Skip to main content
ritika guptaRG
Open to opportunities

ritika gupta

@ritikagupta3

SOX ITGC and GRC consultant delivering audit-ready control testing.

India
Message

What I'm looking for

I’m looking for an environment where I can plan and execute SOX ITGC and technology risk testing end-to-end, build audit-ready documentation, and drive clear, leadership-ready deficiency reporting—ideally with strong GRC tooling and collaborative stakeholder communication.

I’m a SOX ITGC and technology risk professional with 5+ years executing IT general controls and application control testing at Deloitte USI and Protiviti. I own the full audit lifecycle—from planning and scoping to walkthroughs, sample selection and population testing, control effectiveness testing, and deficiency write-ups—producing audit-ready workpapers and test matrices aligned to PCAOB standards.

I bring strong knowledge of SOX, SOC 1, SOC 2, PCI DSS, NIST, ISO 27001, and COBIT, with hands-on experience in AuditBoard. I’m a clear communicator who translates control testing logic and findings into structured documentation for leadership, governance committees, and cross-functional stakeholders, and I’ve led vendor/TPRM reviews and recurring GRC reporting in tools like AuditBoard and ServiceNow GRC.

Experience

Work history, roles, and key accomplishments

IG
Current

Senior IT Governance Controls Consultant

Oct 2025 - Present (9 months)

Plan and execute risk-based internal IT audits across cloud and SaaS applications, scoping and testing controls aligned to NIST CSF, SOC 1/SOC 2, and ISO 27001. Perform user access and log reviews, application control testing, vendor risk assessments, and report risk/remediation metrics through GRC tools.

Protiviti logoPR

Deputy Manager Technology Risk & GRC

Oct 2023 - Sep 2025 (1 year 11 months)

Lead end-to-end IT governance and SOX ITGC engagements for financial services and insurance clients, including planning, scoping, control effectiveness testing, and reporting. Conduct user access and log reviews, review SOC 1/SOC 2 reports for vendors, assess application controls in Oracle and SAP, and manage risk registers and remediation plans.

DU

Technology Risk & GRC Consultant

Jun 2021 - Oct 2023 (2 years 4 months)

Execute IT governance and SOX ITGC audits for global banking and financial services clients, performing design and operating effectiveness testing across access management, change management, SDLC, and logical security. Test application and automated controls in ERP platforms (SAP, Oracle, Workday) and produce structured issue logs and audit deliverables aligned to audit requirements.

Education

Degrees, certifications, and relevant coursework

ritika hasn't added their education

Don't worry, there are 90k+ talented remote workers on Himalayas

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan