Skip to content

DevSecOps Specialist at I&M Bank

Expired
Job Overview
Employment FullTime
Location Nairobi Kenya
Experience At least 5-7 years
Education Level Bachelor's Degree
View More in Jobs > Information Technology (ICT)
svg background up
Opportunities Meet Aspirations

Key Responsibilities

  • Integrate security controls into CI/CD pipelines (SAST, DAST, SCA, container scans, IaC security).
  • Collaborate with developers to implement the Bank’s secure coding standards and security minimum baseline requirements.
  • Apply security best practices to cloud-native applications and containerized environments.
  • Conduct cloud security posture reviews and integrate automated compliance checks into build pipelines.
  • Ensure secrets management, identity, and zero-trust principles are applied within DevOps pipelines.
  • Support red team and penetration testing activities by fixing identified vulnerabilities and integrating findings into pipelines.
  • Conduct targeted manual application security testing.
  • Provide technical remediation guidance to developers and DevOps teams.
  • Provide training and awareness to developers on secure coding, CI/CD security, and threat modeling.
  • Contribute to cross-team incident response efforts for application-related vulnerabilities.
  • Collaborate with the Group SOC team to translate intelligence into actionable detection and defence improvements.
  • Partner with the SOC, Technology, Risk, and Compliance teams to ensure defensive measures align with regulatory requirements, internal policies, and industry best practices.
  • Ensure pipelines meet compliance requirements i.e., NIST CSF & ISO 27001

Job Specifications

Academic Qualifications

  • Bachelor’s Degree in IT, Technology, Cyber Security, or a related field – mandatory

Professional Qualifications / Membership to professional bodies/ Publication  

  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Offensive Security Certifications
  • AWS Certified Security – Specialty
  • Certified Red Team Certifications
  • Certified Secure Software Lifecycle Proffessional (CSSLP)
  • Cloud Pentester Certifications
  • Membership in recognised cyber security professional associations
  • ISO/IEC 27001 Lead Implementer/Auditor  

Work Experience Required

  • 5-7 years of progressive experience in cyber security.
  • Proven track record in planning and executing complex red team and penetration testing engagements against advanced threat actors.
  • Hands-on expertise in exploitation techniques, attack path development, and evasion tactics.
  • Strong background in vulnerability assessment, adversarial emulation frameworks (e.g., MITRE ATT&CK, CALDERA, C2 frameworks), and purple teaming.
  • Demonstrated experience in integrating threat intelligence into testing and defence strategies.
Read More & Apply
Share This Post
Don't miss out on new jobs listing! Follow our channels Today WhatsApp Channel
Disclaimer Opened Career is a free job-posting website that does not charge applicants. We do not support recruitment agents or entities that demand money or favors to expedite the hiring process. Please use our platform responsibly and report any suspicious activity.
Why Opened Career
OUR OBJECTIVES
At Opened Career, we prioritize inclusivity, diversity, and equal opportunities for all individuals, regardless of their backgrounds or experiences. We believe in creating a level playing field where every candidate has the chance to showcase their skills and potential, and every employer has access to a diverse pool of qualified candidates.
CORE VALUES
Innovation
Integrity
Team Work
Excellence
Customer Focus
Professionalism
Filters & Sorting
Select Specialism