Information Assurance Analyst Cover Letter

I submit this application to express my sincere interest in the information assurance analyst position.

Previously, I was responsible for cyber-security management and coordinate all actions required by cyber security-related statement of work tasks including, but not limited to, vulnerability scanning and patch compliance.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Knowledge of the DHS security controls for the networks, including HSDN and CLAN – 4300 A/B series security documents
• Knowledge of enterprise information assurance and security standards
• Knowledge of government and commercial common user systems and dedicated special purpose systems requiring specialized security features and procedures
• Security Essentials Certification (GSEC)
• ISC2 Systems Security Certified Practitioner (SSCP)
• Cisco Certified Network Associate (CCNA) Security and CISSP
• Experience with SATCOM networks and terminals
• Knowledge of communications technologies and Internet protocol network architecture and systems

I am excited to be applying for the position of information assurance analyst. Please accept this letter and the attached resume as my interest in this position.

In the previous role, I was responsible for expertise in BSA’s vulnerability management process and network vulnerability scanning.

Please consider my experience and qualifications for this position:

• Excellent interpersonal, interviewing, analytical and problem solving skills to address variable situations
• General knowledge of industry security requirements, standards, and best practices
• Professional attitude, able to to communicate and interact with individuals at all levels across various information technology and business sectors
• Strong organizational, project management, and customer service skills
• Current CISSP, CRISC, CISA, GIAC or equivalent certification preferred
• Experience including interfacing and advising clients, conducting assessments, proofs-of-concept, strategy scoping, managing and budgeting time and expenses, working in project-oriented environments with deadlines and milestones, making presentations to management
• Experience in security policies and procedures, information systems security or computer operations
• Certification – CompTIA Security+ ce

I am excited to be applying for the position of information assurance analyst. Please accept this letter and the attached resume as my interest in this position.

In the previous role, I was responsible for information assurance knowledge for the conduct of Information Assurance (IA) duties including Certification and Accreditation (C&A) and Information Vulnerability Management activities.

Please consider my qualifications and experience:

• CISSP, CEH, or other advanced Information Security Certification
• Staff experience researching and writing white papers, compliance reports and assessment reports
• Requires DoD 8140/DoD 8570 IAT Level II Certification (Security +)
• Requires eMASS training and/or certification
• A basic level understanding of business/technology risk leveraging NIST cybersecurity framework and lifecycle (Identify, Protect, Detect, Respond, and Recover)
• Knowledge in monitoring and review of technology controls that mitigate those risks at an introductory level leveraging ISO/IEC 27000 series Plan-Do-Check-Act (PDCA) cycles
• Mentored and encouraged to keep up-to date with the latest technologies and potential cyber-threats
• Experience in the architecture, engineering, and operations of at least one enterprise SIEM platform

Please consider me for the information assurance analyst opportunity. I am including my resume that lists my qualifications and experience.

In the previous role, I was responsible for detailed risk mitigation recommendations; conduct risk and vulnerability assessment of IT systems; conduct appropriate network scans utilizing ACAS and coordinate patching as required to gain/maintain accreditation.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Experience with the RMF accreditation process
• Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP, CASP and/or SIEM-specific training and certification
• Proficient user of Rational Tools and the MS Office Suite
• Knowledge of, and preferably experience with Federal Information Security Management Act (FISMA), Web Application Security Assessment (WASA), and/or National Institute of Standards and Technology (NIST) protocols and standards
• Knowledge of Software as a Service (SaaS)
• Industry recognised information security or audit qualification
• Flexibility to adapt to dynamic work environment to meet organizational requirements
• Technical understanding of software and web application security (e.g., security headers, TLS configuration, secure design and coding practices) and vulnerabilities

Please consider me for the information assurance analyst opportunity. I am including my resume that lists my qualifications and experience.

In my previous role, I was responsible for vulnerability management and actively support Certification and Accreditation (C&A) activities for DNWS-IT systems, to include: management, testing, and patching.

My experience is an excellent fit for the list of requirements in this job:

• Experience interpreting and reviewing System Security Plans (SSPs), network diagrams, Standard Operating Procedures (SOPs), and System Design Documents (SDDs) Experience performing security testing of applicable Security Technical Implementation Guides (STIGs), Information Assurance Controls (IACs), and current mandated DoD/DoN, and program security settings
• Experience gathering information from a range of different sources, developing and creating search queries
• Experience in using Shared Assessments Program Tools and/or questionnaire based vendor auditing tools
• Experience using GRC tools and technologies for audit support and vendor governance management
• Extensive DIACAP/RMF Certification and Accreditation experience
• Training and/or familiarity with the Risk Management Framework
• Hands-On experience using Microsoft SCCM to deploy OS and application patches and updates
• Experience applying STIGs to Cisco network devices