Audit Manager - IT Audit

SALARY RANGE (Grade 15A) CSA
325: $94,042.82 to $/yr. (Commensurate with experience)

This position will be based out of the Boston
, Lawrence
, Quincy or Marlboro OSA offices. Please indicate your geographical preference in office location when applying per the application instructions below.

The Office of the State Auditor (OSA) offers a unique opportunity to work in a government environment that is high profile, has high expectations but is also committed to sustaining a healthy work/life balance. The OSA is looking for an individual who wants to grow professionally in the information technology (IT) area and can think creatively and use their management and leadership skills to work with a group of highly skilled individuals in conducting audit work that results in positive changes in government operations.

The IT Audit Manager oversees all aspects of occurring IT audits of state agencies, departments, programs, and/or vendors who contract with the Commonwealth.

Work under the supervision of the IT Audit Director.

Exercise general supervision over Audit Supervisors, Auditors-in-Charge (AICs), and other assigned staff members; typically two to four staff per audit.

• Work with the IT Audit Director, OSA executive/senior leadership and others as applicable, to establish an effective risk based annual audit plan which aligns with the goals of the OSA strategic plan.
• Analyze assigned audits and projects to determine their complexity and the staff skills and resources needed for their timely completion, ensuring all audits are completed on schedule and in compliance with applicable policies and standards.
• Assess the progress of ongoing audit engagements to: determine whether changes in scope or objectives are required; provide technical advice and consultation; ensure completeness and accuracy of the audit work; ensure compliance with the standards and policies of the OSA and the U.S. Government Accountability Office’s “Yellow Book”; ensure conformity to approved audit programs.
• Ensure that audit progress reports, surveys, programs, and other internal reporting documents are submitted in a timely and accurate manner.
• Ensure that all audit reports are complete, accurate, and well written and that they follow standard format, with all findings fully attributed and supported by the audit work.
• Provide on-the-job training to all assigned staff members, support and evaluate the performance of AICs, and review the personnel evaluations of the audit staff prepared by the AIC.
• Provide in-depth progress reports to the IT Audit Director for ongoing audits and prepare preliminary briefings on findings resulting from these audits.
• Make recommendations to the IT Audit Director and Audit Planning regarding what agencies, institutions, or programs should be audited and what specific areas should be targeted for review.
• Actively seek input from AICs regarding staff training needs and make appropriate referrals.
• Professionally represent the OSA at meetings and presentations.
• Participate in departmental training.
• Evaluate staff.
• Perform other duties as assigned by the IT Audit Director.

• A bachelor’s degree and 5 to 7 years of experience in auditing primarily in the IT area, at least four of which must be in a supervisory role.
• CPA, CISA and/or CISSP certification.
• Functional knowledge of commonly used cloud services, including AWS, Microsoft Azure and/or Google Cloud Platform.
• Experience in evaluating IT general controls and IT application controls within the COBIT Framework.
• Proficient in the use of Microsoft Office suite software.
• Experience in the preparation of clear, logical, and coherent audit reports.
• Demonstrated leadership and team‑building skills.

• A Master’s degree in Business Administration, Public Administration, Information Systems or a related field.
• Experience in performing and supervising performance audits of government agencies in accordance with GAGAS.
• Hands‑on knowledge and understanding of information systems security strategies, policies, standards, and best practices; understanding of defense in depth security architecture, tools, firewalls, and related devices.

We require that all applicants have a valid Massachusetts driver’s license and that they maintain a safe driving record.

The Office of the State Auditor is committed to providing equal employment opportunities. Employment actions such as recruiting, hiring, training, and promoting individuals are based upon a policy of non‑discrimination. Employment decisions and actions are made without regard to race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran’s status.