Senior IT Auditor- REPOST (Virginia Department of Health)

  • 22 Jul 2019 1:36 PM
    Message # 7790937
    James Walters (Administrator)
    Position Information
    Working Title Senior IT Auditor-REPOST
    Role Title Auditor III - 19193
    Job Open Date 07/18/2019
    Job Close Date 08/18/2019
    Open Until Filled No
    Is this position funded in whole or in part by the American Recovery & Reinvestment Act (Stimulus Package)? No
    Hiring Range $60,000 - $87,000
    Agency Dept of Health (601)
    Agency Website
    Location Richmond (City) - 760
    Sublocation Richmond /Headquarters
    Position Number OC116
    Job Posting Number 1054978
    Type of Recruitment General Public - G
    Does this position have telework options? Yes
    Bilingual/Multilingual Skill Requirement/Preference No
    Job Type Full-Time (Salaried)
    Job Type Detail Full-Time Salaried - Non-Faculty- FTS-1
    Pay Band 06
    Job Description

    The Virginia Department of Health is seeking a Senior IT Auditor to plan, lead, and perform information security audits on VDH’s applications to determine compliance with statewide data security standards and communicating control weaknesses and recommendations for correction to management. This position also provides consultative services to management and user groups relating to system development projects, application controls, data security, integrity controls of data processing operations, and management of automated systems. Duties include: Conduct interviews, management briefings, and entrance and exit conferences to exchange information and provide results to management. Conduct complex research to analyze risk factors and identify high-risk areas.Conduct efficient and effective IT audit procedures, prepare audit working papers/reports to document the audit process including audit objectives and related conclusion, deficiencies, and recommendations for corrective action. Follow-up on corrective actions to ensure implementation.

    Minimum Qualifications

    Demonstrated knowledge and ability to plan and conduct a variety of different Information Security audits independently, apply generally accepted IT audit principles and professional internal auditing standards, analyze data to arrive at logical conclusions, and identify and propose solutions to problems. Working knowledge of IT operating and application systems, infrastructure, and networks. Demonstrated knowledge and work experience in Commonwealth Information Security Standards and related guidelines. Demonstrated ability to coordinate multiple concurrent audits, meet reasonable time frames for project completion, and establish and maintain effective working relationships with agency officials, employees, and partnership contacts. Position requires excellent written and oral communications skills as well as human relations skills.

    Preferred Qualifications

    A solid understanding of the COSO & COBIT frameworks is desired.
    Working knowledge of NIST 800-53 and COV SEC-501 & 525 preferred.
    Expertise in Information Technology and/or Information Security Governance is also desired.
    Certified Information Systems Auditor, or Certified Internal Auditor also preferred.A bachelors degree in accounting, information systems, or equivalent with several years of IT audit experience is preferred.

    Special Requirements

    Employment is contingent upon satisfactory results of a state and federal criminal history background check and the Department of Social Services’ Child Abuse and Neglect Central Registry check, U.S. HHS IG Exclusion List check, employment reference check, and E-verify.

    Special Instructions to Applicants

    An application must be submitted on-line at by 11:59pm EST on the close date for consideration. Faxed, mailed, or emailed applications will not be accepted. Applicants requiring VISA sponsorship need not apply.


    Contact Information
    Name Kristi Phaup
    Last modified: 22 Jul 2019 1:37 PM | James Walters (Administrator)

Copyright 2018, International Information Systems Security Certification Consortium, Inc. (“(ISC)²), in website format and trade dress only. All Rights Reserved. (ISC)², CISSP, SSCP, CAP, ISSAP, ISSEP, ISSMP, CSSLP, and CBK are registered certification, service, and trademarks of (ISC)². Disclaimer: (ISC)²” does not own, operate, or moderate this website. All content of this site, exclusive of licensed trademarks or copyright, is the property of the designated (ISC)² Chapter organization, which is not owned, managed, or controlled by (ISC)² and operates independent of (ISC)².  

(ISC)2RVA is a 501(c)3 nonprofit organization.  EIN: 83-4655968

P.O. Box 2566, Glen Allen, VA 23058-2566

Powered by Wild Apricot Membership Software