Skip to main content
Mansi JainMJ
Open to opportunities

Mansi Jain

@mansijain5

Application security researcher focused on web/API penetration testing and vulnerability research.

India
Message

What I'm looking for

I’m looking for a role where I can own web and API security testing end-to-end—hunting, exploiting, documenting, and helping remediate—using tools like Burp Suite Pro, Postman, and Fiddler in a remote-friendly, collaborative environment.

I’m an application security researcher with 3–4 years of hands-on experience in application penetration testing and vulnerability research. Through active participation in bug bounty programs on HackerOne and Bugcrowd, I’ve built a track record of identifying, exploiting, and documenting web application and API security issues aligned with OWASP Top 10.

I’m proficient in manual exploitation and structured testing workflows, using Burp Suite Pro as my primary interception proxy for both targeted payload crafting and automated scanning. I focus on turning findings into clear, actionable technical insights rather than one-off reports.

On the API side, I perform security assessments using Postman and Fiddler across REST and GraphQL endpoints. I test for business logic flaws, improper authorisation, and data exposure, then map results to the OWASP Top 10 framework to produce proof-of-concept steps, severity ratings, and remediation guidance.

I keep consistent hunting discipline across multiple concurrent programs, handling retesting and program communications professionally. I’m also a Certified Cyber Security Expert (v3.8) and I’m driven by opportunities where I can deliver high-quality security assessments and help teams raise their security baseline.

Experience

Work history, roles, and key accomplishments

HackerOne logoHA
Current

Security Researcher (Bug Bounty)

Jan 2021 - Present (5 years 6 months)

Conducted web application and API penetration testing for public and private bug bounty programs, identifying vulnerabilities across common OWASP Top 10 classes. Documented findings with proof-of-concept steps, severity ratings, and remediation guidance while managing scope, retesting, and communications.

Bugcrowd logoBU
Current

Security Researcher (Bug Bounty)

Jan 2021 - Present (5 years 6 months)

Conducted web application and API penetration testing for public and private bug bounty programs, identifying vulnerabilities across common OWASP Top 10 classes. Documented findings with proof-of-concept steps, severity ratings, and remediation guidance while managing scope, retesting, and communications.

Education

Degrees, certifications, and relevant coursework

Mansi hasn't added their education

Don't worry, there are 90k+ talented remote workers on Himalayas

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan