Security Auditor Cover Letter

In response to your job posting for security auditor, I am including this letter and my resume for your review.

In my previous role, I was responsible for leadership in the support of security audits and certifications including major industry standards such as PCI, HITRUST, and SOC 2 Type 2.

Please consider my qualifications and experience:

• Has obtained or qualified for Certified Information Systems Auditor (CISA) (or) Certified Information Systems Security Professional (CISSP) or is in pursuit of these certifications
• Deep knowledge of and experience in applying HIPAA and associated guidance
• Requires broad knowledge of information security mechanisms and processes, including the risk management framework
• Requires a security, compliance, or auditing certification such as CISA, CISSP, HCISPP, or CIA
• BS in Computer Science, Engineering, MIS, or other related discipline
• Experience using various IA tools in audit collection, audit review, audit management, and end point protection
• DoD 8570.1 / DoD 8140.01 certification (IAT Level I or II, IAM level I, or II, IASAE Level I, II, or III)
• Knowledge of what comprises competent, evidential matter

I would like to submit my application for the security auditor opening. Please accept this letter and the attached resume.

In the previous role, I was responsible for pCI DSS and PCI PIN assessment/advisory services to customers.

My experience is an excellent fit for the list of requirements in this job:

• Educational background and/or professional qualification
• Previous experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security operations center
• Prior public accounting or internal IT audit experience
• Sound interpersonal, negotiation, and influencing skills
• Familiar with assessment frameworks/standards
• Holds or intends to obtain related professional certification, such as CISA, CISSP, CEH
• Assist the Risk and Compliance Director with risk assessment process re-engineering within the LockPath GRC tool
• Assist in establishing efficient processes for Risk Assessment processes within the GRC tool as part of LockPath Reengineering Project(s)

I would like to submit my application for the security auditor opening. Please accept this letter and the attached resume.

In my previous role, I was responsible for technical authority, vision, documentation of operational procedures and guidance to ensure the continued evolution of PCI Vulnerability Management Services.

Please consider my qualifications and experience:

• Have certifications demonstrating familiarity with Information Security and Technologies
• Experience in training users of all levels to be proficient using computer-based applications
• Experience with mobile devices (cell phones, smart phones, tablets)
• Demonstrates familiarity with various Information Security Risk Frameworks
• Has a good understanding of IT security control processes
• Intermediate expertise with MS Access and PowerPoint
• Solid knowledge of audit processes and auditing skills
• Solid knowledge of of the following regulations - HIPAA, SOX, SSAE16, PCI DSS

In response to your job posting for security auditor, I am including this letter and my resume for your review.

In the previous role, I was responsible for direction and oversight to project teams to design, develop, deploy and sustain solutions that meet PCI DSS requirements.

Please consider my qualifications and experience:

• Understanding of data analysis or some experience as an analyst
• Self-directed, able to manage multiple assignments with varying priorities
• Prior systems conversion review or technical assessments experience preferred
• Demonstrated working knowledge of standards and guidelines for Information Security published by the National Institute of Standards and Technology (NIST)
• Strong knowledge and experience in information security related practices, techniques, and tools
• Familiar with various Information Security Risk Frameworks
• Experience of analyzing and articulating Cyber Security risks from current threat vectors, combined with technical and process skills in an enterprise environment
• Engineering Graduate in Computer Science, Information Systems, or related field

I would like to submit my application for the security auditor opening. Please accept this letter and the attached resume.

Previously, I was responsible for remediation guidance to technical teams to establish and maintain sustained compliance with PCI-DSS.

Please consider my experience and qualifications for this position:

• Perform gap analysis of security requirements implemented within the LockPath GRC tool and risk assessment process according to security statute, regulation, standards and SOM policies
• Cross-map HIPAA, IRS, CMS, PCI and CJIS security requirements to NIST and State of Michigan Baseline controls
• Document LockPath process design including business and security requirements
• Identify and design reports within the LockPath GRC tool and assist the Risk and Compliance Director to establish monitoring program
• Assist with establishing Cyber Security Framework for the State of Michigan
• Other cyber security related tasks as assigned
• Strong understanding of risk management concepts (inherent risks, control design, mitigating controls)
• General understanding of banking and financial services industry practices and related rules and regulations preferred