110 State Street
Minimum Qualifications You must be currently reachable on the appropriate eligible list for an Auditor 1 (Municipal), eligible under the 55 b/c program (see below), or eligible to transfer to this title under Section 70.1 of the Civil Service Law.
For a 70.1 transfer to an Auditor 1 (Municipal), SG-18, you must have one year of permanent competitive service in an approved 70.1 title allocated to a SG-16 or above and have 24 credit hours in accounting and/or auditing.
70.1 Transfer to a trainee 2:
For a 70.1 transfer to the trainee 2, you must have one year of permanent competitive service in an approved 70.1 title allocated to a salary grade 14 or above.
70.1 Transfer to a trainee 1:
For a 70.1 transfer to the trainee 1, you must have one year of permanent competitive service in an approved 70.1 title allocated to a salary grade 12 or above.
Depending on qualifications, you may be required to serve a 1 or 2-year traineeship that leads to the full level grade 18 position.
To determine if your current Civil Service title is eligible for transfer to this title, visit the Career Mobility GOT-IT website: Career Mobility Office » GOT-IT (ny.gov)
Appointments via transfer must not result in a second, consecutive transfer with an advancement of more than two S-grades or one M-grade.
This position may be designated 55 b/c and is subject to verification of applicant eligibility.
For a 55 b/c appointment, you must:
• Possess the minimum qualifications for the selected title as established by the Department of Civil Service and listed on the most recent exam announcement:
http://www.cs.ny.gov/examannouncements/announcements/oc-cr/decentralized/20-722.cfm (Trainee level)*
http://www.cs.ny.gov/examannouncements/announcements/oc-cr/decentralized/20-777.cfm (Senior level)*
• Meet the applicable minimal mental and/or physical requirements for the job (with a reasonable accommodation, if necessary)
• Have a current Eligibility Letter from the NYS Department of Civil Service, www.cs.ny.gov/rp55/, and be able to provide it to the Human Resources Office upon request.
*If you are currently 55b/c eligible and possess a bachelor’s degree and have 24 credit hours in accounting and/or auditing, we encourage you to apply for this position.
Duties Description Cybersecurity and IT-related Audits, Risk Assessments and Special Projects
• Perform and provide direct support for Division risk assessments and audits involving cybersecurity or IT concerns. Complete this support in a competent and efficient manner, and in accordance with IT security requirements, benchmarks and industry best practices and, GAGAS, Agency, Division and ATU policies and directives, where applicable. Key activities include,
o Develop audit scope, objectives and appropriate audit tests to sufficiently document the auditee’s compliance with audit requirements.
o Analyze and evaluate the adequacy of auditee IT policies and procedures.
o Conduct interviews with auditees and performs walk-throughs to assist in the evaluation of controls.
o Review general and application controls of auditees information security programs and perform various IT testing methodologies during audits.
o Gather, analyze, summarize and sufficiently document information to complete each assignment, applying technical and analytical skills to arrive at appropriate conclusions.
• Conduct research on various audit topics such as emerging technology trends for possible new or enhanced guidance (e.g., webinars, publications) and tools (e.g., computerized audit scripts) ATU could develop for the Division’s auditors to use.
• Assist with expanding the Division’s cybersecurity audit capacity. This will require a proactive role, researching, learning and suggesting potential uses for technology and helping apply the audit techniques that are available with this technology. Participate in training related to cybersecurity audits.
Provide Training and Technical Assistance
• Gain knowledge of IT security requirements, benchmarks and industry best practices and, GAGAS, Agency, Division and ATU policies and directives and provide guidance and technical assistance to others in the Division, and to local and school officials when requested.
• Provide training to local and school officials and/or auditors at conferences, meetings as assigned that presents acceptable and applicable content which is prepared and presented in a professional manner.
Additional Comments Desired Competencies or Knowledge, Skills and Abilities
• Strong work ethic and positive attitude
• Effectively demonstrates a working knowledge of routine cybersecurity and IT-related concepts (e.g., Network user account management)
• Technology audit experience (i.e., Cybersecurity or IT-related audits or audit aspects)
• Strong analytical thinking and problem-solving skills.
• Possess effective oral and written communication skills, including excellent interpersonal skills with staff and customers, both virtually and in-person
• Performs tasks accurately, within specific time frames and/or under time constraints,
• Capable of working independently and in a team environment
The Office of the New York State Comptroller (OSC) supports telecommuting where it is reasonable to do so based upon the agency’s mission and operational needs. Generally, employees new to OSC will be restricted from telecommuting for at least 8 calendar weeks. After the initial 8 calendar week restriction, if an employee’s duties and work performance are aligned with telecommuting they may be allowed to do so. Upon approval to telecommute, OSC employees may telecommute up to 5 days per pay period.
Some positions may require additional credentials or a background check to verify your identity.
110 State Street, 12th Floor
Notes on ApplyingSubmit a clear, concise cover letter and resume stating how you meet the above minimum qualifications to email@example.com, no later than December 19, 2023. Reference Item #04236-SAB in the subject line and on the cover letter for proper routing.
If you have questions about this vacancy, please contact this Division representative:
Jennifer Haviland, firstname.lastname@example.org
When responding, please include the reference number and letters listed in this section only. The OER ID # should not be included.