"Alerted.org

Senior Information Tech Auditor

Posting Begin Date: 2025/06/26

Posting End Date: 2025/07/26

Work Type: Full Time

Minimum Salary: 35.42

Maximum Salary: 42.70

Pay Rate Type: Hourly

Description

State of Idaho

Office of the State Board of Education

Applications will be accepted through 4:59 PM MST on the posting end date.

STATE OF IDAHO EMPLOYEES: If you are a current or temporary State of Idaho employee you MUST apply through Luma Opportunities. Applying through the State of Idaho’s external career website will cause duplicate profiles and will slow the processing of your application for a new position.

About the Agency: The Idaho State Board of Education (Board) is established in the Idaho Constitution for the “general supervision of the state educational institutions and public school system.” State law charges the Board with the general supervision, governance and control of public schools and postsecondary institutions, including community colleges. The Board is comprised of eight members: seven appointed by the Governor, as well as the statewide elected superintendent of public instruction. The Office of the State Board of Education (OSBE) is charged with providing professional staff support to the Board and implementing the Board’s policies, programs, and initiatives.

Summary: The Senior Information Technology Auditor is responsible for performing assigned components of internal audits or special projects with close supervision from a project lead, a Systemwide Internal Audit Manager and/or the Chief Audit Executive. While the IT Auditor will primarily be assigned to perform information technology related audits, the IT Auditor will also be required to perform audits of financial operations, general operations, sponsored programs, or compliance. Audit work may be performed on any campus in the Idaho Higher Education System. This position can be located in Boise or Pocatello.

The Sr. IT Auditor is expected, with minimal supervision, to lead IT related audit projects and with minimal supervision perform assigned components of internal audits or special projects. This includes prioritizing assigned work according to the project hourly budgets and due dates and assisting with a risk assessment and development of audit programs for assigned areas. The Senior Information Technology Auditor completes and documents assigned work in accordance with department and professional standards under the minimal supervision of the project lead, Internal Audit Manager or Chief Audit Executive. The work product of the Sr. IT Auditor requires minimal need for correction or revision.

Job Responsibilities:

Perform information system and network audits including:

+ Review security features, operations, and controls for all new, mission-critical, computing systems at the university prior to being implemented

+ Perform a risk-based audit of important new or current university computerized services for data integrity, privacy, or reliability

+ Audit information system’s privacy and security controls and data security

+ Audit legal and regulatory compliance in State of Idaho Universities information and communication systems as well as recommend measures to bring the State of Idaho Universities into compliance

+ Audit policy, standards, and procedure compliance in State Board of Education and State of Idaho Universities information and communication systems

+ Audit to ensure patches, fixes, and upgrades to operating systems, applications, and network equipment and software

+ Review campus policies and procedures related to information technology and make recommendations for enhancing or improving information technology controls.

+ Performs assigned components of internal audit or special projects. This primarily consists of documenting, evaluating and testing internal controls for the areas/activities under audit; identifying and providing recommendations to improve management of risks that may prevent achievement of organizational objectives; and identifying activities that are out of compliance with applicable laws, regulations or Idaho State Board of Education or University policies.

+ With minimal supervision, develop plans and work programs for individual audit engagements related to information technology.

+ Performs assigned audit procedures necessary to achieve audit engagement objectives.

+ Works directly with audit clients and participates in client meetings as directed by project leads, Internal Audit Managers, or the Chief Audit Executive.

+ Performs assigned audit procedures necessary to achieve audit engagement objectives.

+ Works directly with audit clients and may be asked to participate in client meetings as directed by a project lead.

+ Assists with the development of audit observations and recommendations for the draft audit report.

+ Responsible for assigned portions of projects and is expected to reasonably complete all required tasks within hourly budgets and due dates, and in accordance with department and professional standards with close supervision.

+ Monitors progress and status of assigned work to ensure tasks are completed within hourly budgeted time frames and due dates; immediately informs project lead of any unexpected budget or due date issues along and assists lead in revising estimates of completion; informs Systemwide Internal Audit Manager and/or Chief Audit Executive of opportunities to perform work beyond what was assigned.

+ Assists with risk assessments, meetings with clients, and performs other analyses and planning for areas assigned; assists with the preparation of the Project Scope and Budget Memo, and assists with the development of required audit programs, with close supervision of the project lead, system manager or the Chief Audit Executive.

+ Participates in audit exit meetings as directed and assists in the discussion of findings and recommendations with clients. Tracks and reports time spent on project and administrative tasks in accordance with department procedures and ensures time is reported accurately for assigned areas; immediately addresses anticipated variances from hourly budgets to actual through discussions with the project lead.

