Sign upLog in

IT Auditor 3+ - Cybersecurity Audit (Internal Only)

State of Washington

Olympia, WA

Apply
JOB DETAILS
SALARY
$7,443–$10,004 Per Year
SKILLS
Aged Care, Analysis Skills, Auditing, Best Practices, CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, Childcare, Collective Bargaining, Communication Skills, Compensation and Benefits, Computer Security, Control Systems, Customer Relations, Data Analysis, Data Collection, Diversity, Documentation, Documentation Review, Employee Benefits, Establish Priorities, Flexible Spending Accounts, GSEC - GIAC Security Essentials Certification, Government, Health Maintenance, Healthcare, IT Requirements, Information Technology & Information Systems, Information Technology Consulting, Information Technology/Systems Audit, Information/Data Security (InfoSec), Internal Audit, Internet Security, Local Government, Nonprofit, Operational Support, Project/Program Management, Public Administration, Regulations, Reporting Skills, Security Analysis, Security Auditing, Social Media, State Government, Student Loans, Systems Administration/Management, Team Player, Technical Analysis, Technical Support, Testing, Time Management, Use Tax, Volunteer Experience, Vulnerability Scanners, Writing Skills
LOCATION
Olympia, WA
POSTED
19 days ago

IT Auditor 3+ - Cybersecurity Audit (Internal Only)

Salary

$7,443.00 - $10,004.00 Monthly

Location

Thurston County - Olympia, WA

Job Type

Agency Internal Promotional - Permanent

Remote Employment

Flexible/Hybrid

Job Number

2026-04492

Department

Auditors Office

Opening Date

06/04/2026

Closing Date

6/11/2026 11:59 PM Pacific

Salary Information

The high end of the salary range, Step M is typically a longevity step

  • Description
  • Benefits
  • Questions

Description

This listing is for current employees of the Office of the Washington State Auditor

It Auditor 3+ - Cybersecurity Audit (Internal Only)

Be valued. Be challenged. Build a career.

At the State Auditor's Office, we are working together to make a real difference in how government operates. We are always looking for new ideas to ensure our work provides value to the clients we serve, and we take pride in the services we perform for the governments and for the people of Washington.

We are committed to building and maintaining a workplace environment that is collaborative and supports all employees as we effectively carry out the agency's mission. This includes ensuring inclusion and equity throughout the agency, while embracing the individual differences of our employees and clients. We believe that diverse perspectives and backgrounds are fundamental to doing our best work.

With 15 offices statewide, 400 positions and important work to do, we always welcome talented people to join our team. Get to know us! We share more about who we are and what we do on social media, using the hashtag #WeAreSAO and on our website at: Current Openings and Internships - Office of the Washington State Auditor.

A job and benefits that support a healthy work/life balance.

The Washington State Auditor's Office (SAO) prides itself in offering flexible schedules and a hybrid work environment that helps our staff balance work and life. We also offer a comprehensive package of health and wellness benefits to employees, including:

  • Full benefits package. Click here to learn more.
  • Paid vacation, sick leave and holidays.
  • Growth and development opportunities, including 80+ hours of training each biennium
  • Educational and professional certification reimbursements
  • An agency-wide commitment to diversity, equity, inclusion and respect in the workplace

About Team Cybersecurity Audit:

Our team completes cybersecurity performance audits with State and Local governments to improve IT security. Our cybersecurity audits examine IT systems, looking for weaknesses that attackers could exploit and proposing solutions to help strengthen those systems.

Mission

We collaborate with governments to provide actionable recommendations to improve the security posture of IT systems supporting essential government operations and services.

This will be accomplished by:

  1. Building trust and relationships with clients and others we work with.

  2. Sharing knowledge about cybersecurity leading practices and available resources.

  3. Scoping audits in a flexible manner that meets each auditee's individual needs.

  4. Completing quality and timely audits with prioritized recommendations.

  5. Refining methods and approaches to stay relevant and meet emerging needs.

Vision

Secure government.

Duties

The Role of an IT Auditor

As part of the IT Audit team this position will assist with each part of a cybersecurity audit engagement, from audit planning through final audit presentation. In addition, IT auditors may also work on other IT audit projects. SAOs IT Audit team evaluates a variety of government agencies and local governments. As a result of the audit relevancy, staff have broad exposure to policymakers and executives throughout state and local government. Auditors serve on a team and may also manage contractors for portions of their assigned work. SAO IT auditors assist, develop, lead, and conduct independent cybersecurity performance audits. Because this work is demanding, time bound, and important, auditors must have superior time and project management skills.

