Summary
Work History
Education
Skills
Websites
Certification
Generic

Neha Sood

Summary

A Security professional offering over 16 years of rich experience in spearheading Information Security, Internal Audits, Governance, Risk and Compliance across BFSI, Technology and Telecom domains.

Work History

Security Consultant

IBM India/Kyndryl Solutions
7 2015 - Current
  • This role is accountable for Governance, Risk and Compliance for Kyndryl clients
  • Implementation and review of Customer Security Document, Security Policies and Compliance Guidelines as agreed with the customer
  • Driving a Security and Risk Management strategy in alignment with Kyndryl Global Standards
  • Engaged in vulnerability management and implementing the remediation plans with the help of technical teams
  • Scheduling the vulnerability scans, patch scans and discovery scans on monthly basis or as and when required
  • Perform or assist with IT internal Audit, IT process reviews, IT Infrastructure Reviews, Information security audits
  • Highlighting areas of control weakness by documenting the findings clearly, discussing recommendations with management and liaising with the process heads to ensure closure of audit findings
  • Conducting Risk assessment reviews, which involve analyzing risks as well as identifying, describing, and estimating the operational risks affecting the business
  • Provide consultancy on project and services to support mitigation of risk and control implementation leading to effective risk management
  • Working with operations team to monitor workflow routines to ensure teams worked in accordance with compliance policies and procedures
  • Conducting regular interlocks with the stakeholders to review the security, risk and compliance posture
  • Demonstrated knowledge and experience in information privacy and security laws and practices (ISO 27000, PCI DSS, SOX, GDPR).

Global Compliance Manager

IBM
07.2015 - 08.2021
  • Administered Governance Risk and Compliance for IBM clients
  • Adhered to the IBM IT security policies and ensured a secure and compliant IT environment to accomplish the business goals
  • Responsible and accountable for ensuring smooth Audit and Compliance functions
  • Implemented Security and Risk Management strategy in alignment with IBM Global Standards
  • Conducted weekly review meetings with Account teams, coordinated with the technical teams for timely updates (resolution plan, change implementation, closure, applicability, risk of not implementing etc.) for timely closure
  • Implemented security measures while minimizing regulatory findings and reducing risks
  • Emphasized areas of control weaknesses by documenting the findings clearly, discussing recommendations with management and liaising with the process heads to ensure closure of audit findings.

Assistant Manager

EXL Services Pvt. Ltd.
02.2012 - 06.2015
  • Strong credentials in collating and transforming business requirements into feasible solutions and ensuring quality service delivery and enhancing customer satisfaction
  • Performed Control Testing which included the documentation of testing results and work paper as per established documentation guidelines
  • In addition, prior to performing control testing reviewed the client's Control Template to provide recommendations for improving control language with the objective of enhancing efficiencies in remote execution of test procedures
  • Understanding and carrying out Risk & Advisory Services which includes IT Controls, Operational Controls and Financial Controls
  • Also identifying the risks and obtaining an overview of the market in which the entity operates
  • Mapping and Validation of Controls and performed substantive testing
  • Performed testing for the accuracy and completeness of the data along with data integrity & validity checks to cover multiple scenarios
  • Performed end to end process mapping using Enterprise Modeling Tool by defining the logical process flow
  • Performed Migration which includes Pre migration process documentation, Process Mapping for the entire processes, Process Transformation, Detailed study of Risk, Technology & Compliance obligations, Process re-design, Knowledge Transfer, Post-migration process documentation, Developed and executed compliance testing for internal audit & SOX Control
  • Carrying out walkthroughs with process owners and documenting the 'as in' process maps in the form of a logical flowchart for various in-scope processes
  • Performance of risk assessment and identifying of key controls and risks within each process with the objective of preparing a Risk Control Matrix (RCM) as a final deliverable.

Education

Master's in business administration - Finance

Bachelor's in Economics Hons. - undefined

Skills

Information Security

undefined

Certification

Certified in Risk and Information Systems Control (CRISC)

Similar Profiles

  • SYED ARSHAD NAFIS HASHMI

    SYED ARSHAD NAFIS HASHMISYED ARSHAD NAFIS HASHMI

    Director - Information Security & Risk Management at Anaptyss India Private LimitedDirector - Information Security & Risk Management at Anaptyss India Private Limited

    View Profile
  • MUKESH KUMAR

    MUKESH KUMARMUKESH KUMAR

    Automation Lead at Kyndryl Solutions Pvt. Ltd, IBM India Pvt. Ltd, Client: Airtel IndiaAutomation Lead at Kyndryl Solutions Pvt. Ltd, IBM India Pvt. Ltd, Client: Airtel India

    View Profile
  • Gulab Hawaldar

    Gulab HawaldarGulab Hawaldar

    Service Delivery Manager at IBM INDIA PVT. LTD / Kyndryl Solutions Pvt. LTD.Service Delivery Manager at IBM INDIA PVT. LTD / Kyndryl Solutions Pvt. LTD.

    View Profile
Neha Sood