It Audit And Compliance Specialist

County of Santa Clara
Full Time $144,763 - $175,959 Per year CA 180 W Tasman Dr, San Jose, CA 95134, United States Apply before 5/28/2024 11:59


Under general supervision, to plan, conduct and report on a wide range of IT audits; to identify, document and formulate action plans; and implement such plans and mitigation strategies in a timely fashion.

- Join a Culture of Growth and Well-Being - 
 Technology Services and Solutions (TSS) is the County of Santa Clara’s 

primary information technology solutions provider. Working with other County 

departments and local government customers, TSS develops innovative, 

cost-effective technology solutions that aim to enhance the quality of life for 

the residents of Santa Clara County. TSS is where technical creativity thrives.  
 Our employees are our most valuable asset, and the success of our organization 

depends on each one. We believe that happy employees are the most creative 

and productive, so it’s essential that our employees find fulfillment in what

 they do. To encourage growth, we provide learning and development 

opportunities. We also understand the significance of work-life balance 

and offer a hybrid work schedule. This culture of growth and 

well-being makes TSS a great place to work. Learn 

more about us by visiting our .

Please Note This recruitment is scheduled to include a written examination; the test will be conducted online through a secure third party.  
The week of June 12, 2024, test information will be sent via email to the address attached to your application.  Prior to completing the exam, there is a brief system set-up step to be completed.

Typical Tasks

  • Coordinates the receipt of supportive evidence documentation for the written audit response; confirms responses are thorough and sufficient;
  • Performs specialized information system audits such as testing adherence to adopted hardware and software standards; 
  • Performs risk assessments and determines the level of risk;
  • Develops implementation plans for newly adopted County policies;
  • Provides audit and compliance coaching/ mentoring to audit and compliance to less experienced team members;
  • Monitors compliance with laws, regulations, contracts and IT policies;
  • Follows up on corrective action plans with impacted departments in response to IT Asset Management internal audit findings;
  • Contributes to the development of the IT compliance strategy and planning;
  • Collaborates with the County throughout the IT organization to include internal/external auditors;
  • Executes IT's internal audit program including quarterly financial, operational, and technology compliance audits;
  • Extracts and manipulates test data from mid-sized computers, client servers, or PC's using audit software and other ad hoc reporting tools;
  • Assists internal and external auditors with financial, technology and operational audits;
  • Updates and escalates problems for resolution during the auditing process;
  • Communicates audit test results and findings;
  • Works with staff and managers to ensure issues are identified and documented and assists with the development and implementation of action plans and mitigation strategies;
  • Determines when audit items can be closed;
  • Researches established policies for specific issues and areas;
  • Assists in building compliance protocols;
  • Manages IT policy adoption workflow;
  • Educates staff on policies and procedures; creates awareness of risks;
  • May be assigned as a Disaster Service Worker, as required;
  • Performs other related duties as required.

Employment Standards

Sufficient education, training, and experience to demonstrate the possession and direct application of the following knowledge and abilities:

Training and Experience Note: 

Possession of a Bachelor's degree from an accredited college in Business, Finance, Information Technology, Engineering or a related field or a Juris Doctor degree,


Five (5) years of experience conducting audits and/or developing and implementing policies, procedures and controls, two (2) years of which must be conducting policy and compliance activities in a business technology environment.


Training and experience equivalent to the possession of a Bachelor's degree.  Relevant analytical, administrative, lead, supervisory or management experience that includes interpreting rules and regulations, gathering data and formulating recommendations, and report writing can substitute for education on a year-for-year basis;


Seven (7) years of experience conducting audits and/or developing and implementing policies, procedures and controls, two (2) years of which must be conducting policy and compliance activities in a business technology environment.

Special Requirements

  • Ability to travel to alternate locations in the course of work.  If driving, possession of a valid California Driver's License prior to appointment and the ability to qualify for and maintain a County driver authorization.
  • Depending on the position, related certifications may be desirable.

Knowledge of:

  • Audit controls and standards including COBIT, GASB, OMB Circular A-133, the Government Accountability Office's Generally Accepted Government Auditing Standards, ITGC, etc.;
  • Auditing techniques within an IT environment;
  • Risk assessment;
  • Quarterly financial, operational and technology compliance auditing;
  • Audit software and other reporting tools;
  • Principles of effective communication;
  • Corrective action plans as a result of IT auditing;
  • Compliance protocols.

Ability to:

  • Analyze data using various technologies;
  • Communicate detailed concepts and business risks;
  • Apply auditing, accounting, computer, and management principles;
  • Utilize audit software and BI reporting tools to interrogate data residing in computer systems;
  • Work collaboratively with others, both within the County and external to the County;
  • Conduct a variety of IT internal audits;
  • Monitor compliance with laws, regulations, and county and IT policies;
  • Document evidence in writing; 
  • Perform specialized information system audits;
  • Perform risk assessments;
  • Research policies for specific issues and areas;
  • Develop and implement newly adopted policies;
  • Educate staff on policies and procedures;
  • Coach and mentor less experienced staff on audit and compliance.