Sweta Jaiswal
Governance, Risk And Control
Bengaluru,KA
Summary
A seasoned professional with over 5 years of experience in auditing and evaluating complex IT applications and environments in Banking and Financial sector - locally and globally.
Overview
5
5
years of professional experience
5
5
years of post-secondary education
8
8
Certifications
Work History
Tech Risk Analyst
Goldman Sachs
Bengaluru, KA
05.2020 - Current
- Executed review of SSH connection-Unix, Unauthorized access to Database (mongodb, mssql, others), unauthorized access review to windows production hosts
- Reviewing and monitoring repeat offender and escalating to Manager and above
- Onboarded control bypass review into continuous control monitoring platform
- Monitoring .rhost, k5,root access vulnerabilities, API review using splunk, swagger, sentinel and aqua data studio
- Performed ISO 270001:2013 review for Indian entity by preparing and reviewing Risk assessments, Scope documents and other core activities
- Impact analysis, risk review and control compatibility for Cloud Access Monitoring
- During her tenure in Goldman Sachs she has gone through Business Analyst training (Data Preparation & blending, visualization, query, warehousing, defensive design) and Data science using Alteryx(Decision tree, time series, forecasting, forest models, scoring and others)
- Developed team communications and information for meetings
- Used Microsoft Word and other software tools to create documents and other communications
- Participated in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork
- Managed SOX evaluations, internal audits and other audit review
- Developed and implemented performance improvement strategies and plans to promote continuous improvement
- Built and maintained measurement infrastructure through integration of data warehouses and business objects
Risk Consultant
Ernst & Young India
Bengaluru, India
09.2018 - 04.2020
- As part of and managing team of 4-5 members for Access review, Change Management, Privilege Access Management for SOX 404 Review
- Application Risk Assessment, Application Control Testing, Automated Business Controls, CCAR (Comprehensive Capital Analysis and Review) and RCSA (Risk and Control Self Assessment)
- Further responsible to complete Internal budgeting and time reporting for team members
- During tenure also worked in India Bank and performed Information System Audit and Certification
- Key areas of skill also include- ITGC (IT General Control), ITAC (IT Application Control Testing), IPE (Information Produced by Entity), Risk Reporting and Issue Management
- Awards: "I am Exceptional" in 2019 for being innovative and bringing in positive changes in project management.
- Authored detailed work plans to meet business priorities and deadlines
Risk Analyst
KPMG India
Bengaluru, KA
06.2016 - 08.2018
- Sweta was part of Statutory audit support for Indian multinational ridesharing company
- Further she was also part of French multinational information technology services and consulting company for SOC 1 type 2, SOC 2 type 2
- Sweta has work on IPE, External audit review across industry
- During tenure in KPMG she was also part of Whitepapers for DevSecOps , as part of research she reached out to Top management of existing clients and interacted to provide KPI and Control gap analysis
- Developed short-term goals and long-term strategic plans to improve risk control and mitigation
Education
Post Graduate Diploma in Management - Information Technology
Alliance University
Bangalore 01.2017 - 01.2019
Bachelor of Commerce, Industry Integrated - Industry, Info Sec, Public Relations
Mount Carmel College
Bangalore 01.2013 - 01.2016
Skills
SOX 404
ITAC
ITGC
ISO 270001
Excellent risk assessment abilities
Technical knowledge
Areas of Expertise
Sarbanes Oxley 404, Financial Audit IT(FAIT), IT Application Controls (ITAC), IT General Controls (ITGC), Comprehensive Capital Analysis and Review (CCAR), Application Risk Assessment, SOC1 and SOC2 Type 2 reporting and analysis, Data Migration review, Information Produced by Entity (IPE), Risk Reporting and Issue Management.
Additional work experience in Privileged Access Management, Production Access Bypass Review, ISO 270001:2013.
Certification
Lean Six Sigma Green Belt (ICGB)
Accomplishments
- Coordinated and helped in completion of ISO 270001:2013 review for Bangalore and Mumbai entity with zero findings
- Created governance charts using power bi to reduce reporting effort and provide ongoing view of issues open and closed
- Created multiple workflows using the Alteryx tool to simplify and automatically perform analysis, which was earlier done manually, reducing the hours from 500 hours to 30 hours in a year.
- Helped in creation of tableau workflow for analysis
Timeline
Data Science Course in Excel & R
07-2021
Tech Risk Analyst
Goldman Sachs
05.2020 - Current
Lean Six Sigma Green Belt (ICGB)
04-2020
Risk Management for Cybersecurity and IT Manager
04-2020
SAP Cloud
04-2020
CyberArk - Privileged Access Security
04-2020
COBIT5 Introduction
03-2020
Blockchain &Bitcoin Fundamental
03-2020
Six Sigma Black Belt Certification
06-2019
Risk Consultant
Ernst & Young India
09.2018 - 04.2020
Post Graduate Diploma in Management - Information Technology
Alliance University
01.2017 - 01.2019
Risk Analyst
KPMG India
06.2016 - 08.2018
Bachelor of Commerce, Industry Integrated - Industry, Info Sec, Public Relations
Mount Carmel College
01.2013 - 01.2016