F-201, Phase-I, New Palam Vihar, Sector 110, Gurugram, Haryana-122017


Dr. Rajesh Kumar Pal

Founder & Director, Mobisec Technologies Pvt. Ltd.

20+ years, Cyber Security, Mobile Security, Data security, VAPT, SecOps, Risk Mitigation & Security Compliance, Cyber Security Audits, Cybersecurity Products Design & Development

A cybersecurity leader with proven record of excellence, innovation, and development-cum-implementation of information security products and services. As former Director of IAF-CERT (Indian Air Force- Computer Emergency Response Team), experienced in defending against real cyber attacks from adversaries, and leading teams of cybersecurity professionals involved in cybersecurity operations, cyber incident response handling & cyber deterrence operations.Possesses expertise in software design, development, cloud infrastructure, vulnerability analysis, penetration testing, risk mitigation and cyber security audits.


    F-201, Phase-I, New Palam Vihar, Sector 110, Gurugram, Haryana-122017


Educational Qualification

Technical / Management /
Specialised degree
Institutional Details Branch / Program CGPA / Scores /
Ph.D IIT Delhi Computer Science 8.42 Aug 2015
Business Management IIM Indore General Management - Mar 2022
Master of Science Masaryk University, Brno, Czech Republic Information Technology Security Ex June 2016
M. Tech IIT Kharagpur Computer Science & Engineering 9.34 June 2008
B.E SGGS Govt College of Engineering & Technology, Nanded Computer Science & Engineering 74.8% July 1999

Domain Expertise

Core Competency
Cybersecurity, mobile security, data security, vulnerability analysis and penetration testing, risk mitigation & security compliance, security audits, cybersecurity products design & development (Software, JavaCard, Embedded)
Complimentary Competency
  1. Cryptography (Encryption, Authenticated Encryption, Digital Signatures).
  2. Operating Systems (Linux, Android).
  3. AWS Cloud Infrastructure.
  4. Cybersecurity awareness talks/lectures.

Professional Certifications

Software Project Management
IBM Rational Software Development Tools
As team CyberMantra got selected in top 12 teams to receive prize for Idea stage in the first Cybersecurity Grand Challenge organised by Meity and DSCI. Results declared by honourable minister of IT on 18 Nov 21. (Refer https://innovate.mygov.in/cyber-security-grand-challenge/)
Received Certificate of Excellence for innovation and improvement of cybersecurity posture in IAF from the honourable Prime Minister of India in Oct 2019.
Received Keshav K Parhi award for best M.Tech. thesis among all branches at IIT Kharagpur in 2008 for Secure File System for Linux OS.


Unique Expertise

  1. Formulation of cybersecurity solutions offerings.
  2. Cybersecurity trainings to engineering students/ graduates/ working professionals.
  3. Mobisec product offerings such as mobiSCAN and mobiHEAL.

Consultancy/Execution Area

  1. Commissioning & operationalization of Security Operations Centre, Security Testing Labs, and Incident Response Handling Centres (CERT).
  2. Cybersecurity product design, development and roll out.
  3. Vulnerability assessment and penetration testing of web applications and mobile apps.
  4. Cybersecurity audits of enterprise networks/ infrastructure/ systems.
  5. Cybersecurity Operations (defensive and deterrence operations).
  6. Cybersecurity trainings.

