IT Auditor

Posting closes 3/26/2026

This position is responsible for auditing new and existing information system applications and infrastructure to ensure that appropriate controls exist and that procedures are in compliance with Department standards for conducting operational audits for data security and information integrity, and for providing technical expertise and assistance to other staff auditors in routine performance and process audits.

Examples of Work

The following examples are intended only as illustrations of various types of work performed. No attempt is made to be exhaustive. Related, similar, or other logical duties are performed as assigned. The Department may require employees to perform functions beyond those contained in job descriptions. The Department may modify job descriptions based on Department needs. The Arkansas Department of Transportation is an "at will" employer.

• Review and evaluate the internal controls for the Department’s information systems.
• Design and implement an audit plan and program to test the controls and security over information system applications and operations.
• Provide technical input, as needed, in the development of software systems within the Department.
• Prepare reports presenting findings and recommendations to policies, procedures and controls.
• Assess the effectiveness of IT general controls (ITGC) including access management, change management, and system operations.
• Review network security, system configurations, data protection practices, and disaster recovery procedures.
• Identify control weaknesses, security vulnerabilities, and operational inefficiencies.
• Perform risk assessments related to IT systems and processes.
• Monitor implementation of recommended improvements and corrective actions.
• Maintain documentation of audit procedures, evidence, and results.
• Stay updated on emerging IT risks, cybersecurity threats, and audit best practices.

Minimum Requirements

Education and experience: The educational equivalent to a bachelor’s degree from an accredited college or university in computer science, accounting, finance, or other related degree. Experience monitoring, maintaining, analyzing and resolving complex systems problems. Experience evaluating system hardware and/or software.

Knowledge, skills and abilities: Working knowledge of Microsoft Word, Excel, and Access. Knowledge of Government Auditing Standards. Strong organizational and communication skills. Ability to interpret and apply Department policies and procedures. Working knowledge of business processes and IT general controls. Information systems audit knowledge preferred. Knowledge of network and system security processes and practices. Knowledge of risk assessment methodologies. Knowledge of IT general controls (ITGC). Strong analytical and problem-solving skills. Ability to prioritize and multi-task.

Working conditions: Statewide travel, including overnight travel as necessary.

Licenses, registrations and certifications: Valid driver’s license. Certification as a Public Accountant (CPA), Certified Information Systems Auditor (CISA) Internal Auditor (CIA), Certification in Risk Management Assurance (CRMA), Certified Fraud Examiner (CFE) and/or Certified Internal Auditor (CIA preferred.

(“Accredited” means the educational institution or program is accredited by an accrediting organization recognized either by the United States Department of Education or by the Council for Higher Education Accreditation.)

A criminal background check will be required to determine suitability of employment, and failure to meet these standards may cause the applicant to be rejected or terminated from that position.