Information Risk Management Cover Letter

Please consider me for the information risk management opportunity. I am including my resume that lists my qualifications and experience.

In my previous role, I was responsible for industry thought leadership in the areas of governance, risk management maturity, and emerging trends.

My experience is an excellent fit for the list of requirements in this job:

• Articulate the IRM standards, policies and goals in a way that engages the business units to act, develop and implement plans
• Of Defence function aligned to BCBS195)
• Previous risk and audit experience is preferred
• Excellent communications skills in both English and Mandarin languages
• A strong understanding and practical experience of Risk and Control disciplines, including COSO framework, audit approach, Sarbanes Oxley, and/or processes risk assessment is preferred
• Strong analytical capabilities and willingness to challenge the status quo
• Significant experience in financial industry risk, compliance, control and governance disciplines
• In-depth understanding of information security principles and best practices across the industry project management principles

I submit this application to express my sincere interest in the information risk management position.

In the previous role, I was responsible for leadership, vision and oversight in development and implementation of our information security risk management strategy to define state-of-the-art policies and processes that enable the Company to establish consistent, effective information security practices and minimize risk.

Please consider my qualifications and experience:

• Certifications preferred (CISSP, CISM, CIPP)
• Demonstrated strategic leader in Information Security
• Deep expert in information security risk management, including policy, process, governance, security frameworks, and regulatory environments
• Demonstrated experience in an Information Security leadership role, influencing senior level management and key stakeholders
• CISSP, CRISC or CISA certification preferred
• Experience with Vendor/Third Party Risk Assessment preferred
• Knowledge of NIST Risk Management Framework, ISO, PCI, COBIT or standards and regulations
• Solid understanding of industry best practices and standards for risk assessments, security audits, and third party vendor assessments

Please consider me for the information risk management opportunity. I am including my resume that lists my qualifications and experience.

In the previous role, I was responsible for an integrated view of information risk exposures across the Business units by collaborating with GIRM COE Leads, Global and Divisional Information Services teams, Canadian Segment & Global Privacy and Compliance, Operational Risk Management and Audit Services.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• BA in the field of IT, Information Security or related field
• Any other graduates with relevant experience can also be considered
• Good understanding of Big Data Environment and Hadoop and Hive
• Familiarity with Information Security and/or Information Risk Management and/or Information Technology
• Familiarity with Information Security Governance, Risk and/or Compliance functions and activities
• Experience developing, communicating and presenting Information Security and Risk Management concepts to varying audiences
• Partner with cross-functional teams to identify and examine emerging opportunities in decision science
• Lead team to research and machine learning or statistical techniques to develop models

I submit this application to express my sincere interest in the information risk management position.

In my previous role, I was responsible for risk management, business, planning, and process governance expertise to Liquid Pipelines Risk Management and the Liquid Pipelines organization from both a technical perspective and a process governance perspective.

Please consider my qualifications and experience:

• Familiar with big data platform and its applications
• Contribute to projects with strategic importance and real bottom-line impact through the conceptual, analytical, recommendation and implementation stages
• Gain exposure to Marketing, Technologies, Finance, and Operations
• Experience in SAS/ SQL/ R /Hive/ other statistical programming experience is preferred along with working knowledge of MS Office
• Masters and/or Bachelors in IT, Computer Science or Information Security preferred
• CISSP or similar certificate preferred
• Knowledge of risk and/or insurance industry including claims processing and underwriting (preferred)
• Undertake pre-contract (RFP) due diligence of vendors

In response to your job posting for information risk management, I am including this letter and my resume for your review.

Previously, I was responsible for support to clients, IT management and staff in risk assessments and the implementation and operational aspects of appropriate information security procedures and products.

Please consider my qualifications and experience:

• Demonstrated history of managing teams of operations in a 24/7/365 mission critical environment, including managing around-the-clock global response teams
• Expert-level understanding of today’s IT threat landscape and information security architectures, applicable laws, regulations, and compliance frameworks (SOC I/II, ISO 27001, PCI-DSS, NACHA)
• Proven experience instituting a “culture of security” where security becomes ingrained in every employees day to day activities
• Industry certifications such as CISSP, CISSLP, or CISSP-ISSMP
• Experience with SOC2 Type 2 readiness initiatives and audit coordination
• Experience with IT Audit is considered an asset
• Familiarity with Group Benefits or Retirement Solution
• Familiar with IT General Controls as defined in GAAPs