Professional Experience

Domain Experience
(Total years / Details - last 5 years)
Key Areas of Expertise Contribution/Role Remarks
Cybersecurity product development Expertise in spearheading cybersecurity product development and implementation programs. Led and supervised in-house development of Remote Audit Tool (a human-intervention-free real-time endpoint security auditing tool), smartphone security scanner, and web-based platform for software vulnerability assessment. RAT is used on 65K+ computers/ servers in IAF. Cybersecurity product development and roll-out Program management, design, development & quality reviews, problem resolution, delivery and team grooming.
Conceived projects to fulfil gaps towards a robust security posture.
Cyber Security Operations Experienced in leading and managing security operations centre and cyber incident response teams at Indian Air Force. Cybersecurity leadership Commissioning & Operations of SOC and CERT Led and managed the teams involved in security operations and cyber incident handling.
Established processes and procedures to achieve maturity.
Former Director IAF-CERT (Indian Air Force Computer Emergency Response Team) from 2016 to 2021.
Governance Formulated cybersecurity policy and represented in cybersecurity forums/ bodies. Formulated cybersecurity policy and represented in cybersecurity forums/ bodies. Key member of the team that formulated cyber security policy of IAF after deliberations with stakeholders.
Contributed towards formulation of Defence Cyber Agency.
Compliance Audit & Risk Mitigation Accomplished in cyber security audits of critical information infrastructures such as Data Centres and Network Operation Centres. Cybersecurity audits of critical infrastructure and corporate network/ systems Risk identification, validation and mitigation.
Mobile Security Expertise in mobile app security, Android threat model, and mobile threat defence. Expertise in mobile app security, Android threat model, and mobile threat defence. Developed manual & automated framework for App security testing. Android App development.
Vulnerability Analysis and Penetration Testing Competence in Vulnerability analysis and penetration testing of web applications, mobile apps, executables and hosts/ servers in typical enterprise network. VAPT Conducted hands-on VAPT and reviewed team results.
Security Operations Led cybersecurity deterrence operations, intelligence gathering, red-teaming, CTFs, and cybersecurity table top team exercises. SecOps Led & participated in security operations, CTFs & exercises.
Forensics & Malware analysis Experienced in cyber forensics, malware analysis, and reverse engineering. Analysis & reverse engineering of exploits Analysis of malware obtained from Internet facing machines.
SaaS, SaaI Proficient in AWS cloud infrastructure creation and deployment. Cloud infrastructure creation Created, operationalised & optimised infra for an enterprise.
Domain Experience Areas of Expertise Contribution/Role
Rational Suite 5 yrs RequisitePro, RSA, ClearQuest, Functional & Performance Tester, AppScan Implementation of Software Development Lifecycle and Certification Centre at Dte of IT in IAF and roll out of enterprise grade applications through it.
Programming 20 yrs C, Python, Java, Kotlin, JavaScript, ReactJS, PHP, MySQL, Shell scripting, PowerShell Data structure design and programming in various languages.
Development of enterprise grade applications.
AWS Cloud Infrastructure 5 yrs lambda functions, S3 buckets, Route 53, API Gateways, DynamoDB, Quicksight, Amplify, etc.) Web servers, database servers, REST API & dashboard with high availability and resilience features.
SIEM / Log Management technologies 5 yrs IBM Qradar / Arcsight SIEM Deployment architecture optimisation with extensive source devices integration, operationalisation and utilisation in security monitoring.
Cyber Deterrence 7 yrs Kali Linux, BurpSuite, Metasploit, Nmap, wireshark, nikto, aircrack-ng, etc Performed vulnerability analysis and penetration testing of networks and servers in Ops & exercises.
Network Intrusion Prevention Systems 5 yrs Bro / Snort Deployment architecture optimisation with extensive source devices integration, operationalisation and utilisation in security monitoring
AI/ ML Python Libraries 5 yrs Numpy, Pandas, Keras, TensorFlow, TensorFlowLite ML model for phishing detection in SMS on mobile phones. Model refinement in cloud using federated learning
Incident Response 5 yrs FireEye EDR Security monitoring of endpoints, filtering of clients based on IoCs, incident handling, response and mitigation
UTMs/ Firewalls 7 yrs Fortinet / CyberRoam / Symantec Consolidation of 110+ UTMs in hub-spoke architecture, central policy administration, and endpoint device monitoring
Digital Forensics & Malware Analysis 5 yrs Encase / Volatility / Remnux Forensics of Windows and Linux computers and mobile phones. Process, memory and storage analysis.
Anti-malware 7 yrs F-Secure / McAfee Centralised policy administration and monitoring of malware, USB devices whitelisting, user violation detection and control.
Network Admission Control 5 yrs Forescout /CISCO ISE Endpoint security control and admission. Detection of rogue endpoints & their isolation.
Vulnerability Assessment platforms 5 yrs Nessus / Qualys Vulnerability assessment of network segments and servers deployed in Data Centres.
Application Security testing 5 yrs Accunetix / Rapid 7 / IBM AppScan / Drozer / MobSF Security testing of web applications and mobile apps
Encryption 7 yrs openssl Custom encryption schemes and protocols. Authenticated encryption algorithm implementation on JavaCard.
Disk Encryption 5 yrs Veracrypt /Bitlocker Data security implementation on 65K + endpoints in AFNET.
Data loss prevention 5 yrs McAfee Data loss prevention mechanism implementation.
  1. Published six scientific IEEE papers in journals/ conferences of international reputation with around 40 citations (https://scholar.google.co.in/citations?user=yYow2v0AAAAJ&hl=en). The latest being in Euromicro Conference:
  2. R. K. Pal, "Authenticated Encryption Schemes on Java Card," 2019 22nd Euromicro Conference on Digital System Design (DSD), 2019, pp. 238-245, doi: 10.1109/DSD.2019.00043.
  3. Prize winner in the Idea stage (among top 12 teams) in the first Cybersecurity Grand Challenge organised by Meity and DSCI.(Refer https://innovate.mygov.in/cyber-security-grand-challenge/ and https://www.hindustantimes.com/india-news/it-minister-to-felicitate-cyber-security-grand-challenge-winners-101637205240881.html)