About Experience Skills Certifications Projects Insights Gallery Contact
in
🏆 Employee of the Year 2024 · Eminence Ways · March 2024
🟢 Open to Work · Perth WA · Full Working Rights

Yadav
Ghorasainee

Cybersecurity  ·  GRC  ·  ISO 27001  ·  IS Audit  ·  IT Support  ·  Network Security

MSc IT & Applied Security (London Metropolitan University) — Results-driven professional with expertise across IS audit, GRC, ISO 27001, NOC operations, and IT support. Fortinet NSE · (ISC)² CC · ISO 27001 Internal Auditor · GDPR · Azure · Active Directory. Seeking IT Support, Help Desk, NOC, or Cybersecurity roles in Australia.

5+
Years Experience
MSc
IT & Applied Security
NSE
Fortinet Certified
(ISC)²
CC Passed
⬇ Download CV in LinkedIn ✉ Contact 📅 Book Consult
Yadav Ghorasainee — Cybersecurity & IT Support Professional Perth Australia
🛡 ISO 27001
📊 GRC Expert
🔍 IS Auditor
🏆 EOTY 2024
Who I Am

About Me

I am a cybersecurity and IT professional with over 5 years of combined experience in IS audit, network operations, technical support, and security governance. I hold an MSc in Information Technology & Applied Security (specialisation: Computer Networking & Cybersecurity) from Islington College — London Metropolitan University, completed 2025.

Recognised as Employee of the Year 2024 (March 12, 2024) by Managing Director Narayan Koirala at Eminence Ways Pvt. Ltd — a cybersecurity firm — I single-handedly led IS audit engagements across Class A banks, insurance companies, ISPs, IT firms, and government bodies. I hold Fortinet NSE1/NSE2, (ISC)² CC, ISO 27001 Internal Auditor, GDPR, Cisco CyberOps, and ISO/IEC 42001 credentials.

My technical stack spans Windows Server, Active Directory, Microsoft 365, Azure, Hyper-V, VMware, Veeam, Nagios, iMaster NCE, Palo Alto, CrowdStrike, Sophos — giving me the governance depth and infrastructure credibility rare in the security profession.

My MSc dissertation — "Securing Insurance Companies: A Strategic Approach to ISO 27001 – ISMS Implementation" (0% plagiarism) — reflects my passion for translating standards into real organisational resilience. Now in Perth, WA with full working rights, I am targeting IT Support, Help Desk, NOC, Cybersecurity, or GRC leadership roles.

🟢 Available Now 📍 Perth WA ✅ Full Working Rights 🏆 EOTY 2024 🎓 MSc IT Security
Yadav Ghorasainee — Professional Office Setting
🏢 Professional · Cybersecurity Leadership
🎓

MSc IT & Applied Security

London Metropolitan University, 2025. Networking & Cybersecurity specialisation.

🛡

Fortinet NSE1 · NSE2

Fortinet Certified Fundamentals in Cybersecurity — network security expertise.

🔐

ISO 27001 Auditor

Certified Internal Auditor (Advisera). Hands-on ISMS implementation experience.

☁️

Cloud & Infrastructure

Azure, AD, Windows Server, Hyper-V, VMware, Veeam, Microsoft 365.

