Chicago Public Schools
Senior Auditor, IT
Chicago Public Schools, Chicago, Illinois, United States, 60290
Chicago Public Schools (CPS) is the third-largest school district in the United States, serving over 340,000 students in 600+ schools and employing nearly 36,000 people, most of them teachers. CPS has set ambitious goals to ensure that every student, in every school and every neighborhood, has access to a world-class learning experience that prepares each for success in college, career, and civic life. In order to fulfill this mission, we make three commitments to our students, their families, and all Chicagoans: academic progress, financial stability, and integrity. Six core values are embedded within these commitments - student-centered, whole child, equity, academic excellence, community partnership, and continuous learning.
As a member of the Internal Audit and Advisory Services team, the Senior IT Auditor will report to the Executive Director of Internal Audit and join a dynamic group of professionals with various technology, business and operational backgrounds to:
Conduct risk-based reviews of technology processes and controls in partnership with the Information Technology team and other key stakeholders to help ensure the stability of operations and security for the District.Partner with IAAS leadership along with other key stakeholders to strengthen the district's compliance program through audits and other consultative reviews.Collaborate with various stakeholders on planning, testing and evaluation procedures, and ensure stability and compliance with audit and regulatory requirements/mandates. Areas of focus include, but are not limited to IT General Controls, information security, system implementation and change management activities, and IT asset management.The Senior Auditor, IT will be held accountable for the following responsibilities:
Use proficiency in project management skills to manage the planning, execution, and overall performance of concurrent IT Audit projects and is adept at managing several projects and initiatives simultaneously through appropriate prioritization.Develop and maintain productive client, staff, and management relationships through individual contacts and group meetings.Prepare materials to support IT audit meetings, including status reports, planning/scoping documents or presentations, kickoff, and exit meeting decks, conducting walkthrough and testing meetings; auditing practices, including risk assessment, walkthroughs, sampling and testing methodologies, and analysis of results for potential exceptions/issues; performing tests of controls and documenting test procedures to identify potential exceptions.Support strategic initiatives and administrative activities to add value to the productivity and growth of the Internal Audit & Advisory Services department. Audit engagements may consist of stand-alone (limited scope) reviews or full-scope integrated audits with other audit team members (i.e., IT, operational, finance audits).Perform business application and system development reviews to ensure proper controls are developed and maintained.Communicate clearly, concisely, and accurately using written and verbal communications.Influence client management to drive measurable action plans to address control deficienciesDocument referenced audit work papers in line with IPPF and PCAOB standards.Provide timely feedback to key stakeholders on assigned projects.In order to be successful and achieve the above responsibilities, the Senior Auditor, IT must possess the following qualifications:
Education Required:
Bachelor's degree in computer science, accounting, business, finance, economics, or related field. Masters preferred.Active certification as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), CRISC Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or other internal audit related certifications, preferred.Experience Required:
Minimum of 3-5 years experience in public accounting or Internal Audit.Demonstrated ability to successfully conduct audit interviews, develop and execute audit test steps/documentation to evaluate the effectiveness of Information Technology General Controls and system-dependent automated controls, reports and queries.Broad business acumen, including an ability to engage in a wide variety of business discussions and quickly learn new and/or complex concepts.Experience with testing and documenting Sarbanes-Oxley (SOX) controls and applying judgement in evaluating IT risks, controls and underlying business, operational and /IT processes.Information security/governance, risk & compliance experience.Experience working with large ERP systems (e.g., Oracle, PeopleSoft) is a plus.Experience in education and the public sector is a plus.Knowledge, Skills, and Abilities:
Ability to apply internal auditing principles best practices, including a solid working knowledge of the International Professional Practices Framework (IPPF), National Institute of Standards and Technology (NIST) Framework, and Control Objectives for Information and Related Technologies (COBIT)Understanding of systems development, IT control frameworks, database management systems, SDLC, general IT controls, application controls, cyber security, COBIT, COSO, and SOX 404 requirements relating to IT systems and processes.Applied skills with assessing data privacy and governance principles, IT regulatory risks, IT infrastructure operations including network security, operating systems, databases, middleware, patch management, cloud security, and data center operations (e.g. disaster recovery, backups)Conditions of Employment
As a condition of employment with the Chicago Public Schools (CPS), employees are required to:
Establish/Maintain Chicago Residency
- Employees are required to live within the geographic boundaries of the City of Chicago within six months of their CPS hire date and maintain residency throughout their employment with the district.Be Fully Vaccinated Against COVID-19
- Unless approved for a medical or religious exemption, all employees are required to be up-to-date on COVID-19 vaccinations, including boosters, and to submit proof of vaccination to the district within 30 days of hire. "Up-to-date" on vaccination is defined as being at least two weeks past all primary vaccine doses and any applicable boosters.
