1 - I have 2 years of work ex in PM profile, both the courses require some prior work ex of 4 years + in relevant domains, how could I testify that if I pursue the certifications now? Or should I wait for another 4/5 years? Which one is in more demand these days?
Answer: There is no experience requirement to attend an ISO 27001 lead auditor course (although previous experience will help you in some aspects). The experience is only required if you want to become a lead auditor working as a certification auditor.
Answer: CISA and Lead Auditor cover different fields (information on systems are only a small intersection between them), so does not make much sense to compare demands between them. Your choice between them should be based on the type and depth of the activities you desire to perform. If your want to focus on information security management, you should consider ISO 27001 Lead Auditor. If you want to go beyond the scope of information security, and also consider the strategic relationships between information security and the information systems and business objectives you should consider CISA. Please note that these courses do not exclude each other, they only offer different perspectives about how information interacts with business.
Another alternative you should consider is the Lead Implementer course.