Dear Recruiter,
I am writing to express my strong interest in the Compliance Specialist - Shapr3D as advertised. As a driven Security Engineer at Paytm with a passion for solving complex technical challenges, I am confident in my ability to contribute effectively to your organization's security initiatives.
Here are some highlights of my background that make me an excellent fit for the position:
- I have hands-on experience in driving internal and external audits for VMDR(Vulnerability Management Detection and Response) systems set within my organization.
- I have worked on Baseline configuration management for OS, DB, and Middleware CIS benchmark hardening of servers. This helps in maintaining the minimum security baselines for our AWS-based EC2 instances where we produce a hardened golden image after setting the configurations according to the controls mentioned in the CIS benchmark policy and then use that image to generate instances with a hardened configuration. I have been a part of this project from scratch in my current organization and have successfully helped to harden 30k+ servers which are auto-scaling EC2 instances. This includes both Middleware and DB servers.
- Taking the CISSP exam early in my career has shaped my perspective on how to perform risk management with the necessary cost-benefit analysis of the security program in order to drive security in tandem with business enablement.
- The CISSP exam has equipped me with knowledge of all of the 8 domains of security which enables me to understand the pain points of each area, thus helping me achieve regulatory compliance in multiple areas to abide by the GDPR, HIPAA, SOX Act, and multiple other compliances required within organizations.
Web and Mobile Application Penetration Testing: I possess a proven track record in conducting web and mobile application penetration testing. My skills in identifying and addressing security-related vulnerabilities in Android and iOS applications for platform-specific issues and Web API security have played a crucial role in enhancing the security posture of the organizations I have worked with. I have a deep understanding of Android Architecture and have worked with projects involving the reverse engineering of the applications and smalli patching.
- I have been instrumental in helping my current organization achieve the PCI-DSS certification.
I have hands-on experience in performing source code reviews within CI/CD pipelines through Checkmarx. This proactive approach to code analysis ensures the early identification and remediation of vulnerabilities, promoting a Secure Software Development Lifecycle (SSDLC) culture within the teams.
My contributions to training and development, including a Mobile Application Security seminar with over 1,500 views on YouTube partnered with Bugbase and training sessions within my organization complement my technical skills and are also instrumental in reducing vulnerabilities within the products making me an ideal addition to a team for strengthening the security posture of their infrastructure.
I am excited about the opportunity to bring my skills, dedication, and experience to Volvo. My contributions will play a vital role in enhancing the security infrastructure and ensuring the confidentiality, integrity, and availability of your systems and data.
Sincerely,
Naina Sharma
Phone: +91 8433013912
Email: nainasharma899103@gmail.com
Associate of ISC2- CISSP
Senior Security Engineer, Paytm