+ Communicates verbally and in writing to internal staff and management, with State of Idaho University employees at all levels, and externals as may be necessary in a professional manner.

+ Fosters and maintains good working relationships with audit clients.

+ May be asked to assist with fraud related investigations that require specialized IT investigation procedures.

+ Assists with the preparation of draft audit reports. Writing is to be fully proofread, accurate, grammatically correct and free from typographical errors.

The Senior IT Auditor is expected to maintain professional certifications and to meet professional development requirements established by the IIA. Professional development includes participation in department approved professional organizations

Minimum Qualifications:

+ Bachelor’s degree in information systems, business, accounting, or related field, OR equivalent professional experience

+ 4 years of internal auditing, 2 of which have been focused on information technology auditing

+ Strong knowledge of the higher education industry, University operations and risk exposures in higher education

+ Detailed knowledge of operating systems security. Experienced in digital networks and network operating systems security.

+ Detailed knowledge of network and host-based security devices and applications including firewalls, routers, switches, VPNs, intrusion detection, anti-virus software, antispyware software, wireless communications, as well as other telecommunication security devices or methodologies.

+ Experienced in computerized access control, authentication, and authorization technologies, controls, and industry best practices.

+ Knowledge of the Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability and Privacy Act (HIPPA), Digital Millennia Copyright Act, Graham, Leech, Bliley Act (GLBA), and Patriot Act is preferred. Additionally, knowledge of and experience with the Purchase Card Industry’s Data Security Standard.

+ Skilled and experienced in auditing information systems, including large applications, networks and operating systems is required.

+ Knowledge of IT incident handling, investigation, and response is required.

+ Detailed knowledge of e-mail, web browsers and servers, e-commerce security measures and best practices. The holder of this position must be skilled in evaluating web service security, recommending vulnerability and threat countermeasures as well as knowledgeable in associated log monitoring and event alert methodologies.

+ Capability to perform IT risk assessments-analyses, vulnerability assessments, and intrusion detection analysis is required.

+ Ability to extract and analyze data from ERP systems

+ Knowledge of Generally Accepted Accounting Principles.

+ Knowledge of the Committee of Sponsoring Organization (COSO) internal control integrated framework.

+ Good interpersonal skills to work successfully with employees at all levels within the IAAS department and State of Idaho Universities.

+ Good personal computer skills and strong working knowledge of Word, Excel, PowerPoint, and Visio, or equivalent programs.

+ Ability to document and complete work in accordance with IIA professional standards with close supervision.

+ Ability to handle sensitive and confidential situations and information in a professional manner.

+ Ability to adhere to strict independence and conflict of interest requirements established by the department.

+ Strong knowledge of IT forensic techniques

+ Ability to prioritize and complete assigned tasks in a timely and professional manner.

Preferred Qualifications:

+ Master’s degree in accounting or business administration

+ Certified Information Security Auditor (CISA)

+ Additional certification – Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), Certified Fraud Examiner (CFE)

+ Higher Education industry experience

+ Experience performing computer investigations and applying computer forensics

+ Fundamental knowledge of Idaho State Board of Education and University policies and procedures.

Application Procedure: Prepare a cover letter, resume, and a list of references with at least two former or current supervisors and attach to your candidate profile.

Questions about the position or the application process can be directed to Kayla Otto, Human Resource Business Partner I, 208-854-3064 or[email protected] .

Special Notification: This position is exempt from the rules of classified service under the provisions of Section 67-5303, Idaho Code. This position is educational professional exempt from overtime. The successful applicant will be required to pass a background check.

Benefits:

The State of Idaho offers a robust total compensation package, including medical, vision, and dental insurance; retirement benefits; paid sick, vacation, and parental leave; and 11 paid holidays per year. Additionally, Office of the State Board of Education employees receive tuition reduction benefits under the State Board of Education. For additional information, please visit https://dhr.idaho.gov/information-for-state-employees/.

EEO/ADA/Veteran:

The State of Idaho is committed to providing equal employment opportunities and prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on their race, color, religion, political affiliation or belief, sex, national origin, genetics, or any other status protected under applicable federal, state, or local laws.

The State of Idaho is committed to access and reasonable accommodations for individuals with disabilities, auxiliary aids and services are available upon request. If you require an accommodation at any step in our recruitment process, you are encouraged to contact (208) 334-2263 (TTY/TTD: 711), or email [email protected] .

Preference may be given to veterans who qualify under state and federal laws and regulations.