IT & Systems Engineer (DevSecOps) – Kenya

Key Duties & Responsibilities

• Designing, implementing and maintaining tools and processes for continuous integration, delivery and deployment of software
• Integrate security practices into the DevOps process, ensuring that security and compliance with relevant policies and regulations are considered at every stage of development and deployment
• Collaborate with the IT team to ensure the designed solution responds to non-functional requirements such as availability, performance, security and maintainability
• Collaborate with the IT team to remediate vulnerabilities and apply patches or mitigations as necessary to improve overall system security
• Automate security testing (SAST, DAST, IAST) and vulnerability management processes
• Collaborate with the Cybersecurity team to Implement and manage security monitoring tools to detect and respond to security incidents
• Implement monitoring and logging solutions to track the performance and health of deployed services, applications and infrastructure
• Identify and address issues and bottlenecks in the software development lifecycle with an aim to streamline the lifecycles of applications
• Improve collaborative response in real-time and update documentation, runbook tools and modules to prepare teams for incidents
• Implementing and maintaining version control systems, configuration management tools and other DevOps-related technologies
• Comprehensive documentation of all CI/CD processes and policies that have been implemented
• Ensuring compliance with industry best practices and organisational policies
• Continuously improving processes and tools to enhance efficiency and productivity
• Projects and reporting as directed by IT Development Manager / Director IT

Minimum Qualifications

• BSc. Computer Science or equivalent from a recognized university
• Professional certifications in IT Security (CISSP, CCSP, CISA, CISM) are a plus

Experience & Skills

• 3+ years of experience in the field or similar roles
• Should be proficient in scripting and coding. The aptitude should include languages like Python, JavaScript, React.js
• Should be a champion of change within the DevOps culture and a strong incentive for improving and automating
• Should be able to investigate reliability or performance issues, leveraging tools to automate scanning and monitoring
• Great awareness of cybersecurity principles and trends including secure coding practices, encryption, threat modelling and vulnerability management
• Experience with security testing tools (e.g., OWASP ZAP, Burp Suite, Nessus)
• Familiarity with compliance frameworks and standards (e.g., GDPR, ISO 27001, NIST)
• Must use B/OSS tools effectively to record information accurately and concisely in a timely manner
• Strong knowledge of DevSecOps tools and technologies such as Azure DevOps, Jenkins, GitHub Actions, GitLab CI, Docker, Kubernetes, Ansible, or Terraform
• Should have strong knowledge of operating systems, networks, virtualisation and cloud platforms (AWS, Azure, GCP)

Attributes

• Client focused, relationship builder
• Integrity, honest with high ethical standards
• Boundless, passionate and flexible
• Personnel excellence, accuracy and attention to detail
• Collaborative, achieve results through teamwork and partnerships
• Excellent English written and verbal communication skills
• Passion for technology and innovation
• Ability to work under pressure, multi-task and think creatively
• Efficient time management, a fast learner in a fast-paced dynamic environment
• Willing to mentor, coach and train others

How to apply

Interested candidates are encouraged to apply by submitting their updated CV including three referees. The deadline for application is on or before 24 March 2025. Applications should be sent to [email protected] indicating the job position in the Subject Line.