

Under the guidance of Internal Audit Management and senior staff, the Information Technology (“IT”) Auditor III supports Internal Audit’s goals by taking part in evaluating the adequacy and effectiveness of the University’s IT operations and controls, and compliance with related policy, standards, regulation.  Assignments will include, but not be limited to, conducting information technology audits, consultative and ad-hoc projects. 

The IT Auditor III will be responsible for performing more complex audits and other projects in accordance with policies established by the University Board of Trustees, The Institute of Internal Auditors’ Standards for the Professional Practice of Internal Auditing and Code of Ethics (“Standards”), Information Systems Audit and Control Association (“ISACA”) guidance, Internal Audit Policies and Procedures, and applicable regulations. 

Essential Functions:

• With guidance from management or senior staff, develop audit plans, including audit programs, testing and reporting
• Independently perform audit procedures, including interviews with University personnel, tests of internal controls and compliance with applicable regulations, policies and procedures
• Analyze processes and audit evidence and evaluate adequacy of controls
• Identify deviations from regulations, policy and procedures
• Follow-up on test exceptions to determine validity
• Organize workpapers to support conclusions
• Effectively communicate observations and conclusions to Internal Audit management and auditee
• Help senior staff draft audit observations and recommendations for audit reports and memos
• Interact with administrators, faculty, and staff, and with external audit firms and agencies, as needed
• Consult with and advise administrators, faculty, and staff related to IT
• Follow-up on management’s action plans
• Keep abreast of institution policies and procedures, current developments in IT and auditing, as applicable
• Efficiently execute research
• Provide guidance to junior staff
• Think critically and exercise professional skepticism, judgment and discretion
• Effectively learn the business of higher education via on the job training
• Manage time to efficiently work on, meet milestones and complete assignments within budgeted time

Other Functions:

Perform special assignments and other duties as assigned.

Minimum Qualifications (Knowledge, Skills, Abilities, Education, Experience):

• Three or more years of audit experience that includes at least one year of IT audit experience or other relevant IT experience
• Bachelor’s degree in MIS/computer science, business administration or related discipline
• Pursuing CISA, CIA or other relevant audit or IT certification
• Have a working knowledge of the Standards and relevant IT standards, e.g., NIST and ISACA’s COBIT Framework
• Practically apply auditing methods, concepts and tools
• One year or more of experience documenting audit observations, risks and recommendations for audit reports
• Ability to understand new and complex technology and assess IT controls
• Strong analytical skills and inquisitive
• Proficient in computer software such as Microsoft Office Suite, including Word and Excel.
• Excellent interpersonal and communication skills, both verbal and written

Preferred Qualifications (Knowledge, Skills, Abilities, Education, Experience):

• Two or more years of IT audit experience
• Attained CISA, CIA or other relevant audit or IT certification
• Experience with NIST, CIS, SANS and ISO IT control frameworks
• Experience with electronic audit workpaper technology
• PeopleSoft experience
• ACL, SQL or other data mining experience
• Background in an academic, public institution environment

Working Conditions:

• Typical office environment
• May require occasional in-state travel to all UMass campuses, the Boston central office and other University locations
• May require periodic extended hours, nights and weekends, as necessary

Additional Details:

Salary commensurate with experience up to $90,000.00.