Jobs

Senior Cloud & Network Security Engineer

Standard Investment Bank 
Nairobi, Kenya
or Register to apply for this job

Posted:Thu at 4:01 PM By:Hiring Kenya

Company Details
Name:Standard Investment Bank 
Industry: Banking
Website: https://www.sib.co.ke/
Description: Standard Investment Bank (SIB) is one of Kenya's foremost financial services firm. We offer the market a single point of entry for Investment Banking, Investment Management, Securities Trading and Corporate Finance. Standard Investment Bank (SIB) is one of Kenya’s foremost financial services firm. We offer the market a single point of entry for Investment Banking, securities trading and investment management. SIB was founded in 1995 by Mr. James Wangunyu as a private company registered in Kenya.  With a focus on high value customer relationship management and integrity, the company rapidly flourished and increased its volume of equity trading business by a significant multiplier to achieve No 1. position in trade volume ranks well ahead of more established and older stockbrokers.
Job Description

About the Role

 

We are seeking a highly skilled and experienced Senior Cloud & Network Security Engineer to join our team. This is a critical role that will be responsible for the design, implementation, and management of robust security controls across our cloud-based and on-premise network environments. The ideal candidate will possess deep expertise in both cloud security principles and traditional network security technologies, with a proven ability to build resilient, scalable, and compliant security postures. You will play a key role in integrating security throughout our software development lifecycle and ensuring our infrastructure adheres to the highest security standards.

 

Key Responsibilities

 

Cloud Infrastructure & DevOps

 

Design, build, and maintain robust and scalable cloud infrastructure and services on platforms.

 

Automate cloud infrastructure deployments and management using Infrastructure as Code (IaC) tools like Terraform, Ansible, or CloudFormation.

 

Collaborate with development teams to design and implement secure CI/CD pipelines and foster a DevSecOps culture.

 

Monitor cloud environments for performance, security, and cost optimization, providing timely troubleshooting and issue resolution.

 

Manage containerization technologies (e.g., Docker, Kubernetes) and their integration within the cloud ecosystem.

 

Develop and maintain scripts in Python, Bash, or PowerShell to automate operational tasks.

 

Cybersecurity & Application Security

 

Lead the design, implementation, and management of security solutions to protect our IT infrastructure, networks, and systems.

 

Conduct secure code reviews, static and dynamic application security testing (SAST/DAST), and vulnerability assessments.

 

Perform penetration testing on web applications, APIs, and mobile applications to identify and mitigate risks.

 

Work closely with development teams to remediate security vulnerabilities and embed security best practices into the SDLC.

 

Implement and manage security tools and technologies such as firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) systems, and Web Application Firewalls (WAF).

 

Monitor security incidents, investigate breaches, and lead incident response efforts.

 

Compliance & Strategy

 

Ensure continuous compliance with internal security policies and external regulations and frameworks (e.g., ISO 27001, DPA, NIST, GDPR).

 

Develop and maintain security documentation, policies, and training materials.

 

Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and emerging security technologies to continuously improve our defense posture.

 

Collaborate with IT and business teams to ensure secure system architecture and configurations are in place from the design phase.

 

Qualifications

 

Required:

 

Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related technical field.

 

Minimum of 7 years of progressive experience in a similar Senior IT, Cloud, or Cybersecurity Engineering role.

 

Demonstrable experience with at least one major cloud computing platform

 

Strong understanding of application security principles and common vulnerabilities (e.g., OWASP Top 10).

 

Proficiency in at least one scripting or programming language (e.g., Python, Bash, Java, or JavaScript).

 

Experience with a variety of security testing tools (e.g., Burp Suite, OWASP ZAP, SonarQube).

 

Deep knowledge of network security, operating systems, security protocols, and security best practices.

 

Hands-on experience with security tools like firewalls, IDS/IPS, SIEM systems, and endpoint protection.

 

Proven ability to conduct vulnerability management, threat monitoring, and incident response.

 

Preferred Certifications:

 

General Security: CISSP, CISM, CompTIA Security+, CEH.

 

Application Security: CSSLP, OSCP.

 

Cloud: AWS Certified Solutions Architect, Microsoft Certified: Azure Administrator, Google Professional Cloud Engineer, or similar cloud-specific certifications.

 

Skills & Attributes:

 

Strong analytical and problem-solving skills with a keen attention to detail.

 

Excellent communication and collaboration skills, with the ability to work effectively across technical and non-technical teams.

 

Ability to work independently, manage multiple priorities, and lead complex projects.

 

A strong passion for continuous learning in the rapidly evolving fields of cloud computing and cybersecurity.

 

 

 

Education: Degree, Diploma
Employment Type: Full Time

Recent Jobs