Mausam Bhandari
@mausambhandari
GRC/Third-Party Risk professional, ISO 27001:2022 Lead Auditor (IRCA), assessing vendors & controls against ISO 27001/SOC 2.
NepalWhat I'm looking for
Career & Interests
I’m a cybersecurity professional specializing in Governance, Risk, and Compliance (GRC) with a strong focus on Third-Party Risk Management (TPRM) and security compliance. My work is hands-on and assessment-driven: I review vendor security controls, policies, and evidence to evaluate risk, identify gaps, and produce clear findings and remediation recommendations aligned to widely used standards.
What I did in my previous role
In my role as a Senior Security Research Analyst at SecurityPal, I supported security and compliance evaluations for global clients by:
Conducting third-party vendor security assessments, including reviewing security documentation and responses to questionnaires.
Assessing vendor security posture against ISO/IEC 27001 and SOC 2 expectations.
Reviewing ISMS policies, risk assessments, and control implementations to identify compliance and control gaps.
Producing structured risk and remediation reports that highlight control weaknesses and practical next steps.
Contributing to a security knowledge library used to support compliance evaluations for 100+ global clients.
Certifications & strengths
I’m an IRCA-certified ISO/IEC 27001:2022 Lead Auditor and also hold ISC2 Certified in Cybersecurity (CC) and CompTIA Security+ (SY0-701). My strengths include:
Evidence-based control evaluation and clear documentation
Risk analysis and translating findings into actionable remediation
Working across multiple frameworks and stakeholder expectations
Strong attention to detail and consistency in assessment outputs
Interests (what I want to do more of)
I’m especially interested in roles where I can deepen my impact in:
Third-party risk programs (vendor onboarding, tiering, control testing, remediation tracking)
ISO 27001 / SOC 2 readiness and continuous compliance
Building and improving security governance, policies, and risk management processes
Collaborating with security, engineering, legal, and procurement teams to make risk decisions practical and measurable
Experience
Work history, roles, and key accomplishments
Senior Security Research Analyst
SecurityPal
Aug 2023 - Nov 2025 (2 years 3 months)
Conducted third-party vendor security assessments and ISMS reviews, identifying control gaps and delivering remediation recommendations that supported compliance evaluations for 100+ global clients.
Education
Degrees, certifications, and relevant coursework
Softwarica College of IT & E-Commerce
Master of Science, Data Science & Computational Intelligence
Pursuing an MSc in Data Science & Computational Intelligence focusing on advanced data analysis and computational methods.
Virinchi College
Bachelor of ICT (Hons.), Computer Science
Grade: GPA: 3.51
Completed a Bachelor’s degree in ICT (Hons.) with a major in Computer Science, achieving a GPA of 3.51.
Tech stack
Software and tools used professionally
Availability
Location
NepalAuthorized to work in
Website
mausambhandari.com.npSocial media
Job categories
Interested in hiring Mausam?
You can contact Mausam and 90k+ other talented remote workers on Himalayas.
Message MausamFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
