Security Information Manager Cover Letter

I would like to submit my application for the security information manager opening. Please accept this letter and the attached resume.

Previously, I was responsible for expertise on matters related to application security policy, security implementation, and access controls for this business unit’s applications.

Please consider my experience and qualifications for this position:

• Information Security Incident Management - Handling APTs, Threat modelling and management
• Solid understanding of programming languages, software development, systems engineering, and release processes
• General understanding of business operations including the technical infrastructure and general business processes
• Proven experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
• Expertise in in data privacy laws, access, security, release of information, or access control technologies
• In depth knowledge of the cybersecurity rule and other government technology laws and standards.International exposer is desirable
• Experience with contract law is preferred but not necessary
• Experience meeting and presenting to clients and senior leadership

Please consider me for the security information manager opportunity. I am including my resume that lists my qualifications and experience.

In the previous role, I was responsible for in-house consultancy on information risk management matters and advise on the implementation of security controls on the Account.

Please consider my qualifications and experience:

• Experience leading Information Security projects preferred
• Knowledge of Six Sigma and Project Management Professional (PMP) methodologies to process improvement initiatives preferred
• Possess a strong understanding of control standards and regulatory frameworks
• Awareness and understanding of latest security threats, trends and technologies
• Uses critical thinking and sound judgment in making decisions
• Demonstrates professional image, maturity and self-confidence
• Fosters positive interactions with other associates
• Masters in Cyber Security, Business Administration or related field

I submit this application to express my sincere interest in the security information manager position.

Previously, I was responsible for guidance, oversight and the implementation and consistent operation of a world-class information security governance, security risk management and compliance programs.

Please consider my qualifications and experience:

• Experience of ISO 27001 desirable
• Maintain an understanding of incident response, forensics investigation, and internal/external audits (Sarbanes Oxley, PCI, SAS 70 ), identity management and understanding of project management methodologies, system development life cycle, infrastructure best practices and risk management concepts
• Maintain an understanding of Security Policy and Risk Management
• Working knowledge of Infrastructure Security Concepts (Firewalls, DMZ’s, Intrusion Detection / Prevention Systems, Network Security, Cloud Security, End Point and mobile)
• Extensive Information Security experience including experience with both non IT and IT related security controls, including security awareness, access controls, data loss prevention, emerging security threats, detection and prevention methodologies
• Broad and high level knowledge of network, application and security technology, such as firewalls, encryption, cyber intrusion management
• Experience of dealing with internal and external stakeholders
• Pragmatic, able to balance security requirements with the need for the business to operate efficiently

I am excited to be applying for the position of security information manager. Please accept this letter and the attached resume as my interest in this position.

In my previous role, I was responsible for security management controls to SED at all levels of Government management in developing appropriate security controls and safe guards.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Knowledge of relevant information security frameworks (ISO 27002, NIST CSF, FFIEC IT Exam Handbook) and information security regulations (GLBA, SOX, PCI)
• Application of information security technologies, frameworks, and controls to address business, information security and cybersecurity risks
• Strong knowledge of information systems security standards and practices (e.g., access control, secure coding, system hardening, system audit and log file monitoring, security policies, and incident handling)
• Proven experience and knowledge of information security compliance functions including risk management and audit
• Proven technical acumen with an excellent understanding of Windows and *nix environments, TCP/IP and network communications, network and server infrastructure technologies and devices including firewalls, routers, switches
• Knowledge of ISO27001, NIST 800-53 and similar frameworks
• Demonstrable knowledge of regulatory and statutory compliance requirements including PCI-DSS, HIPAA
• Strong knowledge of change management strategies and principles

I submit this application to express my sincere interest in the security information manager position.

In my previous role, I was responsible for leadership, direction and guidance in assessing and evaluating information security risks and monitors compliance with security standards and appropriate policies.

My experience is an excellent fit for the list of requirements in this job:

• Strong understanding of key security frameworks (NIST 800, OWASP, ISO-27001 )
• Strong understanding of PCI, HIPAA, SOX, and other governmental and industry compliance standards
• Experienced with ISO and ITIL
• Track record of partnering with other teams in different departments to build relationships that further Penetration Testing and Security
• Certified Information Systems Security Professional (CISSP) or Certified Information Systems Manager (CISM) preferred
• Knowledge of applicable industry rules (ISO27001, GDPR, PCI, SOX, ), and expertise in Information Security best practices and implementing Information Security Frameworks
• Accountable for independently leading architecture review and conduct resiliency assessment for complex IT applications, databases, network topologies and data centres
• Active member of Enterprise DR testing & assessment team