Information Technology Auditor I/II

The Texas Department of Family and Protective Services (DFPS) works to build on strengths of families and communities to keep children and vulnerable adults safe, so they thrive. We do this through investigations, services, and referrals.


What You Get Beyond Your Paycheck

When you join the State of Texas, your monthly paycheck is just one part of your real income. Our benefits provide extra value that many private employers simply don't match-often adding hundreds of dollars each month to what you take home or save.

Here's what you get as a full-time employee:

• 100% paid health insurance for you, and 50% paid for eligible family members-saving you hundreds every month in out-of-pocket medical costs
• Retirement plans with lifetime monthly payments after five years of state service, plus options to save even more with 401(k) and 457 plans
• Paid vacation, holidays, and sick leave so you can recharge and take care of life outside work (that's time off you're actually paid for)
• Optional dental, vision, and life insurance -at rates much lower than most private plans
• Flexible spending accounts for added tax savings on health and dependent care
• Employee discounts on things like gym memberships, electronics, and entertainment

You also might qualify for Public Service Loan Forgiveness, which could help you pay off federal student loans faster.

You can see all the details here: ERS recruitment brochure

Functional Title: Information Technology Auditor I/II Job Title: Information Tech Auditor I Agency: Dept of Family & Protectve Svc Department: Internal Audit Posting Number: 18150 Closing Date: 08/17/2026 Posting Audience: Internal and External Occupational Category: Business and Financial Operations Salary Range: $4,801.16- $7,500.00 Pay Frequency: Monthly Salary Group: TEXAS-B-22 Shift: Day Additional Shift: Telework: Not Eligible for Telework Travel: Regular/Temporary: Regular Full Time/Part Time: Full time FLSA Exempt/Non-Exempt: Exempt Facility Location: Job Location City: AUSTIN Job Location Address: 4900 N LAMAR BLVD Other Locations: MOS Codes: 25D,2R2X1


Brief Job Description:

*This position can be filled as either an IT Auditor I or II. Position level will be determined by applicant qualifications.*

Information Technology Auditor I:

Performs entry-level information systems auditing work involving conducting audits of information systems, platforms, and operating procedures. Assists with preparing audit findings regarding the efficiency, accuracy, and security of financial and non-financial programs. Works under close supervision, with minimal latitude for the use of initiative and independent judgment.


Information Technology Auditor II:

Performs complex (journey-level) information systems auditing work involving conducting audits of information systems, platforms, and operating procedures. Prepares audit findings regarding the efficiency, accuracy, and security of agency programs. Works under general supervision, with moderate latitude for the use of initiative and independent judgment.

Essential Job Functions (EJFs):

Information Technology Auditor I:

Performs information technology audit work, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.

• Participates in information technology (IT) audits and related projects including assisting in and developing IT risk assessments, IT audit scopes, objectives, evaluation criteria, procedures, questionnaires, and surveys.
• Performs IT audits of automated systems by analyzing evidence, mapping workflows, and documenting current IT processes and procedures used across various departments.
• Reviews and analyzes technical documentation, system access logs, and process workflows to assess the adequacy and effectiveness of IT controls.
• Documents IT audit work as per applicable audit standards.

Performs information technology security reviews and general information technology or application control reviews, as needed, to address audit objectives.

• Conducts IT security control reviews under the direction of the IT Audit Manager by independently evaluating agency practices related to user access, system configurations, data encryption, and cybersecurity protocols.
• Participates in application control reviews of core business systems by analyzing workflows, system settings, and change management processes to evaluate system integrity, data reliability, and compliance with internal policies.
• Performs data analytics and IT audit test work to provide assurance that controls are in place to mitigate IT risks to the agency and to achieve IT audit objectives.

Examines information technology control elements to mitigate information technology risks regarding the confidentiality, integrity, and availability of business information.

• Reviews access control settings, password configurations, and user account management practices in coordination with agency IT staff and under the direction of the IT Audit Manager.
• Evaluates system backup procedures, disaster recovery documentation, and data retention processes during information technology audits.
• Analyzes and tests the confidentiality, integrity, and availability of data in key business applications by reviewing encryption methods, system configurations, and data validation controls.

Provides recommendations on the use, integration, maintenance, and enhancement of an entity's information technology systems.

• Works under the direction of the IT Audit Manager and Internal Audit management to assist in preparation of reports and presentations detailing audit results for internal and external audiences.
• Provides actionable recommendations, grounded in the evaluation of condition, cause, criteria, and impact, to optimize the use, integration, maintenance, and enhancement of an organization's information technology systems based on insights gathered during IT audit work.
• Compiles relevant information and evidence from IT audit work performed to sufficiently support IT audit results, conclusions, findings, and recommendations for improvement.

