Information Security Engineer Cover Letter

Please consider me for the information security engineer opportunity. I am including my resume that lists my qualifications and experience.

In the previous role, I was responsible for strategic direction to related governance functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies.

Please consider my experience and qualifications for this position:

• Familiarity with SOX and PCI technical controls and best practices
• Working knowledge of information security and access technologies
• Knowledge of security tools, such as Imperva, Qualys, Alert Logic, and OSSec
• Knowledge of data processing equipment, or applicable programming languages, or computer hardware and software
• Relevant professional certifications (e.g., GSEC, CISSP) preferred
• Demonstrates the core values of inquisitive, passionate, positive attitude, and team-minded
• Hands on design and implementation experience on leading Identity and Access products (Sailpoint, CyberArk, ForgeRock as an example)
• Be able to describe common Identity and Access Management technologies

I am excited to be applying for the position of information security engineer. Please accept this letter and the attached resume as my interest in this position.

In the previous role, I was responsible for technical expertise POWER’s IT organizational departments and assists them in the implementation of security technologies and application security.

I reviewed the requirements of the job opening and I believe my candidacy is an excellent fit for this position. Some of the key requirements that I have extensive experience with include:

• Industry Certification aligned to DoD Manual 8570, 01-M for IAT II
• Industry Certification aligned to DoD Manual 8570, 01-M for IAM III, particularly Certified Authorization Professional (CAP) preferred
• Excellent knowledge of large-scale security solutions integration
• Strong understanding of network topology IPV6
• Experience with SQL and Linux
• Web Technologies understanding (HTML, XML, AJAX, Web Services, etc)
• Experienced with Cisco layer 2/3 switches, Cisco routers, Cisco Wireless LAN (controller based), Cisco VPN technology, Cisco ASA Next Generation firewall, Cisco security solutions such as web/email security, IPS, ISE…
• Experienced with security related tools and technologies such as IDS/IPS, SIEM, Next Generation Firewall…

I submit this application to express my sincere interest in the information security engineer position.

Previously, I was responsible for iT and Cyber Security assurance and governance for CAvS UK through effective oversight of Group IT in accordance with the extant SLA.

My experience is an excellent fit for the list of requirements in this job:

• Certified Security Controls Validator
• Working knowledge of modern communications networks and protocols (MPLS, VPNs)
• Experience working with firewalls, intrusion detection systems, authentication, authorization and accounting systems (AAA)
• Work closely with developers and evaluate business requests and proposed designs to determine feasibility
• Experience supporting as least 2 of the above tools anti-malware and Active Directory
• Enterprise experience in any Identity Management system including LDAP services
• Knowledge of and experience with AD Recovery and Auditing tools including Recovery Manager and Change Auditor
• Experience working in of the public cloud providers (AWS, Azure, Google) with security features such as VPC, DLPs

I submit this application to express my sincere interest in the information security engineer position.

In my previous role, I was responsible for leadership to IT and business teams with minimal supervision serving as a technical security engineering consultant.

Please consider my qualifications and experience:

• Working knowledge of enterprise level IDS/IPS including cloud based application containment and analysis
• Working knowledge of enterprise-level Network Access Control (NAC) systems, including wired, wireless, in-band and out-of-band solutions, permanent and volatile agent configurations
• Working knowledge of SIEM and log management, including commercial, open-source, ELK stack and syslog-ng
• Working knowledge of enterprise-level antivirus and malware solutions, including cloud-based behavioral based solutions
• Working knowledge of enterprise authentication systems, including RADIUS, TACACS+, and 802.1X
• Working knowledge of enterprise wireless systems, including enterprise-level wireless authentication and encryption
• Experience with NIST 800-53, PCI, HIPAA and FERPA
• Experience working with BIA, DRP, COOP, RA and RA tools, CERT, and other enterprise-level plans

I submit this application to express my sincere interest in the information security engineer position.

In my previous role, I was responsible for strategic and technical advice and/or oversight to staff or other departments related to IT best practices, security and compliance.

Please consider my qualifications and experience:

• Experience with service-oriented architectures is highly preferred
• Hands-on expertise in the VA-approved Security tools (Tenable Security Center/Nessus, McAfee ePO/Agents/Modules, SCAP) is strongly preferred
• Experience with 1 or more IAM products (SailPoint, RSA Aveska, NetIQ, Oracle Identity Manager, etc…)
• Understanding of audit and compliance requirements applicable in a compliance industry
• Identifies and designs new processes, for integration into the IAM and Business processes
• Understands AD, LDAP group structures, policies
• Familiar with File server management, exchange account management, internal and hosted applications
• Familiarity with Role Based Access Control (RBAC)