  • For additional details regarding the position, please review the position description here: CS_IT_Auditor_3_ASA5_PDF.docx

Qualifications

Successful Candidate Profile

SAO is seeking candidates who are able to:

  • Demonstrate an understanding of IT security requirements and best practices.
  • Produce qualitative analyses of superior quality.
  • Excel at documenting their work; writing results; and presenting their work to audiences ranging from

team members to legislative members and staff.

  • Demonstrate skill with project management, management control systems, research design, data

collection, data analysis, and report writing.

  • Develop recommendations that improve IT security and increase accountability.
  • Have a functional understanding of public administration and government.
  • Effectively communicate verbally and in writing with a variety of audiences, including colleagues,

audited agencies, and the public.

IT Auditor 3+ - An IT Auditor 3+ is responsible for overall audit planning through final audit presentation of any size or level of complexity cybersecurity audits.

  • Independently leads audits that cover increasingly complex cybersecurity environments, which may involve multiple state agencies, local governments or levels of government. Provides expert level technical services in security for cybersecurity audits.

  • May lead larger, more complex audits and coordinate the efforts of other auditors to accomplish the overall audit objectives under the direction of an assistant audit manager or audit manager. These large audits involve multiple agencies or levels of government, have complex IT security environments and several layers of applicable laws or regulations and require significant IT security knowledge. May lead audits and projects that include multiple IT audit staff and be responsible for the entire audit.

  • Identifies, develops and refines leading practice criteria used by auditors to test state and local government alignment with leading practices. Is able to compare and contrast different leading practices and standards, summarize differences and articulate the impact and applicability to the audits of using different standards. Understands data with IT security special handling requirements and how the data impact to the audit, and how those special handling requirements overlap with different leading practices.

  • Independently coordinating and scoping technical testing performed by SAO consultants or SAO IT security specialists in most IT security environments but may need Security Specialist assistance in a more complex and mature IT security environment. Can conduct and take the lead accurately analyzing most technical testing in moderate to complex environments. Needs some assistance with more complex technical tests such as vulnerability scans. Continues to collaborate with team members to ensure optimal scoping, implementation and analysis.

  • Independently assess the results of work performed to develop meaningful IT security recommendations. Is able to draw accurate conclusions using the information gathered through interviews, observation, security testing and document reviews to determine control alignment and gaps, make recommendations based on audit results for controls in most IT security environments. Occasionally, still needs some assistance. In consideration of all the IT security testing completed, is able to identify the most significant weaknesses and strengths within the scope of IT security program reviewed. Occasionally, still needs some Security Specialist assistance for new, complex controls. Continues to collaborate with team members to ensure optimal IT security recommendations.

Requirements include a bachelors degree and at least two years in IT audit and has obtained either a relevant professional certification including but not limited to: Certified Information System Auditor (CISA), General Security Essentials Certification (GSEC), Certified Information System Security Processional (CISSP), or a Masters degree in data analytics, cybersecurity or closely related field. Degree in a field applicable to IT security and/or analyzing government programs is strongly preferred. Preference may be given to a candidate with experience with governments, performance auditing and/or accountability auditing and technical knowledge and associated with cybersecurity.

  • Relevant volunteer and/or work experience may substitute for education on a year-for-year basis.

Supplemental Information

To apply, please submit:

1) Your completed application through careers.wa.gov, including detailed responses to any supplemental questions

2) A letter of interest specifically addressing how you meet the qualifications listed in the announcement

  • Pay for an IT Auditor 3+ will include assignment pay in addition to the salary listed.

Degrees awarded outside the United States must include a credential evaluation report. If you are a US Veteran and would like to apply for Veterans Preference, attach a copy of Form DD214

military record showing honorable discharge.

Questions may be directed to the applications unit at applicationsunit@sao.wa.gov.

The Washington State Auditors Office is an equal opportunity employer. Persons with a disability, who need assistance in the application or testing process, or who need this announcement in an alternative format, may call (360) 725-5618 or via the telecommunications relay service by dialing 7-1-1.

More than Just a Paycheck!

Employee benefits are not just about the kind of services you get, they are also about how much you may have to pay out of pocket. Washington State offers one of the most competitive benefits packages in the nation.

We understand that your life revolves around more than just your career. Like everyone, your first priority is ensuring that you and your family will maintain health and financial security. Thats why choice is a key component of our benefits package. We have a selection of health and retirement plans, paid leave, staff training and other compensation benefits that you can mix and match to meet your current and future needs.

Read about our benefits:

The following information describes typical benefits available for full-time employees who are expected to work more than six months. Actual benefits may vary by appointment type or be prorated for other than full-time work (e.g. part-time); view the job posting for benefits details for job types other than full-time.

Note: If the position offers benefits which differ from the following, the job posting should include the specific benefits.