Participates in audits of technology platforms, information systems, and information technology operating procedures; and examines information technology internal controls and security.

• Assists with the review and testing of IT operating processes and controls, contributing directly to audit reports that inform corrective actions and system improvements.
• Prepares diagrams from walkthroughs, interviews, and testing to identify IT systems and related controls.
• Participates in internal audit engagement fieldwork of core technology platforms and business-critical information systems by reviewing system configurations, access controls, data integrity controls, security and change management practices in collaboration with internal audit teams and agency IT staff.

Performs related work as assigned.

Information Technology Auditor II:

Prepare system and data diagrams to identify manual and systems process interactions and critical controls.

• Processes flow diagrams and data mapping visuals during IT audits to illustrate how data moves through applications, how manual procedures and automated system functions interact across business workflows, and identify system dependencies and risks.
• Uses audit software tools, to document current-state system architectures and data flows, focusing on critical controls and areas of system reliance.

Provide technical support for financial and performance audits.

• Collaborates with performance internal audit teams to identify and extract relevant data from agency information systems, ensuring data integrity and reliability for audit testing, ensuring accountability in financial reporting and operational performance.
• Reviews system access and control assessments to support financial process audits, focusing on segregation of duties, user roles, and authorization processes within system applications.

Performs information technology audit work, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting client processes and procedures.

• Plans and executes the assigned information technology (IT) audits by working closely with internal audit leadership, IT staff, and business unit stakeholders to identify high-risk areas, define audit objectives, and develop evaluation criteria.
• Reviews and analyzes technical documentation, system access logs, and process workflows to assess the adequacy and effectiveness of IT controls, identifying control gaps or inefficiencies to help DFPS reduce risk, improve IT governance, and enhance operational integrity.
• Documents audit work and client processes using professional audit software, compiling complex technical findings into clear, actionable observations and recommendations.

Performs information technology security reviews and general information technology or application control reviews, as needed, to address audit objectives.

• Reviews IT security control during scheduled audits by independently evaluating agency practices related to user access, system configurations, data encryption, and cybersecurity protocols to identify weaknesses and recommend improvements.

• Reviews application control reviews of core business systems by analyzing workflows, system settings, and change management processes to evaluate system integrity, data reliability, and compliance with internal policies.

• Supports audit objectives by identifying and developing methodologies for testing general IT controls across multiple platforms, including operating systems, databases, and network environments.

Examines information technology control elements to mitigate information technology risks regarding the confidentiality, integrity, and availability of business information.

• Evaluates IT general controls such as access management, backup and recovery procedures, and change management processes during audits or special reviews.
• Assesses and tests the confidentiality, integrity, and availability of data in key business applications by reviewing encryption methods, system configurations, and data validation controls to protect sensitive data, maintain public trust, and comply with cybersecurity and information management standards.
• Critiques risk-based assessments of technology platforms and related control environments to ensure that systems supporting critical business operations are resilient, secure, and aligned with DFPS policy.

Provides recommendations on the use, integration, maintenance, and enhancement of an entity's information technology systems.

• Develops evidence-based recommendations for improving the use and integration of information systems by analyzing audit findings, system documentation, and user feedback across various business functions, to help the agency optimize its technology investments and support long-term service delivery goals.
• Evaluates the effectiveness of current system maintenance and support practices during IT audits and provides guidance to agency departments on improving system reliability, data integrity, and change management.
• Identifies recurring technology-related control deficiencies or integration challenges through audit reviews and develops targeted recommendations to enhance IT system performance and alignment with business objectives strengthening system operability, informed decision making, and advancing the agency's strategic IT goals.

Participates in audits of technology platforms, information systems, and information technology operating procedures; and examines information technology internal controls and security.

• Carries out on-site tasks during scheduled audits of core technology platforms by reviewing system configurations, access controls, and IT operating procedures in collaboration with internal audit teams and agency IT staff.
• Participates in internal audit engagements involving business-critical information systems, such as financial, case management, or HR applications, by analyzing system access, data integrity controls, and change management practices to ensure sensitive information is protected and systems operate effectively in support of agency programs and client services.
• Monitors IT internal controls, such as security configurations, automated process controls, and system monitoring tools, using standard frameworks to help the agency reduce cybersecurity risks, strengthen compliance, and maintain trust in IT systems.

