I’m Hillary Nakitare, a Cyber Security Engineer | DevSecOps Engineer from Nairobi, Kenya with 7 years working experience in the security landscape.

I am a part-time Bug Bounty Hunter on Hackerone, BugCrowd and Intigriti where i have submitted over 60 bugs. Acknowleged by Safaricom, Shopify, Xvideos, CaptivateIQ, IBM, Tecno and Hackerone.

My forte includes Web and Mobile Security, Cloud Security, Penetration Testing and Automation.

• SAST - Snyk, Semgrep, Sonarcube, CodeQL, Apkhunt, MobSF.
• DAST - BurpSuite, Caido, Postman, Invicti, Acunetix.
• IAST - Invicti, Acunetics, DongTai.
• Cloud Security and Auditing - Terrascan, Scoutesuite, Cloudsploit, Checkov, Zeus.
• DevSecOps - Terrafoam, IaC, Kubernetes, Docker, CI/CD security, GitOps, DefectDojo, Ansible.
• Penetration Testing - Active Directory, Network, Applications.
• Code Review and Scripting - PHP, JavaScript, Python, Bash
• Web3 Security - Just started learning this.
• Verison Control - Git, GitHub, GitLab, SVN.

My experience over the years have been geared towards providing a secure atmosphere in my employment environment and clientele too. I do:

• Test applications for security vulnerabilities before deployment.
• Work with developers to ensure secure source code implementation.
• Offer decure coding training to developers and students.
• Implement security to CI/CD pipelines.
• CI/CD pipeline review for security.
• Automate security testing in development pipeline.
• Perform Threat Modelling for clients and at work too.
• Active Directory Pentesting and audits.
• Conduct Cloud security testing and auditing for misconfiguration.
• Overall, I hack your system, secure it, so the bad guys will have a hard time getting in.

• Well, of course. Contact me for any security related jobs/gigs.