Regular Full-time, Pay Grade 43
The Senior IT Auditor autonomously conducts IT audit projects or leads project teams in conducting IT audit work. The work includes reviewing internal controls and security measures for the University's computing environment including programs, departments, colleges, campuses, and the University, focusing on the confidentiality, integrity, and availability of information; performing information technology risk and vulnerability assessments; performing security reviews for critical University systems, applications, and networks; and determining compliance with University policies and applicable regulations and standards such as HIPAA, PCI DSS, and FERPA. The Senior IT Auditor also develops audit techniques for new technologies and initiatives, performs project planning and management, communicates with audit clients, drafts recommendations and audit reports, and supervises student auditors and less experienced auditors conducting IT audit work. Audits are for University operations statewide and occasional travel, approximately 10%, is required.
Bachelor's degree in accounting, computer science, or other field with sufficient, relevant experience.
Five years of progressively responsible experience in auditing, information technology security, or other applicable experience which involves evaluating information technology controls.
Professional certification in auditing or information systems security, such as Certified Internal Auditor, Certified Information Systems Auditor, Certified Information Systems Security Professional, or GIAC.
Additional training in information technology auditing or computer security.
Master's degree and additional audit or IT-related certifications.
3 or more years IT management, security or operations experience.
Experience managing multiple, ongoing projects.
Experience developing project plans to achieve risk-based project objectives in a complex environment.
Experience auditing in a higher education environment.
Knowledge of HIPAA, PCI and the NIST internal control framework.
In addition to the application, applicants are encouraged to attach a cover letter, resume, and references.
University Of Tennessee