DevSecOps Engineer

Reporting to the DevSecOps Practise Area Lead, the DevSecOps Engineer will build secure, automated, and intelligent digital platforms. The role blends backend engineering (Go, Java) with DevSecOps practices, automated security, and AIOps observability, while also focusing on automating developer workflows to improve speed, security, and productivity. This role directly impacts core Safaricom platforms, including M-Pesa, enterprise APIs, and cloud-native services, ensuring speed, scale, and security.

• Key Responsibilities:
• • Develop secure, high-performance APIs and microservices.
• • Containerize services and optimize for reliability at scale.
• • Build automated unit, integration, and load testing frameworks.
• • Embed SAST, DAST, SCA scans into Jenkins pipelines.
• • Automate image scanning, dependency checks, and SBOM generation.
• • Apply Zero Trust & policy enforcement (OPA, Kyverno) across Kubernetes and cloud workloads.
• • Maintain secure secrets management (Vault/KMS).
• • Use AI/ML-driven monitoring for anomaly detection and predictive incident management.
• • Automate incident response with self-healing runbooks.
• • Track reliability KPIs (MTTD, MTTR, SLA uptime).
• • Design Jenkins pipelines that go beyond deployment by automating developer tasks (builds, security scans, test triggers, code quality gates).
• • Improve developer productivity with automation of repetitive tasks (e.g., branch policy checks, PR validations, dependency updates).
• • Promote a developer self-service model through DevSecOps tooling.
• Qualifications
• • Degree in Computer Science, Software Engineering, or Cybersecurity.
• • 3–7 years of experience in backend, DevOps, or security roles.
• • Proficiency in Go and Java backend development.
• • Advanced knowledge of Jenkins CI/CD and GitOps workflows.
• • Hands-on with Kubernetes, Docker, and container security.
• • Strong grasp of IaC (Terraform, Crossplane, Ansible).
• • Familiarity with AIOps/observability stacks (OpenTelemetry, Prometheus, ELK, Grafana).
• • Experience with automating developer workflows (branch policies, build pipelines, workflow scripts).
• • Analytical and problem-solving mindset.
• • Strong collaboration across Dev, Sec, Ops, and business units.
• • Passion for automation-first culture.
• • Added advantage: certifications like CKS, AWS Security, DevSecOps Foundation, or contributions to open-source DevSecOps tools.

How to Apply
If you feel that you are up to the challenge and possess the necessary qualifications and experience, kindly proceed to update your candidate profile on the recruitment portal and then click on the apply button. Remember to attach your resume.

We are the leading telecommunication company in East Africa. Our purpose is to transform lives by connecting people to people, people to opportunities and people to information. We keep over 42 million customers connected and play a critical role in the society, supporting over one million jobs both directly and indirectly while our total economic value was estimated at KES 362 Billion ($ 3.2 billion) for the 12 months through March 2021. We are listed on the Nairobi Securities Exchange (NSE) and with annual revenues of close to KES 298 Billion ($2.5 billion) as at March 2022. We were founded in 1997 as a fully owned subsidiary of Telkom Kenya before a 40 percent acquisition by Vodafone Group PLC in May 2000, and a public offering of 25 percent shares through the NSE in 2008. Under the management of Vodafone Group PLC, we welcomed Michael Joseph, as our first CEO, a few months later in July of 2000. He led the company’s growth to accommodate 16.71 million subscribers from the previous 20,000, largely owing to innovative products like M-PESA in 2007.