IT Auditor

• CURRENT PENN STATE EMPLOYEE (faculty, staff, technical service, or student), please login to Workday to complete the internal application process. Please do not apply here, apply internally through Workday.
• CURRENT PENN STATE STUDENT (not employed previously at the university) and seeking employment with Penn State, please login to Workday to complete the student application process. Please do not apply here, apply internally through Workday.
• If you are NOT a current employee or student, please click "Apply" and complete the application process for external applicants.

Approval of remote and hybrid work is not guaranteed regardless of work location. For additional information on remote work at Penn State, see Notice to Out of State Applicants.

POSITION SPECIFICS ​

Penn State Internal Audit is seeking to hire an IT Auditor with internal or external auditing experience to assist in performing audits designed to independently review and evaluate the University's information technology and operational controls. 

The position will:

• Work independently to perform all aspects of audit plans for College, Campus, Administrative Area, and process audits
• Apply accepted audit techniques to identify and assess the level of risk inherent in the operation under audit; obtain and analyze evidential matter and document such procedures; formulate and communicate audit conclusions
• Develop written audit reports of findings; present briefings on audit findings to management and appraise adequacy of corrective actions proposed or taken by management to improve deficient conditions
• Perform audit follow-up procedures and/or review audit follow-up responses to ensure management is addressing control weaknesses and process inefficiencies identified in audit reports in a timely manner
• Assist the IT Audit Supervisor in developing and/or revising audit programs and questionnaires
• Assist with investigations into possible fraud, waste, or abuse as assigned, using a high level of professional judgment
• Maintain high level of understanding and familiarity with current University policies and procedures and with industry standards and best practices in order to assess compliance, and to conclude on the adequacy of internal controls
• Provide consultation as requested to assure University policies and procedures and provide for adequate internal controls to mitigate and address risks
• Support departmental, Finance & Business and University wide strategic initiatives by participation in ongoing groups and teams

The successful candidate will demonstrate:

• Knowledge of auditing principles, practices, and procedures
• Knowledge of both General IT and Application IT controls
• Knowledge in data security requirements/standards highly preferred including Health Insurance Portability and Accountability Act (HIPAA), Electronic Protected Health Information (ePHI), National Institute of Standards and Technology (NIST and , and