As a Cybersecurity/GRC Auditor at Dry Kirkness, I oversee IT-related audits for various local government, NGO/INGO, and other private and public organizations, along with conducting various internal audits.Key Responsibilities:Audit Leadership: Lead cybersecurity and GRC audits, ensuring adherence to regulatory standards and identifying critical risk areas.Technical Assessment: Conduct thorough technical assessments, including penetration testing and vulnerability assessments, to evaluate security controls.Compliance Assurance: Verify compliance with cybersecurity policies, procedures, and regulations, and assess implementation of security frameworks.Risk Management: Assess and prioritise risks, recommend mitigation strategies, and monitor their implementation to enhance security posture.Reporting and Advisory: Prepare comprehensive audit reports, communicate findings to stakeholders, and provide strategic guidance on improving governance and compliance practices

As an internal auditor, I ensured compliance with regulations, assess financial statements, and evaluate operational processes to mitigate risks.I conducted independent reviews, recommend improvements for efficiency, and communicate findings to management.My role safeguards assets and promotes transparency, reinforcing organizational integrity and governance..Key Achievements :-- Conducted various Information System Audits to assess the security and integrity of IT systems and data.- Led Compliance audits across multiple sectors, ensuring adherence to regulatory requirements and internal policies.- Managed Risk audits, identifying and evaluating potential risks to organizational objectives and recommending mitigating actions.- Contributed to audits of local and public sector organisations in Western Australia, providing insights into sector-specific challenges and opportunities.- Conducted audits like Leave Control Audit and Compliance Audit focusing on regulatory compliance and operational efficiency improvements.

As Head of Information Security at Global IME Bank Limited, I supervised and communicated the IT security plans and procedures to all staffs, conducted internal security audits, and conducted information sessions about hacker methodologies and anticipation of security breaches.I collaborated with the Chief Information Technology Officer to define the annual securities budget for software and other regulatory expenses.Key Achievements :-- Implemented enterprise information security system for Global IME bank in Kathmandu as part of live project, decreasing security vulnerability by 25%; applied security policies for data loss prevention and reduced risk- Reviewed and reframed IT Policies and IT Security Policies to enhance clarity and alignment with best practices.- Updated Business Continuity Plan and Disaster Recovery Plan to ensure readiness and resilience in criticalscenarios.- Worked as member secretary of the IT steering committee, facilitating strategic IT decisions and alignment withbusiness goals.- Worked as executive member of the ISO committee, overseeing implementation and compliance with ISOstandards.- Deployed Security Information and Event Management (SIEM) in the bank, bolstering real-time security monitoringand incident response capabilities.

Expert System AuditorInternal Audit External Audit

Internal Audit-External Audit- System Audit