Jaymark Pestaño

Metro Manila, Philippines ยท contact@jaymarkpestano.ninja

A Security Consultant, Penetration Tester, Bug Bounty Hunter, Information Security enthusiast, hobbyist and a gamer.


Cybersecurity Threat Management Senior Consultant

EY Philippines

Focusing on penetration testing and web application security.

March 2018 - Present

Web Application Security Consultant

Fortify on Demand

Performed automated, manual, and advanced vulnerability assessments with false positive validation in a wide range of web applications.

August 2014 - February 2018

Bug Bounty Hunter


Responsibly disclosing website vulnerabilities through bug bounty platform/community.

December 2013 - Present


Pamantasan ng Cabuyao

Bachelor of Science in Information Technology - Web Development Major
Cabuyao City Laguna, Philippines
2009 - 2014


Programming Languages
  • Kali Linux
  • Burp Suite
  • Web Inspect


Usually, I spend a large amount of my free time exploring the latest trends and technology in the cyber world.

I enjoy travelling but when I am indoors, I watch a number of sci-fi, fantasy, war, horror, documentary genre movies/shows, play shooting games, MMORPG and sometimes my e-drums.

Awards & Certifications

  • EC-Council Certified Security Analyst (ECSA) - CN: ECC70464023927
  • CVE-2017-2644: Stored XSS in Moodle
  • 3rd Place - Rootcon XI: Bugcrowd Capture the Flag
  • 2nd Place - Rootcon X: Capture the Flag (group)
  • 2nd Place - Rootcon VIII: Capture the Flag (group)
  • Acknowledged and rewarded for responsibly disclosing website vulnerabilities of various companies:
    • Microsoft
    • Twitter
    • Yahoo
    • Linkedin
    • Autodesk
    • Slack
    • Quora
    • Patreon
    • Glassdoor
    • Airbnb
    • Couchsurfing
    • Edmodo
    • Starbucks
    • etc.