Click here to view the latest information on CNM’s tornado and COVID-19 crisis response.


Visit Website

IT Auditor



Job Summary


TennCare is Tennessee’s managed care Medicaid program that provides health insurance coverage to certain groups of low-income individuals such as pregnant women, children, caretaker relatives of young children, older adults, and adults with physical disabilities.  TennCare provides coverage for approximately 1.4 million Tennesseans and operates with an annual budget of approximately $12 billion.  It is run by the Division of TennCare with oversight and some funding from the Centers for Medicare and Medicaid Services (CMS).


TennCare’s mission is to improve the lives of Tennesseans by providing high-quality cost-effective care. To fulfill that purpose, we equip each employee for active participation and empower teams to communicate and work collaboratively to improve organizational processes in order to make a difference in the lives our members. Because of the positive impact TennCare has on the lives of the most vulnerable Tennesseans, TennCare employees report that their work provides them with a sense of meaning, purpose, and accomplishment. TennCare leadership understands that employees are our most valuable resource and ensures professional and leadership development are a priority for the agency. 

Job Responsibilities

The purpose of TennCare’s Office of Audit & Investigations is to provide independent, objective assurance and consulting services designed to add value and improve TennCare operations.  Our internal auditors and IT auditors perform audits of TennCare’s business processes, systems/applications, fiscal transactions, and external partners to ensure compliance with state and federal law, identify potential risks, and recommend solutions to ultimately better the overall organization.


  • Must be able to perform fraud audits and special internal audit projects as well as providing support for other internal audits.
  • Experience performing audits of IT processes, controls, and business risks.
  • Experience performing risk assessments across multiple control frameworks throughout an organization.
  • Experience in conducting data extraction, analysis, and security reviews utilizing software tools.
  • Must be able to participate in system development; conduct audits of system controls, access controls, or modifications to system development.
  • Must be able to analyze the results of audits, prepare detailed reports to document the extent and scope of the examination, identify problems, and recommend possible solutions.



  • Graduation from an accredited college or university with a bachelor’s degree in computer science with a minor in accounting.
  • Experience equivalent to two years of professional auditing, systems analysis, computer systems design, or computer programming work.
  • Additional graduate coursework in business administration, public administration, or computer science from an accredited college or university may be substituted for the required experience on a year-for-year basis to a maximum of one year.


  • Knowledge of health care industry, NIST (Rev3 and Rev4), IRS Publication 1075, MARS-E controls and assessment framework, and COBIT best practices and methodology.
  • Analytical knowledge of the following: SAS, SQL, Oracle, EDI communication, Linux operating systems, Identity and Access Management tools, and Visual Basic programming.
  • Experience or proficiency in electronic workpapers and sampling software such as TeamMate and ACL.
  • Professional certifications: CISSP, CISA, or Linux Administrator

Additional Information


For more information about the great benefits available to State of Tennessee employees; click here:

How to Apply

Please go to to apply for this job today.


  • Date Posted: March 19, 2020
  • Type: Full-Time
  • Job Function: Information Technology
  • Service Area: Government