Career Journey

Experience Timeline

Jan 2023 – Jan 2025
Information Systems Audit Officer
Eminence Ways Private Limited · Kathmandu, Nepal
Led end-to-end IS audit projects for Class A banks, insurance companies, ISPs, IT firms, and government bodies. Assessed ISO 27001:2013 & 2022 compliance, conducted risk assessments, developed risk registers, reviewed SOPs, and delivered board-level audit reports. Coordinated GEA audits for government organisations. Delivered cybersecurity presentations to non-technical stakeholders.
IS AuditISO 27001:2022Risk AssessmentNISTGDPRSOP DevelopmentGEA Audit🏆 Employee of the Year 2024
Nov 2021 – Oct 2022
L2 Technical Support Engineer
Kantipur Management Pvt. Ltd (Dish Media Network) · Lalitpur, Nepal
Provided Level 2 technical support achieving 95% first-call resolution. Configured routers, switches, and firewalls for ISP backbone. Monitored network using Nagios and iMaster NCE, coordinated with NOC, performed RCA reducing incident recurrence by 40%. Mentored L1 engineers and maintained technical documentation.
NOC OperationsFirewallVPNNagiosiMaster NCERCA95% FCR
Aug 2021 – Nov 2021
Customer Service Representative (Technical)
Kantipur Management Pvt. Ltd · Lalitpur, Nepal
Delivered L1 technical support for internet connectivity, router setup, and network troubleshooting via phone, email, and live chat. Managed CRM ticket logging and configured wireless routers, repeaters, and IPTV devices.
L1 SupportRouter ConfigIPTVCRM Systems
Sep 2019 – Jan 2020
Technical Support Representative
Kalash Services Pvt. Ltd (Worldlink Communications) · Lalitpur, Nepal
Resolved internet, IPTV, LAN, and Wi-Fi technical issues via multi-channel support. Coordinated with field engineers for on-site resolutions and followed up to confirm closure.
ISP SupportLAN/Wi-FiIPTVTicket Management
Dec 2018 – Mar 2019
Wireless Internet Support — Internship
Subisu Cable Pvt. Ltd · Kathmandu, Nepal
Field installation and configuration of routers, switches, and cabling. Troubleshot connectivity issues and supported CCTV and cable TV configuration for residential and SME clients.
Field SupportNetwork InstallCCTV Config
Core Competencies

Skills Dashboard

🔍 Information Systems Audit93%
📝 SOP & Policy Development92%
🔐 ISO 27001 Implementation90%
🏛 Cybersecurity Governance89%
📋 GRC — Governance Risk Compliance88%
⚖️ Risk Assessment & Management88%
📜 IT Compliance & Internal Controls86%
🌐 Network Security & Architecture84%
🧑‍💼 Stakeholder & Team Leadership83%
🔥 Firewall & Perimeter Security82%
🖥 Windows Server & Active Directory76%
☁️ Microsoft Azure & Cloud Security72%
💻 SIEM & Log Analysis70%
🔎 VAPT & Vulnerability Management68%
Technology Stack
SecurityPalo Alto
SecurityCrowdStrike
SecuritySophos
SecurityFortinet NSE
CloudMicrosoft Azure
CloudMicrosoft 365
SystemsWindows Server
SystemsActive Directory
SystemsExchange Online
VirtualisationHyper-V
VirtualisationVMware
BackupVeeam · Acronis
MonitoringNagios
MonitoringiMaster NCE
OSLinux Ubuntu
RemoteTeamViewer · RDP
Credentials & Roadmap

Certifications & Learning Path

✓ 2025

MSc IT & Applied Security

London Metropolitan University. Computer Networking & Cybersecurity. Dissertation: ISO 27001 ISMS for Insurance Companies (0% plagiarism).

London Metropolitan University / Islington College
✓ Jun 2025

AIQI ISO/IEC 42001 AI Management System

AI governance, risk management, and ethical AI deployment frameworks. UKAS accredited.

UKAS — United Kingdom Accreditation Service
✓ Jun 2025

Cybersecurity Foundations: GRC

Governance, Risk, and Compliance — cybersecurity risk frameworks, regulatory compliance, enterprise GRC strategy.

LinkedIn Learning
✓ Feb 2025

ISO 27001:2022 Annex A Controls

ISO 27001:2022-Compliant Cybersecurity: Getting Started & Annex A Controls — updated control framework and gap assessment.

LinkedIn Learning
✓ Feb 2025

GDPR & Data Protection Act Training

Foundation Level — two courses covering data subject rights, controller obligations, lawful basis, and breach notification.

Aim Training Academy & Fit4Privacy
✓ 2024

ISO 27001 Internal Auditor

Comprehensive ISO 27001 Internal Auditor course — audit planning, execution, reporting aligned to ISO/IEC 27001 ISMS standards.

Advisera (training.advisera.com)
✓ 2024

EU GDPR Foundations Course

Data protection principles, rights, lawful basis, and compliance requirements under EU regulation.

Advisera
✓ 2023

(ISC)² Certified in Cybersecurity (CC)

Official (ISC)² self-paced training — exam passed. Validates cybersecurity fundamentals across risk, network security, and incident response.

