Job Seekers, Please send resumes to resumes@hireitpeople.comComplete Description: *candidates local to the Richmond, VA area strongly preferred*this is a short term contract, an extension is unlikely*ALL candidates MUST be able to attend a personal interview, NO phone interviews, NO Skype, NO exceptions
Will complete security compliance audits of the DMV’s sensitive IT systems to determine the systems are in compliance with the Commonwealth’s IT Security Standards (ITRM SEC 501-09). The candidate must have a solid understanding of control frameworks.
Performs under the direction of the Internal Audit Manager and Director with considerable independence, planning, developing, and executing the Agency's IT Audit Plan. The position will communicate control weaknesses and provide recommendations to management. Services provided by this position are conducted in a manner that relates positively with agency personnel and provides timely, useful services to agency management.Education: A bachelor’s degree in accounting, business, finance, information systems, or a related field is highly desired, although progressive internal audit experience and related educational courses may substituted for a degree.Experience:At least four years of progressively responsible experience in planning and executing information systems audits including application, operating system, database and/or implementation audits. Candidates who possess any of the following are preferred: Certified Information Systems Auditor; Certified Public Accountant; Certified Internal Auditor; or other certification is Information Systems Security.
Possess a working knowledge of internal controls commonly used in information systems and their environment. A working knowledge of the IT security standards used by the Commonwealth (ITRM SEC 501-09) or comparable federal standards (e.g. NIST SP 800-53). The candidate must have demonstrated the ability to evaluate information system controls and workflows, analyze data, reach logical conclusions and provide recommendations that result in meaningful improvement. The candidate must also possess the ability to define audit objectives and design procedures to accomplish those objectives. The candidate must have also demonstrated an ability to interpret pertinent standards and regulations and to apply these in specific situations. Should possess an in-depth knowledge of the audit process, including knowledge of the Institute of Internal Auditor’s International Professional Practices Framework. In addition, a working knowledge of information systems risks and controls, LAN and WAN concepts, application controls and database management is also necessary. While the knowledge of state government organizations and functions is not required, the candidate should be familiar with the security standards used by the Commonwealth. The candidate must have the ability to communicate effectively with others, to gather and document work processes and observations, and to make recommendations.
Skill | Required / Desired | Amount | of Experience |
in-depth knowledge of the audit process, | Required | 4 | Years |
knowledge of information systems risks and controls | Required | 4 | Years |
application controls and database management | Required | 4 | Years |
knowledge of common security standards, (NIST, SEC 501) | Required | 4 | Years |
effective written and verbal communication skills | Required | 4 | Years |
ability to evaluate information systems controls | Required | 4 | Years |
ability to define audit objectives and prepare an audit program | Required | 4 | Years |
