Sangit Pant | Freelancer Resume

Sangit Pant Lalitpur, Bagmati Zone, Nepal |- |-| in/sangit-pant- SUMMARY IT Audit and GRC professional with over one year of experience in ISO 27001 readiness, SOC 2 preparedness, risk management, and compliance documentation. Skilled in gap assessments, ISMS development, and audit support, with experience collaborating across teams to strengthen security and governance frameworks. EDUCATION Presidential Business School 2025 Bachelors of Science, Information Technology EXPERIENCE Vairav Technology Security Pvt Ltd Associate IS Audit and GRC Analyst Vairav Technology Security Pvt Ltd IS Audit and GRC Analyst Trainee Vairav Technology Security Pvt Ltd IS Audit and GRC Analyst Intern Hansikar Technologies, Kathmandu Freelance Content Writer PROJECT BrahmaGrid Self Initiated May 2025 - Present Kathmandu, Nepal Jan 2025 - May 2025 Kathmandu, Nepal Sep 2024 - Jan 2025 Kathmandu, Nepal Jan 2023 - Feb 2024 Kathmandu, Nepal Apr 2025 - Jun 2025 • Developed a platform to streamline ISO/IEC 27001 certification with key modules for SoA generation, gap assessment, risk management, and meeting minutes, delivering audit-ready reports. Khatra GRC Oct 2024 - Dec 2023 Self Initiated • Developed a GRC tool that defined compliance requirements and improved collaboration between GRC professionals and security implementers through a secure dashboard. SKILLS • Technical Skills: Strong understanding of Cybersecurity principles and best practices, Experience in threat modeling and risk assessment of ISMS systems to identify and evaluate security risks., Information Security Audits against various standards and guidelines, Readiness assessment and documentation for compliance frameworks like ISO 27001, SOC 2, GDPR etc., Hands-on experience with ISA/IEC- for OT security, focusing on system security requirements and levels, Fundamental knowledge of cloud computing and networking, including key protocols and IT concepts • GRC & Compliance: GRC in general including experience in making of various Policy and Procedures, GRC Knowledge, Vendor Management, Risk Assessments • Technical & Soft Skills: Good with written and verbal communication skills for effective documentation and collaboration, Analytical Skills, Experience in working as a Virtual ISO of a financial institution, EDR response testing to evaluate and enhance detection and response capabilities CERTIFICATIONS • ISO/IEC 27001:2022 Lead Auditor:Mastermind Assurance • 2025 • Certified Governance Risk and Compliance Analyst (CGRCA):Hack & Fix Academy • 2025 • Certified Ransomware Protection Officer:ICTTF - Cyber Security Community, Academy and Events • 2025 • CC (Certified in CyberSecurity):(ISC)2 • 2024 • ISO/IEC 27001 - Information Security Associate:SkillFront • 2024 • Play it Safe - Google:Coursera • 2023