Audit Manager - IT Audit

Overview

The Office of the State Auditor (OSA) seeks an Audit Manager – IT Audits to oversee state‑wide IT audits of agencies, departments, and vendors. The role requires strategic planning, technical leadership, and the ability to drive audit effectiveness across multiple sites.

• Develop and maintain a risk‑based annual audit plan aligned with OSA’s strategic objectives.
• Lead audit engagements, ensuring audits are completed on schedule and in compliance with applicable policies and the Government Accountability Office’s Yellow Book.
• Exercise general supervision over Audit Supervisors, Auditors‑in‑Charge (AICs), and support staff.
• Provide technical advice, ensure completeness and accuracy of audit work, and maintain conformity to approved audit programs.
• Manage audit progress reports, surveys, programs, and other internal reporting documents.
• Prepare well‑written audit reports that follow standard format and attribute findings to supporting audit work.
• Provide on‑the‑job training, support performance evaluations, and review personnel evaluations of audit staff.
• Report regularly to the IT Audit Director, deliver preliminary briefings on findings, and make recommendations about target agencies and audit programs.
• Represent OSA professionally at meetings and presentations.
• Perform other duties as assigned by the IT Audit Director.

• A bachelor’s degree and 5–7 years of auditing experience, primarily in IT, with at least four years in a supervisory role.
• CPA, CISA and/or CISSP certification.
• Functional knowledge of cloud services (AWS, Microsoft Azure, Google Cloud Platform).
• Experience evaluating IT general controls and application controls within the COBIT Framework.
• Proficiency in Microsoft Office suite.
• Clear, logical, and coherent audit report preparation.
• Demonstrated leadership and team‑building skills.

• A Master’s degree in Business Administration, Public Administration, Information Systems, or a related field.
• Experience supervising performance audits of government agencies in accordance with GAGAS.
• Hands‑on knowledge of information systems security strategies, policies, and best practices.

Location options include Boston, Lawrence, Quincy, or Marlboro OSA offices; a hybrid work schedule is available. A valid Massachusetts driver’s license and a safe driving record are required.

OS is committed to equal employment opportunities. Employment actions are based on non‑discriminatory policies and do not consider race, color, gender, religion, age, national origin, ancestry, sexual orientation, gender identity and expression, disability, military status, genetic information, political affiliation, or veteran status.