Skip to content

Principal Cyber Security Automation Architect at Safaricom PLC

Expired
Job Overview
Employment FullTime
Location Nairobi Kenya
Experience At least 5 years
Education Level Bachelor's Degree
View More in Jobs > Information Technology (ICT)
svg background up
Opportunities Meet Aspirations

Job Description

Reporting to the Senior Manager, Cyber Strategy & Engineering the Principal Cyber Security Automation Architect will lead the design and implementation of in-house developed Cyber Security solutions to strengthen the organization’s security posture. The role will involve driving efficiency across key security domains by optimizing existing security tools (IPS, AntDDOS, API security, EDR, WAF etc) and activating native security controls within enterprise applications to ensure comprehensive protection of all corporate assets. This position requires a unique combination of deep technical expertise and strategic leadership, guiding the future of automated cyber security across the enterprise. The architect will play a central role in shaping automation strategies, integrating security into business processes, and enabling proactive defense against evolving threats.

The Principal Cyber Security Automation Architect is accountable for designing, scaling, and governing Safaricom’s end to end cyber security automation ecosystem driving enterprise wide threat detection, response orchestration, control enforcement, and platform resilience through intelligent, automated, and adaptive security capabilities.

Operating at the intersection of security architecture, automation engineering, threat intelligence, cloud security, DevSecOps, and cyber strategy, the role defines and advances the enterprise automation blueprint. It champions standardized automation patterns, event driven security, security as code, and continuous control validation aligned to global frameworks such as NIST CSF 2.0, MITRE ATT&CK, ISO 27001, Zero Trust Architecture (NIST 800 207), and leading global telco practices.

The role ensures automated telemetry pipelines, detection engineering, vulnerability intelligence, identity protection workflows, and cloud native guardrails consolidate into a unified, scalable, and high fidelity cyber automation platform. By integrating analytics, machine learning, and security orchestration, the Principal Architect accelerates response time, improves control effectiveness, reduces operational burden, and introduces autonomous defence capabilities critical to a modern digital telco.

Acting as Safaricom’s automation steward, the role drives architectural coherence, reliability, and governance of automation assets across squads and tribes—ensuring consistent automation standards, secure engineering principles, high quality pipelines, and continuously validated controls. Through collaboration with engineering teams, product owners, and cyber operations, the Architect ensures automation amplifies the organisation’s capacity to prevent, detect, and respond to threats at scale.
Aligned to Safaricom’s digital transformation and enterprise resilience agenda, the role advances intelligent security automation that reduces risk, strengthens compliance, enables secure cloud and fintech innovation, improves time to mitigation, and enhances Safaricom’s leadership in the regional and global cybersecurity landscape.

Responsibilities

Design and Development

  • Architect and implement advanced automation frameworks tailored to organizational needs, with a strong focus on scalability and resilience.
  • Build custom security tools and scripts internally to address unique business requirements and integrate them seamlessly into existing environments.

Optimization & Strategy

  • Optimize existing cybersecurity tools (e.g., SOAR, IPS, WAF, EDR, API security, PVMG, and others), ensuring full utilization and enhancing their efficiency through automation.
  • Activate and configure built-in security features within enterprise applications to maximize protection.
  • Drive the overall security automation strategy, defining and executing a clear roadmap aligned with organizational objectives.

Collaboration & Improvement

  • Collaborate closely across teams, working with security operations, engineering, and application teams to identify automation opportunities and implement robust solutions.
  • Monitor, evaluate, and refine automation processes as part of a continuous improvement cycle to adapt to evolving threats and technologies.

Strategic Planning & Governance

  • Define, analyze, and periodically review the cybersecurity strategy and roadmap based on the evolving threat landscape, ensuring identified risks are effectively mitigated.
  • Architect and design cybersecurity systems in line with industry best practices, ensuring they meet critical user requirements for security, capacity, and performance.
  • Define clear cybersecurity requirements and acceptance criteria for all new systems and initiatives.
  • Ensure all security technology and processes implemented are continually improved to maximize their returns and benefits.

Procurement & Implementation Management

  • Draft and evaluate Requests for Information (RFIs) and Requests for Proposal (RFPs).
  • Liaise with the Supply Chain department during the procurement process.
  • Conduct thorough technical evaluations and Proofs of Concept (PoCs), collaborating closely with the Operations team.
  • Select the optimal solution and present comprehensive justifications to the investment governance board.
  • Ensure all vendors maintain up-to-date contracts through robust contract management practices.
  • Manage all aspects of projects and vendor-related issues in line with best practices.

