Management Security
Resume:
Neeta Mehra
**********@*****.***
Summary:
Senior Information Security Consultant with over fifteen years of experience in System, Network and Security Domains. Experience, expertise and credentials include:
oImplementing ITIL and compliance (PCI, GLBA, SOX) related initiatives and manage heterogeneous security projects for over 44 countries.
oProviding Threat Management Tier 3/Tier 4 support
oSecurity Incident and Event Management systems (SIEM) RSA EnVision, ArcSight, Intellitectics, RSA Security Analytics in Financial Services, Entertainment,Telecom and Healthcare sectors
oDeveloped correlation rules for potentials threats, unauthorized access control, Advance Persistent Threat (targeted attack), Incident Handling, and to monitor, manage and report on privileged user activities.
oArchitecting and deploying enterprise-wide patch management, and centralized monitoring system ( WSUS, SIEM )
oIndustry recognized MCSE, MCSA, MCP, CCNA and Security+ certifications and vendor specific SIEM certification
PROFESSIONAL EXPERIENCE:
Cognizant Technology Solutions:
Security Architect 2013 – Till Date
Infrastructure Security contains a design document that contains Internet security, Access Control, LAN/WAN security, Datacenter security and End User computing security solutions.
Responsible for designing and architecting a security solution for the financial and other sectors that include dedicated cloud computing.
Design and architect Security Incident and Event Monitoring (SIEM) on a dedicated and public cloud environment and understanding of concepts of Big Data.
Provided security solutions to clients that include consulting, contacting vendors, producing selection, preparing the bill of material, and placing the order.
Draft conceptual and logical architecture specifications, with a focus towards established process, at both enterprise and project levels.
Gather the requirements of PCI; perform PCI assessment and PCI audit.
Managed and created reports, dashboard, alerts using ArcSight, RSA security Analytics (SIEM), in Medicare healthcare and financial sectors.
Performed QA for SOX Controls based on CIB IT SOX testing framework including privileged users’ access management and Break Glass account management.
Wrote a white paper data security specific such as log monitoring, distributed denial of services attack
AIG, Livingston, NJ
IT Security Architect 2011 – 2012
Involved in designing and architecting latest version (4.5) of RSA enVision for NGDC (New Generation datacenter).
Developed and tested security alarms and alarm logic based on various data sources that feed the Security Information Management platform.
Ensured effectiveness of logging and reporting including logical networks, firewall, IDS, Windows, UNIX, Bluecoat, and internal application logs etc.
Created correlation rule to monitor, applications, database, security devices such as DLP, FW, antivirus, IPS/IDS and manage and reporting on privileged user activities.
Project coordination and management.
AT&T, Florham Park, NJ
IT Security Consultant 2008 – 2011
Performed data analysis using the Threat Management platform, Security Incident and Event Management (SIEM) tools and database queries using ArcSight, Intellitectics, and proprietary Daytona.
Served as a Subject Matter Expert (SME) and provide Tier 3/Tier 4 support in Threat Management
Developed and test security alarms and alarm logic based on various data sources that feed the Security Information Management platform.
Implement enterprise wide event correlation including rules development, reporting and alerting for near real time.
Created reports and correlation rules to monitor events from applications and databases and devices.
Developed alarming strategy for new feeds to the Threat Management platform.
Created and configured Zoning, Categorization, assets.
Developed tools (queries, reports, etc.) to simplify the analysis function and support the work done by analysts, Situational Awareness Teams and Global Response Teams.
Identified improvement of alarming strategy for existing feeds.
Respond to requests from CSO (chief security office) management for ad-hoc analysis and assist with analysis of cases created in the SIEM platform - including interpretation of events and identification of false positives
Depository Trust Clearing Corporation, NYC, NY
Sr. Security Analyst-Consultant 2007– 2008
Managed, installed and upgraded all aspects of the SIEM RSA EnVision system, which included report generation to shape up security and compliance (GLBA Gramm-Leach-Bliley, SOX etc.) in posture.
Implementation of enterprise-wide event correlation for near real time, including log file aggregation, creating rules for correlation, and reports and alerts.
Worked on Support Security Event Monitoring project, which included network technology, and collected log information from various sources and departments to validate data and for Security Event Monitoring / Incident Management. Conducted research to set up direction and strategy.
Drafted conceptual and logical architecture specifications, with a focus towards established process, at both enterprise and project levels.
Designed, analyzed and implemented real time alerts, correlation rules and reports for the proprietary system of DTCC, which was not supported by the RSA EnVision SIEM system.
Maintained incidents logs, and track/follows up on problems. Ensured effectiveness of logging, including logical networks, firewall, IDS etc.
Contributed in defining time tables and SIEM project plans. Assisted in definition of milestones and progress tracking.
