IT Audit Manager

City of Gainesville
Job Description

If you are an Internal City Employee, Retiree or Dependent/Survivor of a City Employee please apply internally via Career Icon in your Workday account.

 

Make a difference in the community you live in! As a Community Builder—an employee with the City of Gainesville— you will have a direct hand in building and improving your community and making a visible impact on the lives of your neighbors. Working for local government is more than a job, it’s a chance to contribute to community success and to help enhance the Gainesville way of life.

 

Department:

GG City Auditor: City Auditor

 

Salary Range Minimum:

$88,200.00

 

Salary Range Maximum:

$132,300.00

 

Closing Date:

Until Filled

 

Job Details:

The IT Audit Manager is a highly responsible and specialized management position responsible for overseeing the planning, execution and reporting of information technology and cybersecurity audits, Advisory services, performance audits, IT risk assessments, and special projects.
The single position allocated to this classification reports to the City Auditor and works under general direction. Work in this class is distinguished from other classes by its consideration as being part of the core management team of the City Auditor's Office and is expected to collaborate and contribute to all department efforts, support integrated audits, and assist the City Auditor in implementing and executing an annual risk-based audit plan. This position will manage one or more senior IT and staff auditors.

***This position is HYBRID***

 

Job Description:

SUMMARY

The IT Audit Manager is a highly responsible and specialized management position responsible for overseeing the planning, execution and reporting of information technology and cybersecurity audits, Advisory services, performance audits, IT risk assessments, and special projects.

The single position allocated to this classification reports to the City Auditor and works under general direction.  Work in this class is distinguished from other classes by its consideration as being part of the core management team of the City Auditor's Office and is expected to collaborate and contribute to all department efforts, support integrated audits, and assist the City Auditor in implementing and executing an annual risk-based audit plan. This position will manage one or more senior IT and staff auditors. 


EXAMPLES OF WORK

This section of the job description is not intended to be a comprehensive list of duties and responsibilities of the position.  The omission of a specific job function does not absolve an employee from being required to perform additional tasks incidental to or inherent in the job.  Performance of lower level duties may be required.


ESSENTIAL JOB FUNCTIONS

Demonstrates ability to manage multiple quality engagements on schedule and with a focus on adding organizational value.

Researches emerging issues, assesses IT and cybersecurity organization risks, conducts research, collects data, and interviews staff to develop complex process flows and diagrams. Verifies, interprets and analyzes ERP data extraction and ascertains the validity and reliability of operational and financial data.

Conducts informational interviews and process walkthroughs to understand and identify key risks and controls for processes in scope for each engagement. Gathers and analyzes test populations to validate the completeness and accuracy of information provided and ensure appropriate sample selection and statistical representation of samples based on assessed risk. Performs medium to high complexity audit testing to evaluate the adequacy and effectiveness of IT, cybersecurity and operational controls, general computer controls (e.g.., logical security and program change control for operating system, database, application and network environments, computer operations, and datacenter physical security), as well as business cycle controls and IT application testing. Identifies control weaknesses and gaps, and prioritizes recommendations based on risk.

Demonstrates expertise working with industry frameworks (e.g., COBIT, NIST, ISO/IEC 2700), internal auditing professional guidance (GAGAS, IPPF, ISACA), and other standards and compliance requirements (e.g., PCI-DSS, PII, HIPAA, CJIS), and ensures work product complies with guidance and standards.

Reviews all draft findings and draft reports with management. Supports audit findings with sufficient and appropriate evidence and constructively works with management to resolve any disputed audit findings. Reports audit results to City Commission, Charter Officers, and department heads. Proactively works with management to close audit issues. Evaluates management’s audit issue remediation efforts in a timely manner.

Demonstrates leadership skills, including the ability to successfully manage individual(s), co-sourced and out-sourced IT projects with time constraints and deadlines. Provides effective and timely oversight and performance feedback of direct reports.

Continually seeks to innovate and identify opportunities for process improvement.

Completes other administrative tasks as assigned.

Attends work on a continuous and regular basis.

Performs other related duties as assigned.


