IT Risk & Compliance Cover Letter

I submit this application to express my sincere interest in the IT risk & compliance position.

Previously, I was responsible for governance for the identification, audit, validation and remediation of information technology controls required for SOX, PCI DSS, PII, HIPAA and any other applicable regulatory compliance frameworks.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Experience in the design and set-up, management and development of adequate and large-scaled teams, especially in international environments
• Strong experience in IT service operations, specialized on IT Security Service processes and technologies
• Experience in the management of large scale projects, especially in international environments
• Knowledge in sourcing strategies and provider selection processes
• Broad experience which includes functional access in all areas noted above
• Legal background/understanding
• Security certifications such as CISSP, CRISK, CISA, SSCP, CEH
• Perform QRC requirements within third party framework, , Due diligence Assessment of Prospective Suppliers, Audit of Suppliers

In response to your job posting for IT risk & compliance, I am including this letter and my resume for your review.

Previously, I was responsible for pCI domain expertise for annual PCI Report on Compliance, or other PCI controls and activities that require this expertise.

Please consider my experience and qualifications for this position:

• Knowledge of Information Security Standards (ISO 27001/27002, ITIL)
• Knowledge of Data Privacy and Compliance Regulations (MA CMR 201, HIPPA, Red Flag)
• Oracle GRC suite experience, specifically the AACG module, preferred
• Experience with access provisioning and monitoring control performance or assessment
• Experience developing, documenting and maintaining access and security policies, processes, procedures, and standards
• Requires experience in managing large teams and building relationships with people at a variety of levels
• Demonstrated expertise in risk and compliance management within an IT organization
• Demonstrated expertise in developing and reviewing policy

I submit this application to express my sincere interest in the IT risk & compliance position.

Previously, I was responsible for guidance and support to IT and business to ensure continued compliance to PCI DSS requirements.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Professional certifications (CISA or CISSP)
• Thorough understanding of current technologies and the risks inherent in those technologies, including but not limited to cloud/hosting, data transport, portals
• Good understanding of tax, assurance and consulting practices
• Basic understanding of data security and privacy risks and best practices
• Awareness of latest and common security threats
• Strong understanding basic audits and the controls necessary for those audits
• Strong understanding of Risk Management Practices, industry standards, and risk management utilization
• Experience interpreting federal and state security related legislation including HIPAA, Joint Commission, and Meaning Use

Please consider me for the IT risk & compliance opportunity. I am including my resume that lists my qualifications and experience.

In my previous role, I was responsible for support for various audits, compliance activities and ensure IT governance, IT security, and Corporate Policies are followed.

Please consider my experience and qualifications for this position:

• Proficient at coordinating multiple endeavors and request streams
• Excellent interpersonal skills including consistent service orientation and delivery for internal and external customers
• Proficient at presenting concepts internally and externally
• Experience delegating tasks and providing work flow guidance
• Strong understanding of audit, security, and IT standards, CoBit, NIST, ISO27001, ISO27002, ITIL, SAN, PMBoK, etc
• Strong understanding of Information Technology architectures, infrastructure components, and networks
• Industry-recognized certifications (such as CISA, CISSP, CEH) will be an added advantage
• Preferred experience with Oracle AACG or similar access tools

I would like to submit my application for the IT risk & compliance opening. Please accept this letter and the attached resume.

Previously, I was responsible for people and operational management and be accountable for the development, implementation, communication, maintenance and governance in line with the IT security, risk and compliance strategy and roadmaps.

Please consider my experience and qualifications for this position:

• Expertise in overseeing IT audits
• Certifications in Audit, Risk Management and Project Management highly desirable
• Curiosity and eagerness for exploring and understanding complex business processes
• Natural sense of duty and urgency to drive change
• Excellent in execution, being able to create a sense of urgency and focus on high value items
• Strong solution management skills (understanding on functional business process in solution design and configuration experience)
• Excellent Project management skills (scope and quality management, resource management, budget management, issue management, stakeholder management)
• Strong analysis, synthesis and communication capacity (written and oral)