(ISC)² International
✓ 2023

CISA Exam Preparation

Comprehensive CISA preparation — IS audit process, IT governance, systems acquisition, development, and protection.

LinkedIn Learning
✓ 2022

Cisco CyberOps Associate · Essentials · Fundamentals

Three-course Cisco cybersecurity programme — network security operations, threat analysis, intrusion detection, and SOC fundamentals.

Cisco Networking Academy
✓ 2021

Fortinet NSE1 · NSE2 · Certified Fundamentals

Fortinet network security certifications — threat landscape, cybersecurity concepts, and Fortinet security fabric architecture.

Fortinet Training Institute
⏳ Priority 2025

ISO 27001 Lead Auditor (PECB / BSI)

Next priority — validates ability to plan, lead, and manage ISMS audits per ISO/IEC 27001. Key credential for senior IS Audit and GRC leadership.

PECB / BSI

🗺 Certification Roadmap — Path to CISO

✅ 2021–2025NSE1/NSE2 · Cisco CyberOps · (ISC)² CC · ISO 27001 IA · GDPR · GRC · ISO 42001 · MScCOMPLETED
🎯 2025ISO 27001 Lead Auditor (PECB/BSI)In Progress
🚀 2026CISA — Certified Information Systems AuditorISACA
🚀 2026CRISC — Certified in Risk & IS ControlsISACA
🚀 2027CISSP — Certified IS Security Professional(ISC)²
🌟 2027+CISO / GRC Director / Security Governance LeaderCareer Goal
Portfolio & GitHub

Projects & Case Studies

GitHub Profile
github.com/yadavgcybernet

Public Repositories

iso27001-audit-toolkitPublic
cybersecurity-study-notesPublic
certificationsPublic
sec (portfolio site)Live
📄
MSc Final Dissertation

ISO 27001 ISMS Implementation — Insurance Companies

Strategic approach to ISO 27001 ISMS implementation for insurance sector organisations. Covered threat landscape, risk methodology, gap analysis, SoA mapping, Annex A control selection, and a practitioner-ready implementation roadmap. 0% plagiarism.

ISO 27001ISMSInsurance SectorSoAAnnex A
Request Copy →
🔧
GitHub Repository

ISO 27001 Audit Toolkit

Public GitHub repository containing a 93-control Annex A checklist, risk register template, Statement of Applicability (SoA) template, and audit evidence guide. Licensed CC BY 4.0 — open source for the security community.

ISO 27001Audit ChecklistRisk RegisterCC BY 4.0
View on GitHub →
📡
MSc Coursework — London Metropolitan

Cyber Attacks on IoT Devices & Security Measures

Academic research on IoT cybersecurity — VPNFilter malware analysis, Vercada IoT breach case study, 8-stage attack lifecycle, and privacy-preserving frameworks. Published through CC7178NI Cyber Security Management module. 0% plagiarism.

IoT SecurityVPNFilterThreat AnalysisCase Study
Learn More →
🏛

IS Audit — Class A Banking Institutions

Led comprehensive IS audit engagements for Class A banks. Assessed ITGC: user access management, change management, IT operations, and application controls aligned to ISO 27001, NIST, and central bank directives. Coordinated board-level meetings and delivered formal reports.

ITGCBanking AuditAccess ControlChange Mgmt
Learn More →
📚
GitHub Repository

Cybersecurity Study Notes

Public repository of structured cybersecurity study notes covering ISO 27001, GDPR, GRC fundamentals, network security, and certification preparation for (ISC)² CC, CISA, and Fortinet NSE. Available for the security learning community.

ISO 27001GRCStudy NotesCISA Prep
View on GitHub →
🔥

ISP Network Security & Hardening

Implemented firewall rule optimisation, VLAN segmentation, and CIS Benchmark-aligned hardening across ISP backbone infrastructure. Configured Nagios and iMaster NCE monitoring. Reduced incident recurrence 40% through structured RCA. Developed NOC workflows and technical documentation.

