Advisor Information Security Cover Letter

I would like to submit my application for the advisor information security opening. Please accept this letter and the attached resume.

In my previous role, I was responsible for technical knowledge and analysis of information assurance, to include applications; operating systems; Internet and Intranet; physical security; networks; risk assessment; privacy, critical infrastructure continuity and contingency planning; security awareness and training.

Please consider my experience and qualifications for this position:

• Methodologies used include the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-115, Open Source Security Testing Methodology Manual (OSSTMM), and Open Web Application Security Project (OWASP) assessment guide
• Writes basic Information Security governance
• Uses repeatable methods and measurements to determine Information Security risk and recommends improvements to the process
• Performs security risk assessments of moderately complex projects, new technologies, business partners, and third parties
• Determines requirements, recommends system security configurations, and risk mitigation effectiveness
• Responds both verbally and in writing to routine inquiries and periodic exams from both internal control partners
• Guides and assists process owners in the identification, development, and testing of Information Security controls for risk mitigation effectiveness
• Extensive Windows, Linux, Active Directory, and Xacta experience

I submit this application to express my sincere interest in the advisor information security position.

Previously, I was responsible for consultative services to the Business to raise awareness of Information Security standards, concerns, and interpretation and/or clarification of security policies and standards.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Assist the business in the implementation of security reference models, policies, standards, and governance while providing architectural direction and roadmap to technical stakeholders across all enterprise wide technical environments
• Lead the development of security architecture specifications for assigned projects while ensure consistency across business unit projects
• Design security capabilities into complex infrastructure and business applications
• Evaluate current security architecture deployed for business units and provide mentorship and technical specifications on modifications to mitigate risk and the effectiveness of controls
• Provide subject matter expertise on action plans, leadership and governance in deploying architectural improvements without impacting services
• Advise management on handling and minimizing threats
• Maintain security roadmaps for assigned environments
• Ensure security architectural requirements are being adhered to

In response to your job posting for advisor information security, I am including this letter and my resume for your review.

Previously, I was responsible for guidance on the Bank’s information security standards, policies and processes, and information security best practices.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Consults process owners on the identification, development and testing of Information Security controls for risk mitigation effectiveness
• Subject-matter-expert knowledge of risk, control, budgets, process and loss costing, and relevant industry data sources, standards, data analysis tools and techniques
• Established automated processes and technologies to continuously monitor for malicious activity
• Access Reporting
• Access Provisioning
• Basic level knowledge of Microsoft Active Directory (AD), Microsoft Azure AD, AD Connect, AD Federation Services
• Possess understanding of IT security controls
• Expert-level proficiency in MS Word, MS Excel, MS PowerPoint, and MS Visio

I would like to submit my application for the advisor information security opening. Please accept this letter and the attached resume.

In my previous role, I was responsible for leadership, vision and managerial oversight in the development and implementation of risk-based security strategies to define policies and processes that enable consistent, effective information security practices and minimize risk.

My experience is an excellent fit for the list of requirements in this job:

• Other TISO’s
• Completion of network and security certifications
• Experience working with two-factor authentication security, security tokens, web tier software, and users across the enterprise with Dell Defender/Symantec VIP
• Run reporting of usage statistics
• Upgrade Licenses
• Create logical separations of duties for users in the environment
• Knowledge of Unix and/or Linux environment
• Facilitating consulting engagements and effectively communicating information security risks to both technical and non-technical decision makers and advising them on how to align business priorities with information security strategy

I would like to submit my application for the advisor information security opening. Please accept this letter and the attached resume.

In my previous role, I was responsible for expert analysis and recommendations on Information Security risk assessment and mitigation to internal and external clients or other analysts; influences Information Security risk management strategies and approaches and educates risk owners on best practices.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Certifications such as Certified Information Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred
• Knowledge of IT security , systems, methodologies, technologies, architectures, practices, policies, working knowledge of NIST Cybersecurity Framework preferred
• Experienced in implementing applications and systems to support direct consumer interaction, including marketing, customer care, electronic commerce, and fulfillment functions
• Experienced in evaluating the impact of data privacy regulations on policies, procedures and technology controls across the business
• High-quality analytical skills, and exceptional relationship management competencies
• Experience in strategic planning and/or policy development
• Proven success transforming a culture to be more security and data privacy conscious
• Reported findings and issues related to deviations from financial standard