Information Risk Analyst Cover Letter

I would like to submit my application for the information risk analyst opening. Please accept this letter and the attached resume.

In my previous role, I was responsible for supervision to Local regulatory driven initiatives and controls, ranging from infrastructure management to access management, Technology risk and control training, through management of incidents, especially related to data protection.

Please consider my qualifications and experience:

• Advanced working knowledge of finance and accounting
• Exceptional analytical skills, including identifying trends and recommending alternative courses of action
• Advanced proficiency in utilization of RMIS
• Ensure that Market Risk feeder systems are fit to deliver reports
• Good understanding of the Global Markets and Banking operations - preferably from market risk
• Foundational understanding of applicable principles, practices, theories, and/or methodologies associated with the professional discipline (e.g., information technology, project management, finance, risk management)
• Provide insights into trends, issues, threats and opportunities across the portfolios
• Provide portfolio oversight on all stages of the customer life-cycle including early problem management

I would like to submit my application for the information risk analyst opening. Please accept this letter and the attached resume.

Previously, I was responsible for technical assistance on risk related systems issues, and serve as a liaison for technology risk management.

My experience is an excellent fit for the list of requirements in this job:

• Knowledge of IAM concepts and tools such as multifactor authentication, server access control, and privileged access monitoring
• Understanding of Active Directory and access provisioning/revocation processes
• Familiarity with the Joiner/Mover/Leaver process and the set-up of accounts and system entitlements
• Tools knowledge related to Advance Excel (VBA-preferred), Business Objects, spotfire and SQL
• Knowledge of risk and compliance and security requirements under NIST, ISO, PCI, SOX, HIPAA, Gramm–Leach–Bliley Act (GLBA), & General Data Privacy Regulations (GDRP)
• Knowledge of IT processes and frameworks is desirable
• Spanish Language desirable
• Experience managing or acting as an SME in technology solution design and implementations, including cloud solutions and global deployments

I am excited to be applying for the position of information risk analyst. Please accept this letter and the attached resume as my interest in this position.

In my previous role, I was responsible for iT Controls and risk management consulting to the business systems, business, technical, functional and operations groups.

My experience is an excellent fit for the list of requirements in this job:

• Provide input into Risk Appetite and Key Performance Indicators, including provision of fact based analysis to support the input
• Good understanding of Commercial Banking
• Regular contact with other members of the RIS and finance teams, willingness to discuss analysis with senior management within RIS
• Excellent technical writing skills with strong attention to detail
• Proficiency with Microsoft Office applications such as Excel, Word, PowerPoint, Visio
• Knowledge of PCI, SOX IT General Controls, HIPAA or other regulatory standards
• Understanding of Enterprise Risk Management and IT Risks
• Experience reviewing, supporting and facilitating development of Information Security policies, procedures, standards and guidelines

I am excited to be applying for the position of information risk analyst. Please accept this letter and the attached resume as my interest in this position.

Previously, I was responsible for independent review of O&T Risk & Control Self-Assessment (RCSA) and Technology Risk System Assessment (TRSA) for reporting to O&T management;.

Please consider my experience and qualifications for this position:

• Knowledge of application / system architecture, including the system development lifecycle
• CISA, CISSP, ISA, or PCIP designation
• Responsive and alert to new learning and research concepts, ideas, and technologies
• Ensure adequate controls are maintained around counterparty credit risk exposure calculation- IMM Models and any deviations are timely remediated
• Explain spikes/deviations in calculations performed through Risk Systems in line with IMM Models approved by the regulators
• Establish risk controls framework across trading book-covering front to back trade/reference & exposure data, analyse control breaks and provide root cause analysis along with maintenance of resp
• Project management responsibilities for making the bank compliant as per new Regulatory Requirements, which would involve changes in Methodologies for Risk Measurement
• Create BI packs and reports where data is not available to Credit from the standard reporting tools

I would like to submit my application for the information risk analyst opening. Please accept this letter and the attached resume.

Previously, I was responsible for specialized expertise and guidance on risk and control assessment, identifying control gaps in the IT operational processes.

Please consider my experience and qualifications for this position:

• CRISC, CISA Security or equivalent industry certifications
• Experience with regulated systems (GxP, SOX, PII, Privacy, EU Directives) in the pharmaceutical/biotechnology industry
• Experience with compliance assessment tools such as ServiceNow GRC, Qualys CM (Compliance Manager), Symantec CCS (Control Compliance Suite)
• Significant technical knowledge, understanding of frameworks and standards (NIST, ISO 2700x, ), audit experience and CISA certification (or other related certification)
• Experience working through entire System Development Lifecycle (SDLC)
• Self-motivator, willingness to develop and present ideas and suggestions for the creation of new processes and or to improve existing processes
• Working knowledge of regulatory compliance initiatives related to Sarbanes Oxley, the Gramm--Leach--Bliley Act and FFIEC
• Firm grasp of the design and implementation of effective IS controls