NON-ESSENTIAL JOB FUNCTIONS

Serves on special task forces, committees or project teams as assigned.


QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential job function satisfactorily.  Below are the required education, experience, knowledge, skills and abilities to perform the essential functions.


EDUCATION AND EXPERIENCE

Bachelor’s degree from an accredited college or university in Computer Science, Management Information Systems, Accounting or related field; and six (6) or more years within internal audit.

Experience working with some or all of the following is preferred: Windows server environments, relational database management systems (RDBMS) such as Oracle and SQL, UNIX operating systems, Microsoft Active Directory, and SAP software. 

Data analysis experience using ACL, IDEA or Tableau is preferred.

COBIT or ISO/IEC 27000 knowledge is preferred.


CERTIFICATIONS OR LICENSES

Licenses

Valid U.S. Driver License required upon appointment.  Valid Florida Driver License required within 30 days of appointment.

Certifications

Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) is required.


KNOWLEDGE, SKILLS AND ABILITIES

Thorough knowledge of information technology and cybersecurity operational risks and controls, government auditing and accounting standards, internal auditing standards, information systems audit standards, and information systems security and control practices.

Thorough knowledge of laws, ordinances, regulations and statutes which impact information technology and cybersecurity processes.

Demonstrated ability to assess risk, identify key controls, assess control design and effectiveness, and perform root-cause analysis to derive value and audit issue recommendations.

Ability to comply with the code of ethics and standards of the internal auditing profession.

Ability to maintain independence, objectivity and professional integrity in all circumstances.

Ability to maintain security and confidentiality.

Ability to translate business needs and problems into viable and accepted solutions.

Strong interpersonal skills as demonstrated by the ability to interact collaboratively and productively and to establish and maintain effective working relationships with individuals of diverse backgrounds including elected officials, Charter Officers, City employees, local, state and Federal legislative bodies, and the general public.

Ability to develop short and long-term strategies, plans and programs and to evaluate work accomplishments.

Self-starter with strong decision-making abilities.

Ability to work effectively within a diverse team environment and lead or participate in department projects and activities.

Excellent analytical skills as demonstrated by the ability to collect, develop, assess, and blend information from a wide variety of sources.

Strong critical and creative thinking skills to assess and resolve problems or issues by gathering and assessing information and using judgment that is consistent with standards, practices, policies, procedures, regulations or law.

Ability to coordinate and perform multiple tasks or manage projects simultaneously, balancing priorities and deliverables and addressing issues quickly.

Excellent written and oral communication skills as demonstrated by the ability to simplify and articulate complex information and issues clearly and concisely.

Ability to work under high stress levels, with frequent interruptions and with tight and often changing deadlines.

Experience and ability to deliver effective presentations.

Proficient in Microsoft tools (Access, Excel, PowerPoint, SharePoint, Word) and auditing software such as Audit Command Language (ACL) and Team Mate.


PHYSICAL AND ENVIRONMENTAL REQUIREMENTS

To perform this job successfully, an individual must possess certain physical abilities and be able to withstand work related environmental conditions.


PHYSICAL REQUIREMENTS

While performing the duties of this job, the employee is often required to sit for prolonged periods of time.


WORK ENVIRONMENT

May be required to work outside regular business hours, including nights, weekends and holidays.

****This position is HYBRID *****

 

**May Fill More Than One Position**

**May Underfill**

 

Note: 

May Require Assessment(s).

May fill multiple positions.

May establish an eligibility list.

 

Come join our team! The City of Gainesville offers a competitive benefits package and opportunities to grow both professionally and personally.

 

All ‘regular’ employees are eligible for traditional benefits such as health insurance, life insurance, paid leave, 11 paid a holidays a year, a pension plan and a deferred compensation plan, but we also oer great things like on-site tness centers, tuition reimbursement, interest free loans for purchase of fitness equipment, on-site medical sta and a wellness program to keep you healthy and happy. Please note; benefits are not available for temporary employees.

 

 

If you are unable to apply online due to a disability, contact recruiting at HR@cityofgainesville.org or by calling 352-334-5077.

Contact Information