JOB ANNOUNCEMENT - Texas State University

POSITION: Information Technology (IT) Auditor, Texas State University
The Texas State University System (TSUS) is seeking qualified candidates for the position of
an Information Technology (IT) Auditor at Texas State University and invites nominations and
applications for the position. The IT Auditor position reports to the Component Director of
Audits and Analysis, who in turn, reports to the Texas State University System Director of
Audits and Analysis (System Director). This position is housed in San Marcos, Texas, and will
be posted until filled.
Job Description: The IT Auditor position is responsible for independently planning and
performing IT audits that will:
 determine whether internal controls over information resources and related technology
are adequate to ensure that confidential data (student, academic, financial, and
operational) is protected from unauthorized use, access, or manipulation;
 determine whether the information technology infrastructure is adequately protected from
intentional or unintentional access, loss, damage, or destruction;
 determine whether the governance, risk management, and control processes over
information resources and related technology facilitate the production of reliable
financial, academic, and operating information;
 identify the effective extent to which information resources and related technology can be
recovered in support of the continuity of operations in the event of a business disruption;
 measure the level of compliance involving information resources and associated
technology with TAC 202, FISMA, NIST, FERPA, HIPAA, PCI, and other applicable
state and federal requirements, industry standards, and best practices.
Work is performed in accordance with the International Standards for the Professional Practice
of Internal Auditing and Government Auditing Standards and in accordance with the System’s
Rules and Regulations and established internal audit policies and procedures.
Duties: Candidates should:
 be able to evaluate general computer controls and the risks associated with a MS
Windows desktop and server environment, as well as, the appropriate segregation of data
owner/custodian/user responsibilities throughout a distributed computing environment;
 be able to identify and evaluate audit risks relative to role-based authentication and
authorization; client-server technology; ERP systems and RDBMS; web-based services
and applications; system development lifecycle and project management, server
virtualization, modern data center and general IT operations; data replication and
transmission; wireless and remote access controls; and other distributed network
technology, topography, security architecture, and parameter defense;
 be able to demonstrate a working knowledge of Texas statutory requirements applicable
to state government and public universities;
 be able to incorporate as applicable COBIT, ISO, ITIL, PMBOK, CMMI, and/or other
governance frameworks in planning and performing structured audits;
 be able to demonstrate excellent written and verbal communication skills and effective
interpersonal skills with the client;
 have the ability to plan, organize and conduct audit projects and the ability to work
independently and as part of a team, handling multiple assignments with little or no
guidance; and
 exercise professional independence and discretion.
The viable candidate will work under minimum supervision, with considerable latitude for the
use of initiative and independent judgment within the established organizational structure. The
viable candidate must use initiative and independent judgment, while following provided
guidance, consultation, and established practices and procedures.
Specific duties include, but are not limited to:
 administering internal control questionnaires and surveys;
 conducting audit risk assessments;
 preparing an IT audit strategy and plan in conjunction with the overall annual audit planning
 providing comprehensive work in the performance of audits and data analysis with an
emphasis on information technology audits;
 preparing organized, accurate and competent work papers that clearly document and support
conclusions regarding audit objectives;
 making recommendations for improving the IT governance, risk management, and internal
control processes;
 preparing and submitting audit reports; and
 presenting the results of audit work to management.
Performs other related duties as assigned.
Required Qualifications: Bachelor’s degree with a major in Computer Science, Computer
Information Systems, Management Information Systems, Accounting or related field from an
accredited university; experience performing information technology audits; certification as a
Certified Information Systems Auditor (CISA).
Preferred Qualifications: Any of the following are preferred:
 a minimum of four years’ experience in performing information technology audits
 experience auditing information technology in higher education
 experience auditing information technology in Texas state government
 experience using the TeamMate suite
 professional certification as either a CPA or a CIA
 an advanced degree in relevant field from an accredited university
 experience with SAP and/or Banner
 experience with Oracle and/or MS SQL
 experience in application control audits and a familiarity and understanding of
management information systems
experience using SQL or other industry database management tools
experience in evaluating multiple server operating systems
experience using ACL, IDEA, or similar data analysis software
proficiency with the Microsoft Office productivity suite
other relevant industry experience
More information on the internal audit function can be found in Chapter III, Section 7, of the
Rules and Regulations, Texas State University System:
Salary is commensurate with the successful applicant’s experience, qualifications, and
certifications. Benefits include paid vacation, sick leave, insurance, retirement contributions, and
other benefits provided to State of Texas employees. Relocation expenses will not be
Texas State University was authorized by the Legislature in 1899, opening in 1903 as Texas
State Normal School. It is part of the Texas State University System, the oldest university
system in Texas. Texas State's main campus is in San Marcos, halfway between Austin (the State
capital) and San Antonio. Texas State University consists of 268 buildings on its 486-acre main
campus and 5,038 additional acres in recreational, instructional, farm and ranch land. Texas
State University is the fourth largest university in the state of Texas with student enrollment at
approximately 37,000 and a 2014 operating budget totaling approximately $565 million. The
University offers 97 undergraduate, 88 master’s, and 12 doctoral programs. Texas State
University also offers bachelor’s and graduate-level courses at its Round Rock Higher Education
Center campus, which is located north of Austin in Round Rock, Texas.
To learn more about the campus and the Texas State University System, please visit
Screening of applications and nominations will begin immediately and continue until the position
is filled. To be considered for the position, candidates should visit and
complete the on-line application process for IT Auditor/ 2015245. Candidates should also
provide a cover letter (include in the letter your expected salary range) and resume through the
on-line application process.
Questions about the position can be directed to:
Mr. Steve McGee
Component Audit Director
Texas State University
[email protected]
The Texas State University System is an Equal Opportunity Employer