Information Security Engineer

  • Full Time
  • Kenya
  • Posted 2 months ago

One Acre Fund

Working to make #smallholder farmers more prosperous. #FarmersFirst.

About the Role

Reporting to the Information Security Manager, the Information Security Engineer will ensure technical security measures are implemented on applications, endpoints, email, and cloud infrastructure. You will also defend the information enterprise following established guidelines and practices.

We believe that technology is a necessity in growing and building the most effective and impactful rural distribution network on the African continent. Today, we reach 1.5 million farm families and we aspire to serve more than 10 million annually in the coming decade.


The Information Security Engineer  will have the following responsibilities:

  • Design, implement and support vulnerability assessment and penetration testing (VAPT) tools
  • Build and conduct VAPTs and other security testing activities on all technology layers (containers, web & mobile applications, software code, database and OS), evaluating the criticality and prioritization to provide the most suitable remediation
  • Provide technical support to system administrators and owners in analyzing, understanding, and remediating the reported vulnerability findings
  • Develop, maintain and improve security policies, secure coding practices and guidelines, following industry best practices and regulatory requirements
  • Collaborate with Dev and DevOps teams to implement application or software security improvements
  • Collaborate with project and product management teams to provide technical security-related support to technology projects
  • Provide monitoring of our technical infrastructure & assets for cybersecurity threat indicators, assist to detect, report, and respond to security incidents
  • Track emerging and realized threats such as investigating phishing campaigns, and sensitive data leakage events using available tools.
  • Manage communication and coordination with stakeholders during incident response
  • Develop, update, and deliver Information security awareness material and training across departments

Career Growth and Development

We have a strong culture of constant learning and we invest in developing our people. You’ll have weekly check-ins with your manager, access to mentorship and training programs, and regular feedback on your performance. We hold career reviews every six months and set aside time to discuss your aspirations and career goals. You’ll have the opportunity to shape a growing organization and build a rewarding long-term career.


Across all roles, these are the general qualifications we look for. For the role of Information Security Engineer specifically, you will have:

  • 5+ years of experience in Information security or Cyber Security Field
  • In-depth experience in vulnerability Management, security testing/penetration testing
  • Working knowledge of security testing tools. Ex. Tenable/Nessus, Qualys, Burpsuite, Snyk, Sonarcloud
  • In-depth experience in system and cloud infrastructure hardening
  • University degree in Computer Science/Information Technology/Cyber Security
  • Information Security certification in one or more as a: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH)
  • Understanding of industry security frameworks & standards: NIST CSF or similar
  • Collaboration & stakeholder coordination

Are you looking to sharpen your Software Development skills to stay relevant in the market? CLICK HERE to have a look at the top schools.

For all your IT certification needs, please, click here for information on how to get started

To apply for this job please visit

Job Overview
Job Location