The Maryland-National Capital Park and Planning Commission is a nationally recognized and award-winning agency providing land use planning; stewardship of natural, cultural and historic resources; and delivery of recreation programs to the communities it serves. The agency operates in the Montgomery and Prince George's County Regions. Additional information on the agency can be found on mncppc.org.
The agency is seeking a Sr. IT Auditor within the Office of the Inspector General (OIG), Walker Dr., Greenbelt, MD. The successful candidate will be responsible for developing, conducting and overseeing the IT Audit & Compliance Program for the OIG. The Sr. IT Auditor must be able to analyze and evaluate the IT control environment for technology risks. This will include the design and operating effectiveness of infrastructure and application controls, and IT general internal controls.
Specialized knowledge of Infor ERP application or other comparable ERP applications is preferred due to the applications far-reaching integrated nature. The successful candidate should be able to assess control issues raised by configuration and design decisions, business process controls, and access to transactions and system security.
Examples of Important Duties:
Independently executes IT audits, including development of audit plans and audit programs, facilitation of process interviews, documentation (work flows) of company processes and procedures, execution of internal controls testing, identification of risk, and communication of audit findings.
Prepares comprehensive audit work papers and internal audit reports reflecting the results of work performed, with agreed upon actions.
Performs advisory work for key processes or projects being implemented consisting of evaluating gaps, identifying risks and recommending mitigating controls.
Performs pre-implementation system/application reviews to ensure compliance with SDLC procedures as well as applicable internal control requirements.
Participates in enterprise-wide risk assessment interviews with key stakeholders, assist with organization-wide risk assessment, including creation of risk surveys and analysis of other risk factors in the organization.
Demonstrates and applies strong project management skills and use current technology and tools to enhance the effectiveness of deliverables and services.
Assists with the performance of other operational audits, where necessary.
Stay abreast of current business and industry trends relevant to employer's industry and computing technologies.
Our ideal candidate will have working knowledge of or be able to assess:
Network configuration and security (endpoint security, IDS, SIEM, Firewall)
Network security and system access
Program change/configuration management processes
Mobile device management
System backup and disaster recovery program, processes and procedures
Complex compliance standards (e.g. PCI, MPIA)
Excellent communication (written and verbal) and presentation skills
Microsoft Office Suite including advanced Excel skills, Visio and Access
Ability to obtain CISA or CIA certification
Bachelor's degree in finance, accounting, business administration, management, public administration, information technology, computer science, information security or any related field.
Four (4) years of progressively responsible experience in auditing.
An equivalent combination of education and experience may be substituted, that will total eight (8) years.
Valid driver's license in accordance with both State and Commission rules and regulations. Driver’s license must be unencumbered by restrictions, revocations, suspensions, or points that could limit the employee’s ability to drive Commission vehicles or perform driving duties required by the position or assignment.
A Bachelor's degree in Computer Science, IT Security, or Information Systems
Professional IT designation (e.g. CISA, CISSP)
Documented experience/responsibility for complete IT Audit Program (e.g. Audit Manager)
Writing sample will be required for final candidates.
Most of the work is performed in an office environment. Some work will be at field locations and not in an office environment. Employee at times will be required to work irregular hours in connection with audits of Commission activities which occur outside of regular working hours.
Employer does not assist with relocation costs.
About The Maryland-National Capital Park and Planning Commission
The Maryland-National Capital Park and Planning Commission is a bi-county agency empowered by the State of Maryland to acquire, develop, maintain and administer a regional system of parks within Montgomeryand Prince George's Counties, and to provide land use planning for the physical development of Prince George's and Montgomery counties. In addition, the Commission gained responsibility for the public recreation program in Prince George's County in 1970.