Salary: $75,814.00 - $113,721.00 Annually

Location : Wake County, NC

Job Type: Permanent Full-Time

Remote Employment: Remote Optional

Job Number: 25-00211 60087597 EHRA

Department: Department of Information Technology

Division: Chief Deputy for Internal Ops

Opening Date: 01/09/2025

Closing Date: 1/24/2025 5:00 PM Eastern

Job Class Title: IT Auditor

Position Number: 60087597

Salary Grade: DT09

Description of Work

Looking to take the next step in your career?

Discover why NCDIT is the ideal destination for your professional growth -

We currently have an opening for an IT Compliance Specialist

The position is designated Statutory Exempt and is exempt from the State Human Resources Act.

The IT Compliance Specialist willserve as the lead for the internal compliance unit of the Business Operations team of NCDIT and supports the division in all areas related to compliance including but not limited to internal/external audit requests, assessments, internal security policies and procedures, security incidents, documentation, and continual improvements. This position is responsible for all audits and assessments requested for Internal Operations. This includes managing, planning, scheduling, coordination, responsiveness, Corrective Action Plan (CAP) documentation, and formal completion. This position will work to support the assessment and compliance processes for the secure operations of Internal Operations IT environments.

Duties include, but are not limited, to:

• Lead compliance reviews and assessments for NCDIT responses to external requests from entities, such as state agencies, including but not limited to distributing, managing and consolidating responses for audit requests
• Review compliance & assessment responses for accuracy and consistency prior to submitting to requesting agency or entity
• Provide feedback to internal IT partners regarding NIST 800-53, IRS 1075, ISO Standard 27001 Security Frameworks to ensure responses are in line
• Works closely with Internal Audit, the Office of the State Auditor, and other auditing bodies regarding Internal Operations compliance related questions
• Work with NCDIT Enterprise Operations representatives to ensure standard operating procedures are in place
• Ensure internal security policies and procedures are documented, in compliance with standard governing bodies and continually improved
• Perform periodic gap analysis to ensure NCDIT complies with SOPs by quantifying difference between ideal outcome and current state

About the Organization

Theserves as the Technology Center for the State of NC. Services that NCDIT provides reach a client base of state and local government agencies, as well as schools, colleges and universities. NCDIT's is to enable trusted business-driven solutions that meet the needs of North Carolinians. NCDIT provides technology services to state agencies and is charged with by expanding availability of broadband services and promoting the adoption of affordable, high-speed internet.

As NCDIT's services reach North Carolina residents from all backgrounds, we believe that a diverse workforce is our most valuable asset to recognize, understand and meet the IT needs of our constituents across the state. Our agency culture intentionally values diversity, equity and inclusion through the implementation of thoughtful, practical, innovative and data-driven strategies. We are an state, ensuring that people with disabilities have equal opportunities to succeed in the state government workplace (). NCDIT supports recent executive orders to address pay equity for women (), establish paid parental leave for birth, adoption, and foster care (), and implement fair chance policies (). Join a team that welcomes, values, respects and supports all members of our work community.

If you have student loans, becoming a state employee includes eligibility for the Public Service Loan Forgiveness Program. Visit to learn more.

Knowledge, Skills and Abilities / Competencies

Resumes/CVs are intended to be used as a complement to an application. Generally resumes/CVs are lacking the detail and breadth of an applicant's full education and work history so applicants should complete the application with more detail than what their resume contains to show that they meet both the Education Requirements and ALL Knowledge, Skills and Abilities (KSAs) listed below in order to qualify. Click these links for additional information: Introduction to the Job Application and Addressing Knowledge, Skills and Abilities. (Note: These links refer to Dept. of Public Safety process; this process is the same for Dept. of Information Technology.)