Operations & Continuous Improvement

  • Implement, test, deploy, and commission new systems efficiently.
  • Ensure proper change management and system handover processes are strictly followed.
  • Recommend major upgrades where required, coordinating with the operations team during implementation, especially when design/architecture changes are involved.
  • Ensure all implemented security systems have high availability and disaster recovery capabilities in accordance with best practices.
  • Define metrics and report periodically to clearly demonstrate Return on Security Investment (ROSI).

Research & Development

  • Conduct research and development on emerging areas in security.
  • Present findings for sensitization and knowledge transfer to other team members and staff.
     

Core competencies, knowledge and experience:

Customer Obsession

  • Deepen team connection to our customers and communities.
  • Foster authentic relationships with customers and partners that build trust.
  • Explicitly take customer-centric decisions and take personal ownership to achieve results.
  • Simplify processes through digitalisation and promote a digital mindset and digital first customer experience.
  • Stay focused on the big priorities, know when to make meaningful trade-offs and demonstrate brilliant execution.

Purpose

  • Create an inspiring vision for your team to drive strategy and performance.
  • Show ambition and courage, empowering others to go beyond the plan.
  • Bold and challenge teams to reimagine how things are done.
  • Prompt new thinking and ideas by asking “what if” questions.
  • Use knowledge of the external environment (customers, partners, competition, external bodies) to identify and act on opportunities for growth at pace.

Innovation

  • Create psychological safety so everyone can have an impact.
  • Fuel innovative ideas from others and test them to enable growth.
  • Explore successes and failures with curiosity and resilience; fearlessly recognizing lessons learned.
  • Share your ongoing learning and personal purpose with others.
  • Learn fast from digital adoption, using learnings to drive simplicity, scale and efficiency.

Collaboration

  • Articulate your team’s role in making our strategy happen, prioritizing and aligning resources with current and future needs.
  • Actively collaborate to break silos and hold your team accountable to do the same.
  • Develop others to make the most of their talents and coach them to take ownership to get things done.
  • Create an inclusive environment ensuring the safety and wellbeing of others.
  • Live our Purpose and demonstrate the highest Standard of integrity.

Qualifications

  • At least 5 years of progressive experience leading security automation, detection engineering, cloud security, and Zero Trust implementations in large scale, digital or fintech/telco environments.
  • Bachelor’s degree in a core technical field (Computer Science, Cybersecurity, Information Systems, Engineering or related discipline) from a recognized institution of higher learning. 
  • Strong programming skills (e.g., Python, PowerShell, Java, or similar).
  • Relevant postgraduate qualification is a strong advantage.
  • Professional credentials such as CISSP, CCSP, CISM, GIAC (GCIA, GCTI, GRID), OSCP/OSWE, or cloud security certifications (Azure/AWS/GCP Security) are strongly desirable.
  • Proven ability to design and operationalize policy as code, secure CI/CD pipelines, IaC security, container/Kubernetes protection, and multi cloud guardrails.
  • Experience operating within squads/tribes, driving security automation adoption across engineering, operations, cloud, and digital product teams.
  • Ability to translate complex security architecture decisions into clear, actionable guidance for engineering and business leadership.
  • Track record managing multiple automation initiatives, delivering secure platforms, and meeting critical response, resilience, and transformation timelines.
  • Demonstrated commitment to secure engineering standards, data protection, compliance frameworks, and responsible automation governance.
Read More & Apply

Share This Post
Don't miss out on new jobs listing! Follow our channels Today WhatsApp Channel
Disclaimer Opened Career is a free job-posting website that does not charge applicants. We do not support recruitment agents or entities that demand money or favors to expedite the hiring process. Please use our platform responsibly and report any suspicious activity.
Why Opened Career
OUR OBJECTIVES
At Opened Career, we prioritize inclusivity, diversity, and equal opportunities for all individuals, regardless of their backgrounds or experiences. We believe in creating a level playing field where every candidate has the chance to showcase their skills and potential, and every employer has access to a diverse pool of qualified candidates.
CORE VALUES
Innovation
Integrity
Team Work
Excellence
Customer Focus
Professionalism
Filters & Sorting
Select Specialism