Senior Cloud & Network Security Engineer

Expired on: Sep 9, 2025

Job Type: Full Time
Location: Nairobi
Reporting Line: Head of IT

Introduction to Standard Investment Bank

Standard Investment Bank Ltd (SIB) is a leading financial services firm in Kenya founded in 1995. The firm offers individual and institutional clients a single point of entry for Asset Management, Securities Trading, Market Research, Investment Management and Corporate Finance.

SIB is a member of the Nairobi Securities Exchange (NSE) and is licensed and regulated by the Capital Markets Authority (CMA) as an Investment Bank and the Retirement Benefits Authority as a Pensions Fund Manager.

SIB is also licensed by the Capital Markets Authority (CMA) to operate Special Collective Investment Schemes (CISs), in line with the provisions of the Capital Markets Act and the Capital Markets (Collective Investment Schemes) Regulations, 2023.

About the Role

We are seeking a highly skilled and experienced Senior Cloud & Network Security Engineer to join our team. This is a critical role that will be responsible for the design, implementation, and management of robust security controls across our cloud-based and on-premise network environments. The ideal candidate will possess deep expertise in both cloud security principles and traditional network security technologies, with a proven ability to build resilient, scalable, and compliant security postures. You will play a key role in integrating security throughout our software development lifecycle and ensuring our infrastructure adheres to the highest security standards.

Key Responsibilities
Cloud Infrastructure & DevOps
  • Design, build, and maintain robust and scalable cloud infrastructure and services on platforms.
  • Automate cloud infrastructure deployments and management using Infrastructure as Code (IaC) tools like Terraform, Ansible, or CloudFormation.
  • Collaborate with development teams to design and implement secure CI/CD pipelines and foster a DevSecOps culture.
  • Monitor cloud environments for performance, security, and cost optimization, providing timely troubleshooting and issue resolution.
  • Manage containerization technologies (e.g., Docker, Kubernetes) and their integration within the cloud ecosystem.
  • Develop and maintain scripts in Python, Bash, or PowerShell to automate operational tasks.

Cybersecurity & Application Security
  • Lead the design, implementation, and management of security solutions to protect our IT infrastructure, networks, and systems.
  • Conduct secure code reviews, static and dynamic application security testing (SAST/DAST), and vulnerability assessments.
  • Perform penetration testing on web applications, APIs, and mobile applications to identify and mitigate risks.
  • Work closely with development teams to remediate security vulnerabilities and embed security best practices into the SDLC.
  • Implement and manage security tools and technologies such as firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) systems, and Web Application Firewalls (WAF).
  • Monitor security incidents, investigate breaches, and lead incident response efforts.

Compliance & Strategy
  • Ensure continuous compliance with internal security policies and external regulations and frameworks (e.g., ISO 27001, DPA, NIST, GDPR).
  • Develop and maintain security documentation, policies, and training materials.
  • Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and emerging security technologies to continuously improve our defense posture.
  • Collaborate with IT and business teams to ensure secure system architecture and configurations are in place from the design phase.

Qualifications
Required:
  • Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related technical field.
  • Minimum of 7 years of progressive experience in a similar Senior IT, Cloud, or Cybersecurity Engineering role.
  • Demonstrable experience with at least one major cloud computing platform
  • Strong understanding of application security principles and common vulnerabilities (e.g., OWASP Top 10).
  • Proficiency in at least one scripting or programming language (e.g., Python, Bash, Java, or JavaScript).
  • Experience with a variety of security testing tools (e.g., Burp Suite, OWASP ZAP, SonarQube).
  • Deep knowledge of network security, operating systems, security protocols, and security best practices.
  • Hands-on experience with security tools like firewalls, IDS/IPS, SIEM systems, and endpoint protection.
  • Proven ability to conduct vulnerability management, threat monitoring, and incident response.

Preferred Certifications:
  • General Security: CISSP, CISM, CompTIA Security+, CEH.
  • Application Security: CSSLP, OSCP.
  • Cloud: AWS Certified Solutions Architect, Microsoft Certified: Azure Administrator, Google Professional Cloud Engineer, or similar cloud-specific certifications.

Skills & Attributes:
  • Strong analytical and problem-solving skills with a keen attention to detail.
  • Excellent communication and collaboration skills, with the ability to work effectively across technical and non-technical teams.
  • Ability to work independently, manage multiple priorities, and lead complex projects.
  • A strong passion for continuous learning in the rapidly evolving fields of cloud computing and cybersecurity.

Please note that only shortlisted candidates will be contacted.

Sorry! This job has expired.