Application Security Consultant Cover Letter

Please consider me for the application security consultant opportunity. I am including my resume that lists my qualifications and experience.

In my previous role, I was responsible for direction and consultation to NAB’s development teams to assist in the understanding and remediation of security test findings, influencing security change at a PU level;.

My experience is an excellent fit for the list of requirements in this job:

• Knowledge of or experience with integrating Force.com with other backend systems and various integration patterns applicable to Salesforce
• Knowledge of or experience with integrating with Force.com Web services including SOAP, WSDL, REST, SSL standards, security models and typical API client architecture
• Understanding of the Heroku platform security architecture
• Knowledge of or experience with building Force.com sites and customer/partner community portals
• Knowledge of or experience with using additional API techniques such as Salesforce Bulk, REST, SOAP, Streaming and Metadata API
• Create custom force.com applications or customize existing Salesforce applications using Apex programming language and Visualforce
• Knowledge of or experience with usage of architecture tools to define the application data model based on best practices, and Enterprise Reference Architecture
• Knowledge of or experience using and customizing AppExchange products

Please consider me for the application security consultant opportunity. I am including my resume that lists my qualifications and experience.

In the previous role, I was responsible for demonstration of IBM credentials in Cloud Security Strategy, Risk and Compliance as well as a good understanding of multiple domains IAM, Security Operations Consulting, Application and Data Security and Infrastructure Endpoint and Mobile Security.

Please consider my qualifications and experience:

• Static/Dynamic testing
• Application security/penetration testing of web applications and thick clients the softer side of consultancy
• Extensive experience with application security maturity models
• Experience with implementing SAST and DAST solutions
• Experience with embedding security into software development lifecycle
• Familiar with common application security vulnerabilities and mitigating techniques
• Familiar with UK, US and EU regulatory requirements other relevant international security standards
• Professional certifications preferred, such as CSSLP, CEH

In response to your job posting for application security consultant, I am including this letter and my resume for your review.

In my previous role, I was responsible for demonstration of IBM credentials in Security Strategy, Risk and Compliance (SSRC) as well as a good understanding of multiple domains IAM, Security Operations Consulting, Application and Data Security and Infrastructure Endpoint and Mobile Security.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Knowledge of or experience with security features available on Salesforce platform, including Shield including limitations and workarounds
• Familiarity with various categories of security testing tools, VM scanners, SAST, DAST
• Familiarity with web and mobile application testing tools such
• Experience of working in an highly complex environment
• Excellent stakeholder management experience - worked with internal and external stakeholders vendors, 3rd parties
• Security related qualification(s) CISSP, CCSP
• Documented knowledge of experience in AppSec and Mobile Applications
• Experienced with current static analysis tools

I am excited to be applying for the position of application security consultant. Please accept this letter and the attached resume as my interest in this position.

In my previous role, I was responsible for technical security expertise, including communicating security architectural decisions, benefits, risks, and other activities including security requirement definition, and facilitation of security testing and management of residual risk with the product or application teams.

Please consider my qualifications and experience:

• Mobile application testing including understanding of the threat classes for mobile applications
• Threat Modeling and SDL processes
• Experience in Ruby or Python for project tools
• Current certifications related to Application Security
• Recognized as an industry leader in the security community
• Experience presenting relevant security topics at security conferences, professional associations
• Completion of security-related research papers
• Strong relationships with security experts within the industry

I am excited to be applying for the position of application security consultant. Please accept this letter and the attached resume as my interest in this position.

In the previous role, I was responsible for direction and consultation to NAB’s asset teams to assist in the understanding and remediation of security test findings, influencing security change at a PU level; coordinate execution of testing plans with asset owners and stakeholders;.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Experience in SDLC lifecycle or development projects
• Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP) •Application security experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
• Experience with threat modeling and security risk assessment
• HP Fortify experience preferred
• Enterprise Security Architecture, knowledge of government regulations governing information security (HIPAA, GLBA, Data Protection Act, PCI-DSS etc)
• Knowledge of risk management and security frameworks (IS027001) and Systems Security, Application security and Antivirus solutions
• Strong solution architecting and implementation experience in IAM products like CA SiteMinder, IBM Tivoli, SUN IDM, Sailpoint, Oracle IDM
• Experience on SIEM and working knowledge of ArcSight, splunk