Skip to main content
James KanyingiJK
Open to opportunities

James Kanyingi

@jameskanyingi

Bug bounty hunter focused on web security testing and responsible disclosure.

Kenya
Message

What I'm looking for

I’m looking for a role where I can conduct web app security testing, document findings clearly, and work with teams to drive timely fixes—while continuing to grow in ethical hacking and responsible disclosure.

I’m a customer-focused graduate with hands-on experience supporting taxpayers at the Kenya Revenue Authority (KRA), handling inquiries, maintaining accurate records, and guiding clients through compliance processes. I’ve built a reputation for clear verbal and written communication, issue resolution, and attention to detail in fast-paced environments.

Since 2025, I’ve been actively engaged in the bug bounty ecosystem (HackerOne, Bugcrowd, and Intigriti), specializing in web application security testing. I conduct in-depth penetration testing and vulnerability hunting, identifying issues such as XSS, authentication bypass, IDOR, misconfigurations, and business logic flaws using both manual testing and custom scripts.

I prepare well-structured vulnerability reports with executive summaries, reproduction steps, risk ratings, and remediation recommendations. I also manage the full vulnerability disclosure lifecycle in line with platform rules, maintain detailed submission tracking in Excel/Google Sheets, and coordinate with developers and program owners to verify findings and drive timely resolution.

Experience

Work history, roles, and key accomplishments

HI
Current

Web Application Security Researcher

HackerOne, Bugcrowd & Intigriti

Jan 2025 - Present (1 year 6 months)

Conducted web application penetration testing and vulnerability hunting across multiple public and private bug bounty programs, identifying issues such as XSS, authentication bypass, IDOR, and business logic flaws. Produced structured vulnerability reports, coordinated with stakeholders to verify findings, and maintained records while implementing automation scripts to improve testing efficiency.

Kenya Revenue Authority logoKA

Tax Office Attaché

Kenya Revenue Authority

Feb 2024 - Apr 2024 (2 months)

Provided direct taxpayer support by handling inquiries, guiding users through tax processes and system usage, and assisting with onboarding to eTIMS. Maintained records, generated tax compliance certificates, followed up on outstanding obligations via phone and email, and prepared demand notices.

Education

Degrees, certifications, and relevant coursework

KK

Kenya School of Revenue Administration (KESRA)

Diploma in Tax Administration, Tax Administration

2022 - 2024

Completed a Diploma in Tax Administration at KESRA in Nyali, Mombasa, from 2022 to 2024.

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan