NYS Office of Temporary & Disability Assistance · 1 day ago
Information Systems Auditor 1
Albany, NY
Full-time
Hybrid
Entry Level
$87K/yr - $110K/yr
3+ years expNYS Office of Temporary & Disability Assistance is seeking an Information Systems Auditor to support the Chief Information Security Office. The role involves providing technical and governance support in implementing and maintaining compliance with information security requirements, as well as assisting in audits and documentation preparation.
EventsLogisticsSocial Media
Responsibilities
Provide technical and governance support to the Agency CISO and Information Security Office (ISO) team in implementing, auditing, and maintaining compliance with state and federal information security requirements
Assist in performing key functions associated with the OTDA information security and information technology solutions, including but are not limited to: Governance, Risk, and Compliance (GRC) collaboration, audit execution, technical control validation, developing, monitoring and modifying business rules; triaging reportable incidents and breaches
Assist in coordinating and preparing technical documentation, evidence, and responses for internal, federal, and state audits including, but not limited to Internal Revenue Service (IRS), Social Security Administration (SSA), National Institute of Standards and Technology (NIST), NYS Office of Information Technology Services (ITS)
Support continuous monitoring processes and assist in drafting Information Security documents such as System Security Plans (SSPs), Security Assessment Report (SARs), and Plan of Action and Milestones (POA&Ms)
Perform limited technical assessments of access controls, encryption, and logging configurations under direction of the CISO
Assist with evidence preservation and incident documentation during cyber security events; support analysis of risk registers, vulnerability reports, and remediation tracking
Assist in drafting, updating or reviewing OTDA Information Security and Information Technology Policies (OTDA’s Administrative Policies and Procedures Manual (APPMs), Standard Operating Procedures (SOPs) and compliance documentation with attorneys and the CISO
Support training coordination and awareness initiatives for staff; maintain inventories of systems containing personal, private, and sensitive information (PPSI), Federal Tax Information (FTI), or Personally Identifiable Information (PII)
Assist in developing audit dashboards and Key Performance Indicator (KPI) tracking metrics for CISO reporting
Assist in writing clear, accurate and concise OTDA Information Security and Information Technology related agency directives and documentation (forms, guides, bulletins, etc.) meeting agency needs, including the development of mitigation strategies
Perform auditing and control validation, evaluating system security and compliance with federal programs
Provide hands-on technical and compliance support for CISO; conducts reviews and assists in maintaining system integrity as well as support operational continuity functions necessary for ongoing compliance and audit readiness; and
Provide advice and guidance to the CISO on all issues involving information governance, security and compliance risks and work with programs across OTDA to facilitate the development, implementation, monitoring and enforcement of OTDA policies necessary to bring and keep OTDA data in compliance and keep the data secure and confidential in accordance with agency obligations
Qualification
Required
A bachelor's degree and three years of IT auditing experience; or an associate's degree and five years of IT auditing experience
IT auditing experience must have been gained in any one or combination of the following: an information system or audit professional with responsibility for designing, developing, and evaluating mainframe and server-based audit systems; an information system or audit professional with responsibility for designing and programming tests to perform audits of physical and logical access controls of mainframe and server-based systems; an information system or audit professional with responsibility for data extraction, manipulation and analysis using information from diverse sources, including preparation and presentation of written reports of findings suitable for non-technical audience; and an information system or audit professional with responsibility for supporting an audit group, including developing and maintaining audit systems and identifying and providing data in support of audit activity
Eligible for a lateral transfer or eligible for transfer under Section 52.6 or 70.1 of the Civil Service Law by having one year of permanent competitive service in an appropriate title
Candidates must be legally authorized to work in the United States
Preferred
A bachelor's degree with emphasis on Information Technology, Auditing and/or Information Security Industry certifications: ISACA - Certified Information Systems Auditor (CISA), Cybersecurity Audit Certificate, Software Development Fundamentals Certificate
ISC2 - Certified Information Systems Security Professional (CISSP), Governance, Risk and Compliance Certification (CGRC), Certified Secure Software Lifecycle Professional (CSSLP) or similar
Benefits
Telecommuting up to 50% may be available in accordance with The Office of Temporary and Disability Assistance policy and can be discussed during the interview.
Company
NYS Office of Temporary & Disability Assistance
The Office of Temporary and Disability Assistance (OTDA) is responsible for supervising programs that provide assistance and support to eligible families and individuals.
1001-5000 employees
Funding
Current Stage
Late StageCompany data provided by crunchbase