Performs related work as assigned.

Knowledge, Skills and Abilities (KSAs):

Information Technology Auditor I:

Ability to maintain the security and integrity of the infrastructure per Governor Abbot Executive Order GA-48.

Knowledge of:

• Information Systems Audit Standards,
• Generally Accepted Government Auditing Standards,
• Global Internal Audit Standards,
• Information technology principles, processes, and systems including information security and control practices,
• DFPS programs, functions and systems.
• Generally accepted information technology audit and financial standards and practices, information technology security and control practices, and information technology management practices.

Skill in:

• Collecting and analyzing data,
• Using analytical software tools,
• Conducting and documenting interviews,
• Identifying information controls and evaluating their design and effectiveness.
• Data analysis methods, and other computer applications.

Ability to:

• Communicate effectively orally and in writing,
• Work cooperatively in a team environment,
• Observe, understand, and document efficiency, accuracy, and compliance of information technology operations,
• Apply audit standards through practical application.

Information Technology Auditor II:

Ability to maintain the security and integrity of the infrastructure per Governor Abbot Executive Order GA-48.

Knowledge of:

• Information Systems Audit Standards,
• Generally Accepted Government Auditing Standards,
• Global Internal Audit Standards,
• Information technology principles, processes, and systems including information security and control practices,
• Information technology security and control frameworks, including the NIST Risk Management Framework, Texas Cybersecurity Framework, and COBIT.
• Generally accepted information technology audit and financial standards and practices, and information technology management practices.

Skill in:

• Collection, organization, and systematic analysis of data.
• Designing test work to validate design and effectiveness of IT controls.
• Documenting processes through flowcharts
• Use of analytical software tools, data analysis methods, and other computer applications.

Ability to:

• Apply audit standards through practical application
• Communicate effectively in interviews and meetings.
• Write concise and clear work papers and reports.
• Work cooperatively in a team environment
• Observe, understand, and document efficiency, accuracy, and compliance of information technology operations

Registrations, Licensure Requirements or Certifications:

Information Technology Auditor I:

Certification as a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA) is preferred.

Information Technology Auditor II:

Current, active Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA) is required.

Initial Screening Criteria:

Information Technology Auditor I:

Bachelor's in business, technology or related field from an accredited college or university is required.


Experience in auditing, accounting, management information systems, quality assurance, process improvement, compliance or other related business experience is preferred.

Information Technology Auditor II:

Bachelor's or Master's degree from an accredited college or university is required.

Two years of full-time auditing, accounting, management information systems, quality assurance, process improvement, compliance or other related business experience.


Health and human services or Texas state government experience is preferred.


Additional Information:

*This position can be filled as either an IT Auditor I or II. Position level will be determined by applicant qualifications.*

Review our Tips for Success when applying for jobs at DFPS, DSHS and HHSC.

Military occupation(s) that relate to the initial selection criteria and registration or licensure requirements for this position may include, but not limited to those listed in this posting. All active-duty military, reservists, guardsmen, and veterans are encouraged to apply if qualified to fill this position. For more information please see the Texas State Auditor's Job Descriptions, Military Crosswalk and Military Crosswalk Guide at Texas State Auditor's Office - Job Descriptions. You may also contact the DFPS Military Liaison at View email address on click.appcast.io with additional questions.

Applicants selected for hire must pass a background check and if applicable a driver's record check.

State of Texas employees are required to maintain the security and integrity of critical infrastructure as defined in Section 117.001(2), State of Texas Business and Commerce Code. Applicants selected for hire comply with this code by completing related training and abiding by agency cybersecurity and communications system usage policies.

As a state agency, DFPS is required by Texas Administrative Code (TAC 206 and 213) to ensure all Electronic Information Resources (EIR) follow accessibility standards. The staff must be familiar with the WCAG 2.1 AA and Section 508 to create accessible content including but not limited to; Microsoft Office documents, Adobe PDFs, webpages, software, training guides, video, and audio files.


DFPS uses E-Verify. You must bring your I-9 documentation with you on your first day of work. Employees must provide documentation to DFPS to show their identity and authorization to work in the US. Please review the following link for authorized documents: .

In compliance with the Americans with Disabilities Act (ADA), HHS/DFPS agencies will provide reasonable accommodation during the hiring and selection process for qualified individuals with a disability. If you need assistance completing the on-line application, contact the HHS/DFPS Employee Service Center at View phone number on click.appcast.io. If you are contacted for an interview and need accommodation to participate in the interview process, please notify the person scheduling the interview.