Senior Cloud Security Engineer — 4G Capital (Nairobi)

Information Communication Technology, Information Technology
February 19, 2026
Full Time
Apply Now

Job Description

🏢 Company:
4G Capital
📍 Location:
Nairobi

Senior Cloud Security Engineer

Job Description

The Senior Cloud Security Engineer owns and enhances the security posture across the organization’s Google Cloud Platform (GCP) environment. This technical leadership role focuses on designing robust IAM models, securing VPC networks, and integrating security controls directly into CI/CD pipelines. The engineer works at the intersection of security and DevOps (DevSecOps), ensuring that infrastructure is deployed following “secure by design” principles. This position is vital for maintaining audit readiness and protecting cloud-native architectures from emerging threats.

Key Responsibilities

  • Design and enforce least-privilege IAM and RBAC models at the organizational level
  • Secure VPC networking, including firewall policies, private connectivity, and Cloud Armor protections
  • Strengthen API gateway security and manage service-to-service authentication patterns
  • Operationalize the Security Command Center and drive remediation of high-risk findings
  • Embed security guardrails (SAST, DAST, secret scanning) into CI/CD pipelines
  • Define and enforce Infrastructure as Code (IaC) standards using Terraform and policy-as-code
  • Prevent configuration drift and ensure secure deployment patterns across all environments
  • Support regulatory compliance initiatives and participate in incident response activities
  • Automate security tasks using Python or Bash scripts to improve operational efficiency

Qualifications & Experience

  • 5+ years of experience in Cloud Security, Platform Security, or DevSecOps
  • Deep technical expertise in securing multi-project environments on Google Cloud Platform (GCP)
  • Advanced proficiency in IAM design, VPC networking, and Zero Trust architecture
  • Hands-on experience with Terraform and embedding security controls in IaC
  • Experience securing containerized workloads (Docker, Kubernetes) and serverless environments (Cloud Run)
  • Solid understanding of application security principles and the OWASP Top 10
  • Proficiency in scripting and automation using Bash or Python
  • Experience working in regulated financial or compliance-driven environments is preferred

Method of Application

Apply via: 4G Capital on docs.google.com

💡 Looking for more opportunities at 4G Capital? Explore jobs in Nairobi on
FindJobsKE.com

Related Jobs