Information Systems Auditor II

Information Systems Auditor II

Job Type: Full-time

Work Location: Colorado Springs City Hall, 107 N. Nevada Ave, Suite 205, Colorado Springs, CO 80903

Learn more about the department: (Use the "Apply for this Job" box below)./city auditor

Position notes: This position is subject to budget‑required furloughs to be implemented in the 2026 calendar year and any furloughs subsequently approved.

An Information Systems Auditor II will independently plan and conduct audits of IT systems, cybersecurity controls, and technology‑enabled business processes. The role requires strong technical acumen, risk‑based thinking, and the ability to evaluate complex systems and data environments while contributing to the City’s commitment to accountability, transparency, and continuous improvement.

• Plan and perform IT audits and IT audit steps, including risk assessment, audit program development, and fieldwork.
• Evaluate IT governance, cybersecurity, and internal controls using frameworks such as NIST and COBIT.
• Conduct interviews, analyze data, and document findings clearly and objectively.
• Draft audit reports and present findings and recommendations to management.
• Perform data analysis to identify anomalies, trends, and control gaps using tools such as Excel, Power Query, or Audit Command Language (ACL).
• Assess compliance with IT policies, procedures, and regulatory requirements.
• Support external audits, fraud investigations, and consulting engagements.
• Participate in internal quality assessments and contribute to process improvements.

• Applies the Global Internal Audit Standards and the International Professional Practices Framework (IPPF).
• Demonstrates ethical judgment, objectivity, confidentiality, and professional skepticism.
• Uses risk‑based audit methodologies and critical thinking to evaluate IT controls, cybersecurity, and fraud risk.
• Communicates clearly and professionally with technical and non‑technical stakeholders; builds consensus and resolves conflicts constructively.
• Uses data analysis tools (e.g., Excel, Power Query, ACL) to identify trends and support audit findings.
• Manages time, budget, and tasks across multiple projects using project management principles.
• Understands IT governance, cybersecurity, data protection, and system resilience.
• Applies knowledge of IT control frameworks (e.g., NIST, COBIT) and enterprise systems (e.g., ERP, cloud platforms).
• Collaborates with IT, compliance, and risk management to align audit coverage and enhance risk oversight.

We value a diverse range of qualifications and experiences. Our organization views each year of further education as equivalent to each year of relevant work experience, and each year of additional relevant work experience as equivalent to each year of required education.

• Bachelor’s degree from an accredited college or university with major coursework in a related area of study.
• Three years of full‑time, professional experience in a related field.

• Experience in municipal or public sector IT environments.
• Certifications such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), or an advanced degree.
• Experience with cloud security, data analytics, or IT general controls.

Please contact Katie McLaughlin at katie.mclaughlin for any questions about this position.