Engineer, Information Security Cover Letter

I would like to submit my application for the engineer, information security opening. Please accept this letter and the attached resume.

In my previous role, I was responsible for guidance, assessment, and oversight to implementation of ISO/IEC 27000, Information Security Management Systems (ISMS).

Please consider my qualifications and experience:

• Understanding of the technical components of a network infrastructure/architecture and their interactions
• A bachelor's, information systems or other related field
• Working knowledge of Security Architecture for both infrastructure components (networks and servers) applications and data
• Relevant Information Security Certifications (CISSP, CISA, CNE, GISA, ) are preferred
• Skilled at identifying security gaps in infrastructure and processes
• Practical implementation knowledge to advise IT development and implementation teams on how to fix potential vulnerabilities and advise on secure design
• Understanding of secure coding techniques and able to partner with Development teams
• Able to translate vulnerabilities and gaps into business risks

I am excited to be applying for the position of engineer, information security. Please accept this letter and the attached resume as my interest in this position.

In the previous role, I was responsible for antivirus & Malware protection application administration and management (for example, but not limited to SentinelOne, Symantec).

Please consider my experience and qualifications for this position:

• Security certification (or equivalent training/experience) preferred (CISSP, GCFA…)
• Experience building and managing security of Tier-1 cloud environments
• Experience with network security and networking technologies, system security and networking tools
• Familiarity with Computer Security Incident Response (CSIRT) practices and processes
• Development of detailed security documentation and procedures
• Communication of complex technical information to team members and all levels of management and customers
• CISSP, CISM, or other security certifications highly preferred
• Active Directory administration and group policy

Please consider me for the engineer, information security opportunity. I am including my resume that lists my qualifications and experience.

Previously, I was responsible for technical expertise to compliance, business units and supporting departments in the implementation, certification, and maintenance of compliance standards (E.g., NIST 800-171, CMMC, CC, ISO 27001, ISO 9001, SOX, GDPR, etc.).

Please consider my qualifications and experience:

• Experience in incident handling/incident response and computer forensics (SIEM solutions, IDS/IPS systems, and advanced threat analysis)
• Has built and managed frameworks to test and validate the effective operation of security controls
• Thinks broadly about issues and options before choosing a solution or path and can explain to stakeholders why a solution/path was chosen
• Knowledge of technical writing preferred
• Expertise with standard IT processes and technologies (networking, systems administration, change management, ticketing systems, project management)
• Expertise with standard information security technologies (IPS/IDS, WAF, DAM, SIEM, AV, EDR)
• Knowledge of network protocols and packet analysis tools such as TCPDUMP and Wireshark
• Knowledge and experience with security-related systems and applications, firewalls, packet analysis tools, intrusion detection/prevention, and web content filtering

In response to your job posting for engineer, information security, I am including this letter and my resume for your review.

Previously, I was responsible for nIST, DFARS, STIGs and CIS L1/L2 security configuration and implementation compliance and integrate security solutions into information systems.

Please consider my experience and qualifications for this position:

• Experience with Active Directory and Linux distributions, including Kali and its tools
• Experience with army aerial sensors and related systems
• Revision control systems such as git or svn
• Proficient with recent shell, Python
• Experience with public and/or private clouds
• GIAC Penetration Tester (GPEN), GIAC Certified Incident Handler (GCEH) or equivalent
• Information Security Program Management experience
• Knowledge of Information Security Frameworks (ISO 27002

In response to your job posting for engineer, information security, I am including this letter and my resume for your review.

Previously, I was responsible for support for key parallel security and compliance programs including security analysis, SOX, PCI, and SOC compliance audits.

Please consider my experience and qualifications for this position:

• Knowledge of security, audit and compliance frameworks SOX, ISO, NIST, SSAE16
• Exposure to IT GRC processes and technology
• In depth knowledge of Role-based Access Controls
• Industry certification(s) such as CISSP, GSEC, CCSP
• Experience with Python, Java or PowerShell
• Some project management capabilities
• Nexpose System Administrator
• Symantec Endpoint Protection - Admin/Architect Level