Principal Cyber Security Automation Architect

ABOUT THE COMPANY

Safaricom, Ltd is a leading mobile network operator in Kenya. It was formed in 1997 as a fully owned subsidiary of Telkom Kenya. In May 2000, Vodafone Group Plc of the United Kingdom acquired a 40% stake and management responsibility for the company. Safaricom employs over 1,500 people mainly stationed in Nairobi and other big cities like Mombasa, Kisumu, Nakuru and Eldoret in which it manages retail outlets. Currently, it has nationwide dealerships to ensure customers across the country have access to its products and services.

JOB SUMMARY

QualificationsAt least 5 years of progressive experience leading security automation, detection engineering, cloud security, and Zero Trust implementations in large scale, digital or fintech/telco environments.Bachelor’s degree in a core technical field (Computer Science, Cybersecurity, Information Systems, Engineering or related discipline) from a recognized institution of higher learning. Strong programming skills (e.g., Python, PowerShell, Java, or similar).Relevant postgraduate qualification is a strong advantage.Professional credentials such as CISSP, CCSP, CISM, GIAC (GCIA, GCTI, GRID), OSCP/OSWE, or cloud security certifications (Azure/AWS/GCP Security) are strongly desirable.Proven ability to design and operationalize policy as code, secure CI/CD pipelines, IaC security, container/Kubernetes protection, and multi cloud guardrails.Experience operating within squads/tribes, driving security automation adoption across engineering, operations, cloud, and digital product teams.Ability to translate complex security architecture decisions into clear, actionable guidance for engineering and business leadership.Track record managing multiple automation initiatives, delivering secure platforms, and meeting critical response, resilience, and transformation timelines.Demonstrated commitment to secure engineering standards, data protection, compliance frameworks, and responsible automation governance.

RESPONSIBILITIES

Design and DevelopmentArchitect and implement advanced automation frameworks tailored to organizational needs, with a strong focus on scalability and resilience.Build custom security tools and scripts internally to address unique business requirements and integrate them seamlessly into existing environments.Optimization & StrategyOptimize existing cybersecurity tools (e.g., SOAR, IPS, WAF, EDR, API security, PVMG, and others), ensuring full utilization and enhancing their efficiency through automation.Activate and configure built-in security features within enterprise applications to maximize protection.Drive the overall security automation strategy, defining and executing a clear roadmap aligned with organizational objectives.Collaboration & ImprovementCollaborate closely across teams, working with security operations, engineering, and application teams to identify automation opportunities and implement robust solutions.Monitor, evaluate, and refine automation processes as part of a continuous improvement cycle to adapt to evolving threats and technologies.Strategic Planning & GovernanceDefine, analyze, and periodically review the cybersecurity strategy and roadmap based on the evolving threat landscape, ensuring identified risks are effectively mitigated.Architect and design cybersecurity systems in line with industry best practices, ensuring they meet critical user requirements for security, capacity, and performance.Define clear cybersecurity requirements and acceptance criteria for all new systems and initiatives.Ensure all security technology and processes implemented are continually improved to maximize their returns and benefits.Procurement & Implementation ManagementDraft and evaluate Requests for Information (RFIs) and Requests for Proposal (RFPs).Liaise with the Supply Chain department during the procurement process.Conduct thorough technical evaluations and Proofs of Concept (PoCs), collaborating closely with the Operations team.Select the optimal solution and present comprehensive justifications to the investment governance board.Ensure all vendors maintain up-to-date contracts through robust contract management practices.Manage all aspects of projects and vendor-related issues in line with best practices.Operations & Continuous ImprovementImplement, test, deploy, and commission new systems efficiently.Ensure proper change management and system handover processes are strictly followed.Recommend major upgrades where required, coordinating with the operations team during implementation, especially when design/architecture changes are involved.Ensure all implemented security systems have high availability and disaster recovery capabilities in accordance with best practices.Define metrics and report periodically to clearly demonstrate Return on Security Investment (ROSI).Research & DevelopmentConduct research and development on emerging areas in security.Present findings for sensitization and knowledge transfer to other team members and staff. 

REQUIRED SKILLS

DevOps, Cyber security, IT management, Research and development

REQUIRED EDUCATION

Bachelor's degree