OIG - Process/Business Analyst (41687)

OIG - Process/Business Analyst Under direct supervision of the IT Audit Unit supervisor, the IT Auditor assists in all phases of planned and requested IT audits, including planning, fieldwork and reporting. This position produces clear and concise working papers and draft reports of findings, and ensures facts and conclusions are supported by sufficient and appropriate evidence. The incumbent follows established guidelines for work paper quality, adheres to directives provided by the IT Audit Unit supervisor, and seeks to fully understand guiding Government and IT Auditing Standards. The IT Auditor evaluates internal controls developed by the Client management to ensure they are effective at meeting Client's mission and objectives. Audit topics include information security controls, procurement of IT goods and services, compliance with licensing and data sharing agreements, IT project management, and similar concepts. This position supports Audit Management Services (AMS) performance and compliance audits as needed to conduct data validation, analysis, and conducts general IT controls assessments as requested. Internal and external IT auditing concepts, techniques, methods, and procedures; internal control frameworks, including COBIT, ITIL, ISO, NIST as well as general control frameworks offered by the Government Accountability Office (GAO), Information Systems Audit and Control Association (ISACA), Institute of Internal Auditors (IIA), Committee of Sponsoring Organizations (COSO); auditing Standards, including the GAO's Generally Accepted Government Auditing Standards ("Yellow Book") the IIA's International Standards for the Professional Practice of Internal Auditing ("Red Book"); and risk management as it relates to the audit field (including COSO's Enterprise Risk Management Integrated Framework and the International Organization for Standardization's standard ISO 31000 - Risk Management). Skill in: Understanding and applying technical IT Auditing methods, including data mining and advanced analysis using software tools such as MS Access, Excel, Tableau, and similar tools; communicating effectively and accurately, both orally and in writing including writing clear and concise work papers, emails, and reports; presenting technical findings to non-technical personnel in a manner that is easy to understand; utilizing time management techniques including prioritizing tasks to meet deadlines; demonstrating teamwork; and utilizing project management methodology. Ability to: Interpret and apply Federal, State, and local laws, rules, and regulations, and Department policy and procedure; plan and assist in IT audits across a broad range of topics in a large, complex operating and organizational environment; make sound decisions based on available data and recommend appropriate courses of action; perform detailed work with a high degree of accuracy; analyze problems, identify alternative solutions, and implement recommendations in support of Department goals; establish and maintain effective working relationships with those contacted in the course of work; and prepare clear, concise and accurate documentation and draft reports. Ideal/Preferred Candidate: Bachelor or Master's degree from an accredited college or university in MIS, Information Technology, Computer Science, or a related business field (such as Accounting, Finance, or Business Administration coupled with significant IT Auditing experience); 1-3 years of IT Auditing or similar experience; and current Certified Information Systems Auditor (CISA) is strongly preferred; other certifications, such as CIA, PMP, and other professional certifications will also be considered.

Created: 2026-03-04