Insurance Benefits

Employees and their families are covered by medical (including vision), dental and basic life insurance. There are multiple medical plans with affordable monthly premiums that offer coverage throughout the state.

Staff are eligible to enroll each year in a medical flexible spending account which enables them to use tax-deferred dollars toward their health care expenses. Employees are also covered by basic life and long-term disability insurance, with the option to purchase additional coverage amounts.

To view premium rates, coverage choice in your area and how to enroll, please visit the Public Employees Benefits Board (PEBB) website. The Washington Wellness program from the Health Care Authority works with PEBB to support our workplace wellness programs.

Dependent care assistance allows the employee to save pre-tax dollars for a child or elder care expenses.

Other insurance coverage for auto, boat, home, and renter insurance is available through payroll deduction.

The Washington State Employee Assistance Program promotes the health and well-being of employees.

Retirement and Deferred Compensation

State Employees are members of the Washington Public Employees Retirement System (PERS). New employees have the option of two employer contributed retirement programs. For additional information, check out the Department of Retirement Systems web site.

Employees also have the ability to participate in the Deferred Compensation Program (DCP). This is a supplemental retirement savings program (similar to an IRA) that allows you control over the amount of pre-tax salary dollars you defer as well as the flexibility to choose between multiple investment options.

Social Security

All state employees are covered by the federal Social Security and Medicare systems. The state and the employee pay an equal amount into the system.

Public Service Loan Forgiveness

If you are employed by a government or not-for-profit organization, and meet the qualifying criteria, you may be eligible to receive student loan forgiveness under the Public Service Loan Forgiveness Program.

Holidays

Full-time and part-time employees are entitled to paid holidays and one paid personal holiday per calendar year.

Note: Employees who are members of certain Unions may be entitled to additional personal leave day(s), please refer to position specific Collective Bargaining Agreements for more information.

Full-time employees who work full monthly schedules qualify for holiday compensation if they are employed before the holiday and are in pay status for at least 80 nonovertime hours during the month of the holiday; or for the entire work shift preceding the holiday.

Part-time employees who are in pay status during the month of the holiday qualify for the holiday on a pro-rata basis. Compensation for holidays (including personal holiday) will be proportionate to the number of hours in pay status in the month to that required for full-time employment, excluding all holiday hours. Pay status includes hours worked and time on paid leave.

Sick Leave

Full-time employees earn eight hours of sick leave per month. Overtime eligible employees who are in pay status for less than 80 hours per month, earn a monthly proportionate to the number of hours in pay status, in the month to that required for full-time employment. Overtime exempt employees who are in pay status for less than 80 hours per month do not earn a monthly accrual of sick leave.

Sick leave accruals for part-time employees will be proportionate to the number of hours in pay status, in the month to that required for full-time employment. Pay status includes hours worked, time on paid leave and paid holiday.

Vacation (Annual Leave)

Full-time employees accrue vacation leave at the rates specified in WAC 357-31-165(1) or the applicable collective bargaining agreement (CBA). Full-time employees who are in pay status for less than 80 nonovertime hours in a month do not earn a monthly accrual of vacation leave.

Part-time employees accrue vacation leave hours in accordance with WAC 357-31-165(1) or the applicable collective bargaining agreement (CBA) on a pro rata basis. Vacation leave accrual will be proportionate to the number of hours in pay status, in the month to that required for full-time employment.

Pay status includes hours worked, time on paid leave and paid holiday.

As provided in WAC 357-58-175, an employer may authorize a lump-sum accrual of vacation leave or accelerate the vacation leave accrual rate to support the recruitment and/or retention of a candidate or employee for a Washington Management Service position. Vacation leave accrual rates may only be accelerated using the rates established WAC 357-31-165.

Note: Most agencies follow the civil service rules covering leave and holidays for exempt employees even though there is no requirement for them to do so. However, agencies are required to adhere to the applicable RCWs pertaining holidays and leave.

Military Leave

Washington State supports members of the armed forces with 21 days paid military leave per year.

Bereavement Leave

Most employees whose family member or household member dies, or for loss of pregnancy, are entitled to five (5) days of paid bereavement leave. In addition, the employer may approve other available leave types for the purpose of bereavement leave.

Additional Leave

Leave Sharing

Parental Leave

Family and Medical Leave Act (FMLA)

Leave Without Pay

Please visit the State HR Website for more detailed information regarding benefits.

Updated 01-07-2026

01

Are you currently an employee with the Office of the Washington State Auditor?

  • Yes
  • No

02

I have included my letter of interest?

  • Yes
  • No

Required Question

Employer State of Washington

Address View Job Posting for Agency Information

View Job Posting for Location, Washington, 98504

Website http://www.careers.wa.gov

About the Company

S

State of Washington