CPS Non-Union Job Grade: S07
Estimated Annual Salary Range: $66,000 - $87,500
Final salary offers are dependent upon candidate qualifications.
As a member of the Internal Audit and Advisory Services team, the Senior IT Auditor will report to the Executive Director of Internal Audit and join a dynamic group of professionals with various technology, business and operational backgrounds to:
Conduct risk-based reviews of technology processes and controls in partnership with the Information Technology team and other key stakeholders to help ensure the stability of operations and security for the District.Partner with IAAS leadership along with other key stakeholders to strengthen the district's compliance program through audits and other consultative reviews.Collaborate with various stakeholders on planning, testing and evaluation procedures, and ensure stability and compliance with audit and regulatory requirements/mandates. Areas of focus include, but are not limited to IT General Controls, information security, system implementation and change management activities, and IT asset management.The Senior Auditor, IT will be held accountable for the following responsibilities:
Use proficiency in project management skills to manage the planning, execution, and overall performance of concurrent IT Audit projects and is adept at managing several projects and initiatives simultaneously through appropriate prioritization.Develop and maintain productive client, staff, and management relationships through individual contacts and group meetings.Prepare materials to support IT audit meetings, including status reports, planning/scoping documents or presentations, kickoff, and exit meeting decks, conducting walkthrough and testing meetings; auditing practices, including risk assessment, walkthroughs, sampling and testing methodologies, and analysis of results for potential exceptions/issues; performing tests of controls and documenting test procedures to identify potential exceptions.Support strategic initiatives and administrative activities to add value to the productivity and growth of the Internal Audit & Advisory Services department. Audit engagements may consist of stand-alone (limited scope) reviews or full-scope integrated audits with other audit team members (i.e., IT, operational, finance audits).Perform business application and system development reviews to ensure proper controls are developed and maintained.Communicate clearly, concisely, and accurately using written and verbal communications.Influence client management to drive measurable action plans to address control deficienciesDocument referenced audit work papers in line with IPPF and PCAOB standards.Provide timely feedback to key stakeholders on assigned projects.In order to be successful and achieve the above responsibilities, the Senior Auditor, IT must possess the following qualifications:
Education Required:
Bachelor's degree in computer science, accounting, business, finance, economics, or related field. Masters preferred.Active certification as Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), CRISC Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or other internal audit related certifications, preferred.Experience Required:
Minimum of 3-5 years experience in public accounting or Internal Audit.Demonstrated ability to successfully conduct audit interviews, develop and execute audit test steps/documentation to evaluate the effectiveness of Information Technology General Controls and system-dependent automated controls, reports and queries.Broad business acumen, including an ability to engage in a wide variety of business discussions and quickly learn new and/or complex concepts.Experience with testing and documenting Sarbanes-Oxley (SOX) controls and applying judgement in evaluating IT risks, controls and underlying business, operational and /IT processes.Information security/governance, risk & compliance experience.Experience working with large ERP systems (e.g., Oracle, PeopleSoft) is a plus.Experience in education and the public sector is a plus.Knowledge, Skills, and Abilities:
Ability to apply internal auditing principles best practices, including a solid working knowledge of the International Professional Practices Framework (IPPF), National Institute of Standards and Technology (NIST) Framework, and Control Objectives for Information and Related Technologies (COBIT)Understanding of systems development, IT control frameworks, database management systems, SDLC, general IT controls, application controls, cyber security, COBIT, COSO, and SOX 404 requirements relating to IT systems and processes.Applied skills with assessing data privacy and governance principles, IT regulatory risks, IT infrastructure operations including network security, operating systems, databases, middleware, patch management, cloud security, and data center operations (e.g. disaster recovery, backups)Conditions of Employment
As a condition of employment with the Chicago Public Schools (CPS), employees are required to:
Establish/Maintain Chicago Residency
- Employees are required to live within the geographic boundaries of the City of Chicago within six months of their CPS hire date and maintain residency throughout their employment with the district.Be Fully Vaccinated Against COVID-19
- Unless approved for a medical or religious exemption, all employees are required to be up-to-date on COVID-19 vaccinations, including boosters, and to submit proof of vaccination to the district within 30 days of hire. "Up-to-date" on vaccination is defined as being at least two weeks past all primary vaccine doses and any applicable boosters.
CPS Non-Union Job Grade: S07
Estimated Annual Salary Range: $66,000 - $87,500
Final salary offers are dependent upon candidate qualifications.