Summary
Overview
Work History
Education
Skills
Websites
Certification
Disclaimer
Affiliations
Accomplishments
Languages
Timeline
Generic
SHWETA RAJPUT

SHWETA RAJPUT

Delhi

Summary

Security professional with nearly 7 years of experience in external and internal audits, SOX compliance, and ITGC testing. Expertise in risk assessment and mitigation, with a strong focus on SOC 1 and SOC 2 reporting. Proficient in conducting audits and assessments aligned with ISO 27001, ITGC, PCAOB, AICPA, and GDPR standards. Committed to enhancing organizational productivity through effective information security practices.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Manager - Information Security

LTIMindtree
Noida
11.2023 - Current
  • Developed comprehensive risk assessments for applications and infrastructure, identifying vulnerabilities with the help of the GRC Archer tool.
  • Collaborated with clients during SOX audits, documenting evidence and assisting in internal audit processes.
  • Reviewed SOC 1/SOC 2 reports of vendors, documenting potential risks on the client’s internal portal.
  • Analyzed compliance of risk management policies with ISO 27001 standards to ensure regulatory adherence.
  • Led an eight-member team in daily operations, facilitating conflict resolution and task management.
  • Assisted clients in developing risk mitigation strategies, tracking identified risks until resolution.
  • Maintained a database of identified risks and corresponding mitigation plans for easy access.
  • Utilized Excel pivot tables and charts to analyze data during monthly governance calls with clients.
  • Created proposals for an agent-based AI solution to help clients and team members focus on core areas, and let AI do the repetitive manual tasks.

Senior Associate (Assurance- External Audit)

Pwc SDC
08.2022 - 10.2023
  • Designed and established control objectives and activities for SOC 1 and SOC 2 reports.
  • Conducted ITGC and ITAC control testing according to SOX guidelines.
  • Facilitated process-level and application-level walk-throughs for Access, Password, Batch job, SDLC, and change management.
  • Led walkthrough calls for Security and Availability TSC controls related to SOC 2 reports and ITGCs.
  • Evaluated IT controls, assessing risks and compliance throughout the IT audit process.
  • Supported automation initiatives for SOC reports through STAR tool deployment.
  • Directed status calls, reviewed associates' work, and provided guidance on IT audits and SOC reporting.

Consultant (Cyber Security)

Genpact India Private Limited
08.2021 - 08.2022
  • Conducted IT General Controls (ITGC) and IT Application Controls (ITAC) testing across BFSI, healthcare, and manufacturing sectors.
  • Executed Test of Design (TOD) and Test of Operating Effectiveness (TOE) for ITGC compliance.
  • Performed application walkthroughs, prepared audit scopes, reported findings, and recommended remediation strategies.
  • Delivered annual IT SOX program, including planning, scheduling, review of work papers, and closure activities.
  • Utilized ServiceNow (SNOW), audit board, and Archer tool for efficient ITGC and application controls testing.
  • Facilitated project status meetings to communicate findings and improvement areas to client management.
  • Led regular client calls to discuss risk mitigation strategies and enhance compliance efforts.

Internal Auditor (Risk and Compliance)

HCL Technologies, Noida
Noida
12.2018 - 08.2021
  • Compliance and risk assessments based on ISO 27001, ITGC, SOC 2, and contractual requirements.
  • Extract requirements from MSAs and SOWs set by the client for maintaining compliance to avoid financial, regulatory, and reputational liabilities.
  • Identification of key risks by testing Information Technology General Controls (ITGC), performing gap analysis, and administration of the control testing team.
  • Perform risk assessments, internal audit plans, and perform a detailed review of deliverables (risk control mapping matrix, issue tracker, and risk register).
  • Work with various stakeholders across engagement teams, business operations, and support functions for risk mitigation.
  • Ensure adherence to the information security policy and procedures of the organization.
  • Prepare monthly (management level) and weekly (executive level) reports for presenting the status of current risks.
  • Handled kickoff calls with the management and support functions to start new audit cycles.

Education

MCA -

IGNOU
01.2022

B. SC -

DELHI UNIVERSITY
01.2017

INTERMEDIATE -

J.D.S.K.V.
01.2014

HIGH SCHOOL -

DASHMESH PUBLIC SCHOOL
01.2012

Skills

  • IT audits (internal and external)
  • Contractual requirements analysis
  • ISO 27001 compliance
  • GDPR knowledge
  • Team management
  • ITGC and ITAC testing
  • Auditing tools expertise (Archer, Audit Board)
  • Third-party security governance
  • SOC 1 and SOC 2 reporting

Certification

NTPC: Completed industrial training from NTPC Limited, Noida

Lead auditor, ISO 42001 - attended trainings

CISA - Preparing for the exam

Disclaimer

I hereby declare that all the above given information is true to the best of my knowledge and Concern.

Affiliations

  • VP of College CS ENAIC Society
  • Part of the placement cell
  • Performed in NSD

Accomplishments

  • Star performer of the year - HCL Technologies
  • Genpact - Platinum Award client recognized
  • PWC SDC - Collaborator of the Year
  • LTIMindtree - Shooting Star, Super Crew, and Team Pro

Languages

Hindi
First Language
English
Proficient (C2)
C2

Timeline

Manager - Information Security

LTIMindtree
11.2023 - Current

Senior Associate (Assurance- External Audit)

Pwc SDC
08.2022 - 10.2023

Consultant (Cyber Security)

Genpact India Private Limited
08.2021 - 08.2022

Internal Auditor (Risk and Compliance)

HCL Technologies, Noida
12.2018 - 08.2021

MCA -

IGNOU

B. SC -

DELHI UNIVERSITY

INTERMEDIATE -

J.D.S.K.V.

HIGH SCHOOL -

DASHMESH PUBLIC SCHOOL

Similar Profiles

CREATE PROFILE
SHWETA RAJPUT