Security Risk Analyst Cover Letter

I am excited to be applying for the position of security risk analyst. Please accept this letter and the attached resume as my interest in this position.

In my previous role, I was responsible for strategic direction and planning in regards to the Security Risk Framework and Program in alignment with CGI’s Enterprise Security Management Framework (ESMF) but inspired in security industry best practices.

Please consider my qualifications and experience:

• Very good understanding of risk assessment and management principles
• Good knowledge of current IT Infrastructure platforms, practices and trends
• Experience of popular IT security risk assessment methodologies
• Broad knowledge of technology generally and Information Security technology and methodologies particularly, including for example, web server security / firewalls / networks / encryption / PKI / TCP/IP / UNIX / Windows / PCI DSS / ISO 27001&2
• Professional certification (CISSP, CISA)
• Certification in information security disciplines such as CISM, CISA or CISSP is highly preferred
• Tertiary education in Information Technology
• IT Risk Management / Audit industry certification (such as CISSP, GSNA, CISA, CRISC)

I submit this application to express my sincere interest in the security risk analyst position.

Previously, I was responsible for analysis of potential risk to information security and recommends solutions Creates and maintains information security documentation.

Please consider my qualifications and experience:

• Knowledge of products (CA-TSS, Lotus Notes, Identity Management products) and Hyperion, Digital Certs and ACL Management
• Certification in information security disciplines such as CISM, CISA or CISSP
• Tertiary education in IT
• Professional certifications in Information Security, Risk Management and/or Compliance preferred (e.g., Security+, CISSP, CISA, CISM, CRISC)
• Able to quickly establish credibility, confidence and
• CISSP, CRISC, CISM/CISA, CIPP or similar certifications
• Experience with Cloud Framework
• Will constantly work towards being the best and to succeed at current assignment/project

In response to your job posting for security risk analyst, I am including this letter and my resume for your review.

In the previous role, I was responsible for engineering guidance based on DoD and Industry Security Best Practices, security requirements and cyber security trends and solutions; focused towards risk assessments and mitigations.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Self-motivation, high commitment/energy level, results oriented and flexible nature
• Familiar with methods to apply system security settings to domains and standalones workstations
• Strong technical familiarization with at least one major OS (Windows, LINUX, UNIX)
• Hold or capable of obtaining within 6 months a certification as directed in DoD Directive 8570.01M
• Proficient understanding of network security technologies including firewalls, Intrusions Detection and Prevention Systems, Router ACLs, Enterprise Anti-Virus, Content Filtering
• Network / System Administration experience / background preferred
• Cobit and ITIL experience
• Act as an advocate for business units in security strategy setting and planning

I submit this application to express my sincere interest in the security risk analyst position.

In my previous role, I was responsible for subject matter expertise to executive management on a broad range of information security and risk best practices.

Please consider my experience and qualifications for this position:

• Solid understanding and experience with security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components
• Solid knowledge and experience with IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, web server configurations, and networks
• Experience with information risk management
• Experience working in a regulated industry and be familiar with government and industry regulations that involve information security
• Experience managing security related projects involving multiple teams, utilizing project management tools (task allocation, check point meetings, project milestones)
• Experience using common security assessment and analysis tools such as nmap, Nessus, TippingPoint, HP ArcSight, Fidelis, and FireEye
• Familiarity with software/application/database security, system hardening, and secure code analysis (static/run-time) tools
• Incident handling and forensics experience

I am excited to be applying for the position of security risk analyst. Please accept this letter and the attached resume as my interest in this position.

Previously, I was responsible for guidance and expertise in the development of security standards, architectural governance, design patterns, and security best practices that align with our clients policies and ever changing cyber security marketplace.

Please consider my qualifications and experience:

• Will build relationship by making self highly approachable, will seek input from others and will actively listen to concerns and alternate points of view, will make others feel valued and supported
• Experience with Enterprise Network devices
• Risk related certifications
• Performing cyber risk assessments, IT risk assessments, and application risk assessments against OWASP, PCI, GLBA, NIST, ISO, SIG/AUP or other standards
• Collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources to analyze findings in the context of the overall security assessment as it applies to client IP reputational data, phishing, DLP assessments
• Documenting and presenting findings and observations
• Experience with GRC tools (Archer, MetricStream, Process Unity)
• Knowledge of financial services industry and relevant regulations and requirements