To qualify for this position, applicants must document on the application that they possess ALL of the following:

• Demonstrated knowledge of NIST 800-53, IRS 1075 and/or ISO Standard 27001 Security Frameworks
• Demonstrated knowledge of technical components of security architecture in a distributed computing environment
• Demonstrated knowledge of security related hardware and/or software
• Demonstrated experience functioning as a technical lead and/or consultant to other IT groups on security compliance matters

The following Management Preferences are not required, but applicants that possess these skills are preferred:

• Demonstrated team-oriented interpersonal skills
• Demonstrated analytical and problem-solving skills

Minimum Education and Experience Requirements

Graduation from a four-year college or university with a degree in, computer science, accounting, or a related IT degree and four years of experience in data analytics auditing, or information systems, programming, or technology auditing;

or

A two-year degree in computer science from a technical or community college and six years of experience In data analytics auditing, or information systems, programming, or technology auditing; or an equivalent combination of education and experience may be substituted on a year-for-year basis

Supplemental and Contact Information

The is an who embraces an philosophy which consists of complying with all federal laws, state laws and Executive Orders. NCDIT uses the to fill posted positions. Hiring salary will be based on relevant qualifications, internal equity, and budgetary considerations pertinent to the advertised position.

• The Department of Information Technology will not accept "See Resume" or inserted text resumes in lieu of all work experience and education completed on the application.
• Employment at NCDIT is contingent upon a satisfactory background check.
• Applicants seeking must attach a DD form 214, Certificate of Release or Discharge from Active Duty, along with your application.
• Applicants seeking must attach a NGB 23A (RPAS) if you are a current member of the NC National Guard in good standing. If you are a former member of the NC National Guard who served for at least 6 years and was discharged under honorable conditions, you must attach either a DD256 or NGB 22.
• Applicants applying for positions that require specific coursework, must upload and attach a copy of the transcript with their application.
• Applicants with relevant professional certifications to the posted job must attach proof of active certification along with the information in the "Certificates and Licenses" section.
• If applicants earned college credit hours but did not complete a degree program, they must attach an official transcript to each application to receive credit for this education.
• If applicants earned a foreign degree, foreign degrees require an official evaluation for U.S. equivalency and must be submitted to Human Resources for verification. There are several organizations that perform this specialized service, feel free to use any service of your choosing. The National Association of Credential Evaluation Services (NACES) has several options on their website that can provide credential verification:

REMOTE WORK:

We trust our employees to be self-motivated and successful in hybrid/remote roles, thus NCDIT offers robust and variable work schedule flexibility.

COMPENSATION & BENEFITS:

The state of North Carolina offers excellent comprehensive benefits. Employees can participate in health insurance options, standard and supplemental retirement plans, and the NCFlex program (numerous high-quality, low-cost benefits on a pre-tax basis). Employees also receive paid vacation, sick, and community service leave. In addition, paid parental leave is available to eligible employees.

Some highlights include:

• The best funded pension plan/retirement system in the nation according to Moody's Investor's Service
• Twelve (12) holidays/year
• Fourteen (14) vacation days/year which increase as length of service increases and accumulate year-to-year
• Twelve (12) sick days/year which are cumulative indefinitely
• Longevity pay lump sum payout yearly based on length of service
• 401K, 457, and 403(b) plans

Learn more about employee perks/benefits:

To apply for this position, please click the "Apply" link above (on the Government Jobs website) or visit to complete an on-line application.

Due to the volume of applications received, we are unable to provide information regarding the status of your application over the phone. To check the status of your application, please log in to your account and click "Application Status." If you are selected for an interview, you will be contacted by management. If you are no longer under consideration, you will receive an email notification.

If there are any questions about this posting other than your application status, please contact:

NCDIT Human Resources

Tajia Brown

Tajia.Brown@nc.gov

For technical issues with your application, please call the GovernmentJobs.com Applicant Support Help Line at 855-524-5627.

NOTE: For temporary, contract or other supplemental staffing appointments: There are no paid leave, retirement or other benefits associated with these appointment types.
For permanent and time-limited appointments:Eligible employees have benefits that include employee health insurance options, standard and supplemental retirement plans, NC Flex (a variety of high-quality, low-cost benefits on a pre-tax basis), and paid vacation, sick, and community service leave, to name a few. Paid parental leave is available for eligible employees. Some benefits require 30 + hours work/week for participation.

01

Are you aware this position is exempt from the provisions of the State Human Resources Act (EHRA), meaning the position is at-will, however, still eligible for all state employee benefits?