FirewallVLANCIS BenchmarksNOCRCA
Learn More →
Thought Leadership

Cybersecurity Insights

🔐
ISO 27001

Demystifying ISO 27001: A Practitioner's ISMS Guide for Insurance Companies

Lessons from the MSc dissertation — step-by-step ISMS implementation from gap analysis to Annex A control mapping in insurance sector contexts.

📅 2025⏱ 10 minRead →
🤖
AI Governance

ISO/IEC 42001: The AI Management Standard Every Security Professional Must Know

A practitioner's overview of the UKAS-certified AI Management System Standard — why AI governance matters for ISMS and GRC programmes in 2025.

📅 2025⏱ 8 minRead →
📊
GRC Strategy

Why GRC is the Most Underestimated Discipline in Modern Cybersecurity

Governance, Risk, and Compliance are not checkbox exercises — they are the strategic backbone of a resilient security posture. Perspectives from IS audit practice.

📅 2025⏱ 7 minRead →
📡
IoT Security

VPNFilter & Vercada: What These IoT Attacks Teach Us About Infrastructure Defence

Research-backed analysis of two major IoT breach case studies — lessons for network defenders, auditors, and security architects.

📅 2024⏱ 9 minRead →
🏦
IS Audit

Top IT General Controls Every IS Auditor Must Evaluate in Banking Institutions

Critical ITGC areas that consistently surface audit findings — access reviews, change management, and more from real IS audit experience in Nepal.

📅 2024⏱ 9 minRead →
🛡
Career

From Fortinet NSE to CISA: Building a Cert Stack for GRC Leadership in APAC

A practical certification roadmap — how to sequence NSE, (ISC)² CC, ISO 27001, CISA, CRISC, and CISSP for maximum career impact in the Australian market.

📅 2024⏱ 7 minRead →
View All Insights →
Social Proof

Recommendations

"Yadav consistently demonstrated exceptional professionalism. His ability to manage complex IS audit engagements across multiple sectors — single-handedly — while maintaining the highest reporting standards was outstanding. His ISO 27001 knowledge is genuinely applied, not theoretical."

NK

Narayan Koirala

Managing Director · Eminence Ways Pvt. Ltd

"His presentation skills in conveying cybersecurity concepts to non-technical board members were remarkable. Yadav has a rare gift for translating complex audit findings into clear business risk language — exactly what leadership teams need."

CL

IS Audit Client — Banking Sector

Class A Bank · Nepal · 2024

💬
LinkedIn Recommendation Connect on LinkedIn to leave a professional recommendation that will appear here. Add on LinkedIn
Get In Touch

Contact & Consultation

Available for IT Support, Help Desk, NOC, Cybersecurity, and GRC roles. Open to ISO 27001 consulting, IS audit advisory, and speaking engagements. Perth WA — full working rights, available immediately.

📧
📞
in
📍
Location
17A Harman Street, Belmont WA 6104
Willing to relocate · Open to APAC & Remote
Working Rights
Full Working Rights in Australia
⬇ Download CV in LinkedIn ⌥ GitHub

Send a Message

For job opportunities, consulting projects, ISO 27001 advisory, or speaking engagements. Responds within 24–48 hours.

Platform Roadmap

Upcoming Features

🤖

AI Security Assistant

Ask questions about ISO 27001, GRC frameworks, and audit best practices — AI-powered chatbot.

Q3 2025
📋

ISO 27001 Readiness Checker

Self-assessment tool to benchmark ISMS readiness against all Annex A controls for organisations.

Q3 2025
📊

Security Maturity Assessment

Interactive CMMI / NIST CSF maturity assessment tool for SMEs and mid-market organisations.

Q4 2025
📅

Consultation Booking

Direct calendar integration for booking advisory calls and project discovery sessions online.

Q3 2025
📄

CV / Resume Analyser

Upload your CV and get feedback on positioning for IT support and cybersecurity leadership roles.

Q4 2025
🎥

YouTube — Cyber Education

Educational content on ISO 27001, GRC fundamentals, Fortinet, and IS audit career guidance.

2026
🎙

Speaking Engagements

Conference talks and webinars on cybersecurity governance, GRC strategy, and IoT security.

2026
📬

Insights Newsletter

Monthly cybersecurity governance updates, framework news, and IS audit career tips for subscribers.

2026