About Me

Alfie Njeru

Director of Technology Services · Cybersecurity Expert · 12+ Years Securing the Digital World

First Bugcrowd & HackerOne Ambassador from Africa

Pioneering bug bounty advocacy and responsible disclosure across the African continent.

Career Journey

Building a Legacy in
Cybersecurity

Present

Director of Technology Services

Leading cybersecurity strategy & operations

Overseeing technology services, security architecture, and digital transformation initiatives across multiple sectors in Africa and the Middle East.

Senior Role

Cybersecurity Lead

KCB Group

Led security operations for one of East Africa's largest banking groups. Implemented enterprise-wide security frameworks and incident response capabilities.

Senior Consultant

IT Security Consultant

Standard Chartered Bank

Delivered security consulting services for the international banking group. Conducted penetration testing, vulnerability assessments, and security audits.

Consulting

Senior Associate (Cybersecurity)

KPMG

Provided cybersecurity advisory services to enterprise clients. Led security assessments and helped organisations strengthen their security posture.

Early Career

IT Advisory Associate

PwC (PricewaterhouseCoopers)

Started the cybersecurity journey at one of the Big Four. Gained foundational experience in IT audit, risk management, and security consulting.

Vulnerability Research

CVE Discovery

Published CVE
CVE-2017-14135

OpenDreamBox 2.0.0: Remote Code Execution

Discovered a remote code execution vulnerability in enigma2-plugins webadmin plugin for OpenDreamBox 2.0.0. The full proof-of-concept was published and the vulnerability was tracked across multiple international databases.

NVD MITRE VulDB JVN (Japan) Blog Post
Hall of Fame

Full List of Recognitions

Click any card to view the official acknowledgement page.

Microsoft
Oracle
BBC
BBC
JPMorgan
JP Morgan
SIEMENS
Siemens
United Nations
WOMEN
UN Women
NOKIA
Nokia
DELL
Dell
BMW
BMW
TIM
Telecom Italia
Envato
PHILIPS
Philips
ERICSSON
Ericsson
ShopClues
Shopclues
EU CERT
Open Bug Bounty
Bug Bounty

Other Public Programs

Additional organisations where I've received hall of fame recognition or bounties.

Huawei Uber Sony Adobe US Dept. of Defense Singapore Government Dutch Government AT&T Ford IBM Equifax General Motors Capital One Western Union Marriott Hotels MTN Group Vercel Zoho ABN Amro Bank Bitdefender Zynga 8x8 Solidus Segment HealthifyMe
Media

In the News

Featured in the 2021 HackerOne Hacker Report

Page 5: Global hacker community insights report

HackerOne Blog: "Three Personas Within the Hacker Community"

Featured in HackerOne's research on ethical hacker profiles

Bugcrowd Ambassador Announcement

Introducing Bugcrowd's newest ambassadors

HackerOne Brand Ambassador Program

Official brand ambassador announcement

Panda Security: OpenDreamBox Vulnerability Coverage

CVE-2017-14135 featured in security news
Contributions

Training & Publications

CCSK v5 Training Reviewer

Certificate of Cloud Security Knowledge (CCSK) v5, serving as a Cloud Security Alliance training course reviewer.

View

Windows Security Auditing

Published course on Pentest Magazine covering Windows security auditing techniques and methodologies.

View

Exploit-DB Contributions

Google Hacking Database (GHDB) entries and published exploits on Exploit-DB.

GHDB    Exploits
Achievements

Key Accomplishments

Africa's First Ambassador

First Bugcrowd and HackerOne Ambassador from Africa, representing the continent in global bug bounty programmes.

50+ Hall of Fame Awards

Recognised by Microsoft, BBC, Oracle, Dell, Nokia, Siemens, United Nations, JP Morgan, BMW, Philips, Ericsson, and more.

Published CVE

Discovered CVE-2017-14135, a Remote Code Execution in OpenDreamBox. Referenced across NVD, MITRE, VulDB, and JVN.

Big Four Experience

Built expertise at PwC and KPMG, two of the world's largest professional services firms.

Open Source Tools

Published 4 security auditing tools on GitHub: FortiGate, Cisco, Nix Auditor, and Password Complexity Check.

Global Impact

12+ years securing organisations across Africa, Middle East, and international markets. Featured in HackerOne's 2021 report.

Ready to Work Together?

Whether you need a security assessment, consulting, or a long-term security partner, let's talk.

Get in Touch