• Yes, I understand

02

To qualify for this position, applicants must possess the required "Minimum Education and Experience" AND all "Knowledge, Skills and Abilities" listed on the job posting. I understand that my application MUST include a complete work history in the "Work Experience" section, all education in the "Education" section, and credentials in the "Certificates and Licenses" section. I understand that a resume is NOT a substitute for completing the sections listed above. Also, I understand that Supplemental Questions are considered a part of the application and the answers are used in the screening process, and that all questions must be answered completely and accurately.

• Yes, I understand

03

If you earned a foreign degree, you must attach your official evaluation for U.S. equivalency to your application to receive credit for your degree as foreign degrees require an official evaluation for U.S. equivalency. If you do not attach, Human Resources cannot verify your degree equivalency to give you credit for salary qualification purposes. There are several organizations that perform this specialized service listed on the National Association of Credential Evaluation Services (NACES) website: https://www.naces.org/members

• Yes, I understand

04

To receive credit for relevant professional certifications you must attach documented proof of your active certifications to this application in addition to including the information regarding your certifications in the "Certificates and Licenses" section.

• Yes, I understand

05

Please select the education and experience level that best reflects your education and related experience as defined here: https://oshr.nc.gov/experience-guide

• Graduation from a four-year college or university with a degree in, computer science, accounting, or a related IT degree and four years of experience in data analytics auditing, or information systems, programming, or technology auditing
• A two-year degree in computer science from a technical or community college and six years of experience In data analytics auditing, or information systems, programming, or technology auditing; or an equivalent combination of education and experience may be substituted on a year-for-year basis
• An equivalent combination of education and experience as defined here: https://oshr.nc.gov/experience-guide
• I do not have the minimum number of years of relevant education and/or experience and I do not meet the equivalent combination of education and experience as indicated above

06

Which areas have you demonstrated in the work experience section on your application? For example, if you select that you have experience in one of the choices below, this should be explicitly reflected within each relevant job in the work experience section in your application, not just indicated in this supplemental question.Check all that apply.

• Demonstrated knowledge of NIST 800-53, IRS 1075 and/or ISO Standard 27001 Security Frameworks
• Demonstrated knowledge of technical components of security architecture in a distributed computing environment
• Demonstrated knowledge of security related hardware and/or software
• Demonstrated experience functioning as a technical lead and/or consultant to other IT groups on security compliance matters
• I do not have knowledge or experience in any of the areas listed

07

Which of the following Management Preferences do you possess?Check all that apply.

• Demonstrated team-oriented interpersonal skills
• Demonstrated analytical and problem-solving skills
• None of the above

08

Where did you find out about this posting?

• #TriangleTuesdays
• #Work4Us Wednesdays
• Career Fair
• CollegeCentral
• Employee Referral
• Facebook
• Google
• Government Jobs (State Jobs website)
• Handshake
• Indeed
• LinkedIn
• NC Tech
• NCWorks
• OSHR Website (Office of State Human Resources)
• Symplicity
• Twitter
• Other

09

If you chose Career Fair from above, please indicate which career fairs you attended. If you did not attend any, please choose N/A.

• 9/9/24 - 2024 State of NC Career Expo
• 9/10/24 - WSSU Fall 2024 Career & Grad School Expo
• 9/11/24 - NC A&T Fall Career Fair & Hiring Event
• 9/18/24 - UNC-Pembroke Fall 2024 All Majors Career Fair
• 9/19/2024 - Shaw University Fall 2024 Career Connections Expo
• 9/20/24 - Ed2NC & UNC-Pembroke State Gov't Site Visit
• 9/24/24 - Capital Area Workforce Development Triangle Career Expo
• 9/27/24 - CAE National Cybersecurity Virtual Career Fair
• 10/2/24 - CareerEco Bender's Disability Virtual Career Fair
• 10/22/24 - High Point U Fall Career Fest
• N/A

10

If you selected Career Fair (but it was not listed above), Employee Referral, or Other from above please let us know which Career Fair, Employee, or Other place you found about us! If you did not choose one of the above, please enter N/A

Required Question