Anish Pudasaini

GRC Practitioner & IT Security Expert

Passionate about cybersecurity, governance, risk management, and compliance. Dedicated to ensuring robust IT security measures and adherence to industry standards.

Anish Pudasaini

About Me & My Expertise

I am a dedicated Governance, Risk, and Compliance (GRC) practitioner and IT security expert with over a decade of experience. My passion lies in safeguarding organizations by blending technical acumen with a deep understanding of business risk management.

Throughout my career, I have collaborated with a diverse range of organizations to design and implement robust security programs. I ensure that each solution not only meets industry standards such as GDPR, HIPAA, and PCI-DSS but also aligns with the unique business needs of the organization.

My approach integrates detailed risk assessments, continuous vulnerability scanning, and compliance auditing to identify potential security gaps. By leveraging the latest technologies and best practices, I help organizations build resilient infrastructures that protect both data and reputation.

I am continually refining my skills by staying updated with emerging trends and certifications in the cybersecurity field. This commitment to lifelong learning empowers me to develop forward-thinking strategies that drive business success while maintaining a strong security posture.

What I can Do

GRC Implementation

Led the implementation of a comprehensive GRC framework, aligning IT processes with business objectives and regulatory requirements.

Information Security Audit

Conducted thorough IS audits for various clients, ensuring compliance with NRB, ISO 27001, and NIST standards.

Risk Assessment Program

Developed and implemented an enterprise-wide risk assessment program, identifying and mitigating potential security threats.

Vulnerability Assessment

Conducted thorough VA for various clients using tools like Nessus, Burp Suite, Nmap, so on.

Experience, Education & Certifications

Experience

IS Auditor at Cryptogen Nepal

January 2022 - Present

  • Leading information security audits, compliance reviews, and GRC initiatives.
  • Support the execution of information security, internal audits, external audits, and compliance reviews (e.g., NRB, ISO, NIST)
  • Stay UpToDate on regulation and compliance changes and create awareness.
  • Act as a liaison and engage with auditees and control owners regularly to track progress against audit actions and controls in remediation.
  • Maintain professional and technical knowledge by attending educational workshops, reviewing professional publications, establishing personal networks, participating in professional societies.
  • Actively promote continuous improvement across the company
  • Conduct vulnerability assessments and analysis of the client's environment using both automated and manual techniques.
  • Analyze vulnerability test reports and suggest remediation / mitigation plan

Education

BSc. (Hons) Networking and IT Security

2018 - 2021

Graduated with First Class Honours, specializing in network security and GRC practices.

MSc. IT in Applied Security

2023 - Present

Pursuing a Master's degree in IT with a focus on applied security and compliance.

Certifications

ISO 27001:2022 Lead Auditor Certification

2024

Obtained certification to lead ISO 27001 Information Security Management System audits.

Contact Me