Neha Bahotra
Summary
Dedicated cybersecurity professional aiming to contribute as a Vulnerability Manager by developing proactive vulnerability management programs, leading cross-functional teams, and implementing effective remediation strategies.
Committed to enhancing security posture while aligning with business objectives and regulatory requirements.
Overview
14
14
years of professional experience
1
1
Certification
Work History
Vulnerability - Cyber Security Operations Manager
Colt Technology
Gurugram
01.2021 - Current
- Lead the enterprise vulnerability management program, overseeing the identification, assessment, prioritization, and remediation of security vulnerabilities across infrastructure, applications, and endpoints.
- Coordinate and manage regular vulnerability scans using tools like Qualys, Tenable, or Rapid7, ensuring comprehensive coverage, and timely execution.
- Analyze vulnerability data and threat intelligence to assess risk, prioritize remediation efforts, and reduce the organization's attack surface.
- For the zero-day vulnerability attack, ensure all IOC IPs are blocked at the firewall, domains are blacklisted at the proxy, SHA values are blocked at the EDR, and alerts and detections are configured for the associated domains and URLs.
- Collaborate with IT, DevOps, and application teams to ensure timely patching and mitigation of identified vulnerabilities, while minimizing business impact.
- Develop and maintain vulnerability KPIs, security incidents KPIs, and dashboards, and report findings, trends, and risk posture to senior management and security leadership.
- Ensure adherence to SLAs and operational processes while driving continuous improvement to meet organizational objectives.
- Led the preparation and coordination efforts for internal and external audits, including ISO 9001, 20000-1, 27001, and 22301, ENS, addressing compliance gaps, and implementing corrective actions.
- Lead and oversee the 24/7 daily operations of the Vulnerability Operations.
- Hire, coach, and manage security operations staff, cultivating a dynamic team environment focused on ongoing skills development.
- Managing the finances of the SOC team by taking care of the renewal and management of purchase orders for all security tools and services, while also ensuring budget compliance and timely delivery.
- Led the development and maintenance of cybersecurity-focused business continuity planning (BCP) and disaster recovery (DR) strategies to ensure resilience against cyber threats.
Vulnerability Management Technical Lead
Colt Technology
09.2019 - 12.2020
- Performing Vulnerability Assessment using different VM tools like QualysGuard, Nexpose - Rapid 7 tool.
- Taken Ownership of covering all the assets in scope of the Network Map of Colt Infrastructure.
- Preparing Rapid 7 Vulnerability scan, and Cloud Agent Reports and Dashboard for Platform teams and Customers.
- Actively worked towards improving the Overall security posture with Colt's Infra by making sure vulnerabilities are getting remediated within assigned SLA's.
- Remediation Tracking is done by assisting the team with Remediation Plans and regular Meetings are organized to monitor and track the remediation of vulnerabilities.
- Conducted Asset segregation by criticality, distinguishing between internet-facing assets and high-value targets ('crown jewels') to drive prioritized remediation.
- Monitoring and analyzing the vulnerability scan report which includes troubleshooting on authentication/reachability issues and activities like False-positive analysis.
- Worked on PowerBI to present the Monthly KPI's and Dashboard to Management.
- Interacting with Management, Clients and Stakeholders for updates on the Vulnerability Dashboard, New Projects and Roadmap for the team.
- Have been presenting Vulnerability Management across at Internal Level Program Organized by KPMG at i-4 (International Information Integrity Institute) Official Group.
- Maintaining and timely update all the required SOP's/ Documents for CSOC VM team.
Cyber Security Analyst
Accenture
Gurugram
06.2013 - 09.2019
- Expertise in vulnerability management and assessment, cloud agent module, policy compliance, and vulnerability remediation in Qualys, Nexpose Rapid, and Nessus tool.
- Actively working on the Cloud agent module activation on workstations and Cloud servers, and collaborating with the Platforms teams for Cloud agent installation.
- Preparing, Publishing, monitoring, and analysing the vulnerability report, which includes activities like high-risk and exploitable vulnerabilities, false positive analysis, and zero-day attacks.
- Working on troubleshooting, majorly related to authentication and reachability issues.
- Working on policy compliance scans to check whether the client environment is compliant or not.
- Helping remediation teams prioritize vulnerabilities and work on the remediation of the vulnerabilities.
- Preparing and publishing Vulnerability Scan, Compliance Scan, and Cloud Agent Reports.
- Monitoring and analysing the vulnerability scan report, which includes troubleshooting authentication and reachability issues, as well as activities like false-positive analysis and zero-day attacks.
- Have worked on the New Client Transition phase where initial Level of Handovers and shadowing is done, and SOPs are prepared as agreed with the Customer. Post which Runbooks are prepared, Scanner is deployed and having a smooth Go live and then worked on the BAU run phase.
Technical Senior Associate
Wipro
07.2011 - 06.2013
- Provided Level 1 technical support for broadband internet services, assisting UK-based customers with connectivity issues, modem/router configurations, and email client troubleshooting.
- Security related questions checked with the customer before assisting them.
- Performed diagnostic checks, security perimeters including line testing, DNS resolution, and IP configuration to identify and resolve network-related problems.
- Assisted users with email setup and recovery, POP3/IMAP configurations, and webmail access across different platforms.
- Documented and tracked customer interactions using BMC Remedy tools, ensuring compliance with quality and data protection standards.
- Escalated unresolved issues to Tier 2/Engineering teams with detailed technical logs and troubleshooting steps.
- Supported internal process improvements by identifying recurring technical issues and suggesting documentation or training updates.
Education
Bachelor of Technology - Information Technology
01.2011
Intermediate -
Bhavans Kesari Devi Kanoria Vidya Mandir School
01.2007
SSC -
Nirmala Convent High School
01.2005
Skills
- Tools – Qualys Guard, Nexpose Rapid7, Tenable, and Nessus
- Vulnerability and patch management, assessment, prioritization, and remediation
- Cloud Agent Module - Qualys and Rapid7
- ServiceNow and Power BI
- Qualys policy compliance
- Security compliance
- Compliance Scan
- Incident response
- Collaboration skills and Effective communication
- Risk assessment
- Budget management
Certification
- ITIL 2011 V3 Foundation Certified.
- CompTIA Pen Test Certified
- CEH Version 10
- CompTIA Security+
- QualysGuard VMDR
- QualysGuard Policy Compliance
- QualysGuard Cloud Agent
- QualysGuard Web Application Scanning
Accomplishments
- Won the ACE Award for exemplifying, exceeding, and demonstrating Colt's values and behavior under the Accountability Category.
- Won the Value Champion Award for adding all assets in the scope of the Network Map of Colt Infrastructure and reducing the overall count of vulnerabilities.
- Recognized as the Star of Business Award at Accenture.
- Received multiple appreciations from clients, the Platform Team, and management.
- Received the Delivering Outcome Award for continued support and helping us mature the overall Threat and Vulnerability Management service for one of my clients.
- Actively participated in extracurricular activities and received awards in various office-organized events.
Timeline
Vulnerability - Cyber Security Operations Manager
Colt Technology
01.2021 - Current
Vulnerability Management Technical Lead
Colt Technology
09.2019 - 12.2020
Cyber Security Analyst
Accenture
06.2013 - 09.2019
Technical Senior Associate
Wipro
07.2011 - 06.2013
Bachelor of Technology - Information Technology
Intermediate -
Bhavans Kesari Devi Kanoria Vidya Mandir School
SSC -
Nirmala Convent High School