Warner Music Group (WMG), NYC, NY
Security/System/Network Consultant 2005 - 2007
Independently designed and implemented the Windows Updates patch management system, WSUS enterprise-wide, including all of WMG’s international locations.
Key member in the initiation of ITIL Projects, which included problem/incident management to ensure compliance with PCI, SOX and WMG policies. Also coordinated ITIL Projects with local and international teams.
Key member in designing and implementing processes that monitor enterprise-wide security to keep core business processes secure.
Key member in designing and implementing ITIL framework, which included planning, execution and reporting.
Helped auditors of Ernst & Young, KPMG etc. in auditing.
Customized security and PCI, SOX compliance reports and alerts from the centralized logs on the Network Intelligence / EnVision SIM system.
Monitored and created system and application level security reports for domestic and international users in more than 44 countries.
Created reports for forensic investigation purposes.
Monitored SOX compliance applications that include all local and international financial databases.
Implemented enterprise-wide event correlation capability, including log file aggregation, writing rules for correlation, implementing reporting and alerting capabilities for a near real-time response.
Maintained and upgraded Network Intelligence / EnVision SIM system.
Key member of the change analysis/management team as a part of the ITIL implementation.
Responsible for project management for multiple projects, such as MailFrontier, Counter Storm, Windows Security Update patch management WSUS, Host-Based Intrusion Prevention (Bit9 - Parity), BigFix Deployment Maintenance Task, Trend AntiVirus Upgrade, nCircle Vulnerability Scanning SQL Server for BlackBerry 4.0 and Exchange Server 5.5 retirement.
Education and Certifications:
BBA in Computer Information Systems
Comp TIA Security+ (ID#COMP001005535430)
Cisco CCNA (ID#CSCO10800018)
Microsoft Certified Systems Engineer(MCSE)(ID#2836749)
Microsoft Certified Systems Administrator(MCSA)(2836749)
Microsoft Certified Professional (MCP) (ID#2836749)
Professional References:
AT&T
“Neeta is energetic, curious, and a hard worker. She willingly follows up on any task given her and is always looking for ways she can add value. She quickly learned how to work with our ArcSight and Intellitactics SIEM platforms and was able to apply her knowledge from previous positions to this environment, quickly implementing zoning and asset categorization logic in ArcSight.”
Jeanette LaRosa, Principal Member of Technical Staff, AT&T
DTCC
“Neeta is a highly organized, motivated, results-driven and detailed oriented security analyst. She had worked diligently with internal team members as well as with cross department team members. It is a real pleasure working with Neeta. She is a true professional.”
Top qualities: Great Results, Personable, High Integrity
Parthiv Shah, CISM, CISSP
WMG
“Neeta has been very instrumental in facilitating the implementation of various WMG ITIL-related initiatives, including Enterprise Monitoring, Change Management and Problem Management. She also brings tremendous energy to the Information Security arena, where she worked on the deployment of our malware isolation lab in NY.” May 9, 2007
Andrew Baker, Director, Server Operations & Security, Warner Music Group
“I have worked with Neeta while implementing the ITIL framework at WMG. She has always been very diligent in responding to any requests I have made and always acts in a professional manner. Neeta is a great to asset to WMG and is someone that can be counted on to deliver in any situation.” June 11, 2007
Jeff Gray, Sr Director - Global Networks, Warner Music Group
“Neeta is essential for the multiple duties assigned to her. Managers feel that having Neeta on a project helps to speed up tasks completion and coordination due to her thorough follow ups. Projects which Neeta has helped us greatly include the WSUS implementation, IT Change Management, various security solutions implementation, Exchange Server reports, and overall system administration duties.” May 30, 2007
Saulo Nunez, Sr. Systems Engineer, Warner Music Group
“Neeta is a bright individual that asks all the right questions to confirm a project is complete in a timely manner. She also pays attention to details. In addition, she is a pleasant person to work with and adds a great chemistry to the team.” May 9, 2007
Juan Moreno, Exchange Admin, Warner Music Group
“I had the opportunity to work with Neeta during her tenure at Warner Music Group Neeta is an enthusiastic and hard working professional. When tasked with any project, she worked diligently to gather information, compile and present. Even when it came to littlest of tasks, she took the time to insure it was done professionally and did it with a bright smile. And definitely a team player Keep up the good work Neeta February 17, 2008
Frank Corallo, System Engineer Professional, Warner Music Group
“Neeta Mehra is a highly motivated and very detail oriented worker. During her time at WMG, she has been instrumental in continuing the smooth flow of information between the Security Department and other groups within the organization. Without her, my job would be much more difficult and hectic!” July 16, 2007
Mike Wilson, Corporate Security Manager, Warner Music Group
Contact this candidate