Information Security Risk Analyst Cover Letter

I submit this application to express my sincere interest in the information security risk analyst position.

In the previous role, I was responsible for technical services, oversight, and support in all aspects of program related security to include, but not limited to, certification/accreditation, security best practices, security engineering, security enforcement, security development and implementation.

Please consider my qualifications and experience:

• Familiarity with enterprise security architecture design & document creation
• Solid relationship and people management skills
• Familiarity of Systems Development Life-Cycle
• Some knowledge of reporting/query tools (e.g., SQL, Hyperion)
• Some knowledge of security administration products (e.g., CA-TSS, Lotus Notes, Active Directory)
• Familiarity with Entitlement Management Tools
• Knowledge of Attestation Applications( SailPoint IIQ, Curion, etc)., Provisioning Applications ( CA, Oracle, SailPoint), Identity Mangement Products, Oracle and other databases ( DB2, SQL Server), General IT Security Tools
• Strong understanding of information security standards such as ISO2700x, NIST, COBIT

In response to your job posting for information security risk analyst, I am including this letter and my resume for your review.

In my previous role, I was responsible for on-call support on rotational basis covering network security support for other security specialties prior to escalation to those security SME’s.

Please consider my qualifications and experience:

• Extensive experience in an information security role
• Experience preferred with the security technologies such as SIEM, web application firewalls, VPN infrastructure, Intrusion Prevention Systems, DMZ and Extranet infrastructures, 802.11 Wireless networks, Multi-factor authentication, DNS, SMTP, FTP/SFTP, DHCP, 802.1x access control, Anti-malware, Data Leakage/Loss Prevention, switching and routing infrastructure and protocols
• Audit or risk management experience
• Expert at creating/establishing documentation repositories and technical writing
• Expert at distilling highly technical subjects/risks into a non-technical discussion or write-up
• Experience working with the HITRUST Common Security Framework
• Experience with matrix management and working with cross-functional teams
• CRISC, CISSP, CISM or CISA certification

In response to your job posting for information security risk analyst, I am including this letter and my resume for your review.

In the previous role, I was responsible for guidance and expertise in the development of security standards, architectural governance, design patterns, and security best practices that align with the changing cyber security marketplace.

Please consider my experience and qualifications for this position:

• Knowledge of Shared Assessments methodology
• Advanced computer, network, and system knowledge and skills with a thorough understanding of security controls
• Cybersecurity related experience in enterprise architecture or engineering
• Working knowledge of security domains, auditing standards and frameworks, and risk analysis frameworks including ISO 27001, NIST Cyber Security Framework, IT-CMF
• Perform outreach and engagement activities in support of information security’s strategic goals
• Analyze technical issues in a business context to provide customized risk analysis
• Provide tailored recommendations for improvements and protections
• Present risks and recommendations to technical and non-technical audiences

I submit this application to express my sincere interest in the information security risk analyst position.

In my previous role, I was responsible for security education and ongoing awareness across the FM Global enterprise to help develop a security-focused culture, where good security practices / expectations are understood.

Please consider my experience and qualifications for this position:

• CISM or willingness to obtain
• CRISC OR CISSP Certifications
• Deep knowledge of information security risks effect on business
• Understanding of return on security investment
• Familiarity with recommending and designing information security controls to mitigate threats and vulnerabilities
• Understanding of end-to-end risk management principles and how to implement across multiple business units
• Experience with GRC tools, including Archer and ServiceNow
• Experience as an information security professional

In response to your job posting for information security risk analyst, I am including this letter and my resume for your review.

Previously, I was responsible for security guidance for new projects and innovations to ensure security best-practices are implemented and minimize risk and exposure to the business.

Please consider my experience and qualifications for this position:

• Current/Active TS/SCI clearance with poly and background investigation
• Strong knowledge of healthcare environments and HIPAA preferred
• Advanced computer knowledge and proficient in MS Office (Excel, Word, and PowerPoint)
• Understanding of information security (IS) concepts, IT, information security awareness and third-party risk management processes, methodologies, and practices
• Proficient knowledge of third-party related regulatory policies
• Experience working in the finance industry dealing with sensitive data preferred
• Strong people management and analytical skills
• Strong attention to detail, strong analytical skills/problem solving/conceptual thinking