MAYUR K.

JAIN (OSCP, CACSP, ECSA, CEH)

Email ID: mayurkumarjain23@gmail.com
Flat no. B-1004 suda suman society, Tilekar Vasti,
North Hadapsar, Hadapsar, Pune, Maharashtra 411013
Mobile: +91-7415313277

Career objective

To pursue a dynamic and challenging career as Information Security Professional in a reputed

and esteemed organization, which allows me to enhance and utilize my knowledge, professional
capabilities and experiences in contributing substantially and becoming catalyst to our mutual
growth.
Professional Work Experience
June 10th 2020 – Present : Senior Security Engineering.
Organization : GRhombus Technologies Pvt. Ltd.

Key Roles:

 Conduct penetration testing on different technologies like web applications, network and
infrastructure, server and Cloud etc.
 Conduct manual and automation penetration testing on internal and external network, web
application, infrastructure, servers etc.
 Developing test plan and test case for security assessment.
 Develop testing methodologies, tools, and techniques for penetration testing different
technologies like automotive systems, web Application, Severs, and infrastructure.
 Ensuring compliance with relevant cybersecurity regulations and standards, such as ISO 21434,
PCI DSS Compliance and regulation.
 Conducting threat modeling and risk assessments for automotive systems and developing
mitigation strategies to address identified risks.
 Collaborating with cross-functional teams to determine the most appropriate security controls and
mitigation strategies for identified threats and risks and to ensure that identified vulnerabilities are
addressed and remediated in a timely manner.
 Analyzing and interpreting penetration testing results and preparing detailed reports of findings
and recommendations.

July 15th 2019 to June 8th 2020 : Senior Engineer

Organization : Marlabs Innovations (P) Ltd.
Client : HSBC Bank

Key Roles:

 Performed Web Application Architecture review, threat modelling.

 Conduct risk assessment on the Critical business application.
 Track the identified risks posture through suitable and recommended methods as a part of the
Risk Management Strategy.
 Risk Assessment Methodology especially on Various Enterprise Assets (Web Application, Data,
IT Infra and Cloud).
 Provide report on findings and action items to fix the identified vulnerabilities and mitigation
plan.

January 14th 2019 to July 12th 2019 : Security Analyst

Organization : Security Innovation Pvt. Ltd.

Key Roles:

 Performed Web Application vulnerability assessment and penetration testing for various clients
on both onsite and offsite.
 Conducted various security assessments for web application using Owasp top 10 methodologies.
 Manual vulnerability and penetration testing (Black Box pen testing) using burp suite pro.
 Provide report on findings and action items to fix the identified vulnerabilities.

June 18th 2018 – January 4th 2019 : Associate Specialist

Organization : Atos-Syntel (Syntel Pvt. Ltd.)
Client : Humana Appscan

Key Roles:

 Performs static/dynamic code testing of web applications, web Service to identify vulnerabilities
and security defects by using IBM App scan for dynamic scanning and Checkmarx for Static code
analysis.
 Use technical knowledge of vulnerability families (e.g. OWASP Top 10) and circumstantial code
context to explain the nature of a security issue as well as the best fix.
 Work collaboratively with development teams to bring open flaws to resolution and defect
management.
 Provide report on findings and action items to fix the identified vulnerabilities

September 26th 2016 – May 19th 2018 : Information Security Consultant

Organization : Cybervault Securities Solutions Pvt.
Ltd.

Key Roles:

 Conducted Internal and External penetration Testing.

 White box, Black box, Grey box penetration testing.
 Conducting Network Penetration, server penetration testing.
 Co-coordinating with customers for pre-requisites gathering.
 Provided continued maintenance and development of bug fixes and patch sets for existing
Network. Risk Assessments and Provide Recommendations.
 Discussed the findings and hardened the servers and Network.
 Provide report on findings and action items to fix the identified vulnerabilities.
June 15th 2015 – September 20th 2016 : Network Administrator
Organization : Total soft InfoTech Pvt. Ltd.

Key Roles:

 Responsible for Installation, configuration management of wired LAN/WAN network, Provide

backup assistance for the wireless networks, Perform the necessary security remediation tasks for
the systems support based on requirements

Scholastic Credentials

 Bachelor of Engineering in Electronics and Telecommunication from Central College Of

Engineering and Management, Raipur, in the Year 2015.
 Senior School Certificate Examination (Class XII), Under CBSE, in the Year 2007.
 Secondary School Certificate Examination (Class X), Under CBSE, in the Year 2005.

Professional Certifications

 Offensive Security Certification “ Offensive Security Certified Professional”

 Certified Automotive Cyber Security Practitioner (CACSP) ISO 21434.
 EC COUNCIL Certification "EC-Council Certified Security Analyst V9"
 EC COUNCIL Certification "Certified Ethical Hacking V8"
 Certification in “Advanced Web Application Penetration Testing (OWASP)”.
 Training in “Red Hat Linux x5, x6”, From XPERT INFORTECH (XPERIA TECHNOLOGIES
PVT. LTD.).

Technical Skill

 Technical writing and documentation

 Network Penetration Testing
 Application Penetration Testing
 Infrastructure Penetration Testing
 Automotive Cyber Security (ISO 21434. TARA Analysis, Penetration testing)
 Linux, Windows, and MacOS environments
 Security assessment tools
 Penetration testing.
 Developing Security Plans, test cases
 Acunetix, Netsparkar, Owasp Zap proxy, Burp Suite Pro, OWASP, Nmap.