Safaricom PLC, the leading telecommunications company in East Africa, is calling for applications from qualified, experienced, and motivated cybersecurity professionals to join its Corporate Security Division in the position of Principal Cyber Defense Center Analyst. As an integral part of the team, the successful candidate will serve as a key escalation point for advanced security incidents, championing proactive threat detection and response, and ensuring the robustness of Safaricom’s digital defenses.
This position provides a dynamic opportunity to contribute to the strengthening of security infrastructure in one of Africa’s most innovative tech-driven companies. The successful candidate will collaborate with top-tier cyber defense professionals, engage with cutting-edge security tools, and have a direct impact on critical aspects of Safaricom’s cyber resilience.
If you are passionate about cybersecurity, committed to continuous learning, and driven by the goal of defending digital environments against complex and emerging threats, Safaricom offers the perfect platform for your growth and impact.
Position Title: Principal Cyber Defense Center Analyst
Location: Nairobi, Kenya
Reporting to: Senior Manager – Cyber Defense
Category: Cyber Security
Posting Date: 26/03/2025
Application Deadline: 02/04/2025, 23:59
Job Identification Number: 668
Job Description
The Principal Cyber Defense Center Analyst will operate at Level 2 of the Security Operations Center (SOC), acting as the primary escalation point for incidents triaged by Level 1 Analysts. This professional will carry out comprehensive incident investigations, perform forensics, drive enhancements in detection engineering, and manage critical security infrastructures including SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), and log management systems.
The analyst will work closely with internal teams and stakeholders to proactively detect, respond to, and mitigate cybersecurity threats, with the goal of reinforcing Safaricom’s operational security posture.
Key Responsibilities
Incident Investigation & Escalation
- Act as the escalation point for complex and high-risk security incidents identified by Level 1 analysts.
- Conduct detailed host-based and network-based forensic investigations to determine the root cause and scope of incidents.
- Analyze logs, events, and data artifacts to determine attack vectors, adversary techniques, and impacted systems.
- Produce clear, concise, and technically sound incident reports and post-incident analyses for both technical and non-technical audiences.
- Identify gaps in existing detection and response processes and recommend improvements to enhance incident resolution time.
Log Management & Detection Engineering
- Manage the collection, normalization, and analysis of log data from various security and IT infrastructure sources.
- Drive the development and tuning of detection rules within SIEM and SOAR platforms to increase visibility and reduce false positives.
- Design and refine use cases that align with threat intelligence and operational priorities.
- Collaborate with engineering and platform teams to ensure proper log ingestion, storage, and processing.
- Lead initiatives to automate security event enrichment, correlation, and triage processes for increased efficiency.
Threat Detection & Response
- Proactively hunt for indicators of compromise, behavioral anomalies, and potential threats using advanced threat hunting methodologies and tools.
- Analyze threat intelligence feeds and apply contextual insights to enhance detection and defense mechanisms.
- Lead and participate in purple team exercises to assess and strengthen the organization’s security posture.
- Support the creation and refinement of incident response playbooks, procedures, and runbooks to guide consistent and effective response actions.
- Coordinate containment, eradication, and recovery efforts during cyber incidents, ensuring minimal impact to business operations.
Collaboration & Knowledge Transfer
- Serve as a mentor and knowledge resource for Level 1 analysts and junior team members by providing regular training and guidance.
- Work collaboratively with cross-functional teams such as IT, Network, Cloud, and Engineering to ensure comprehensive security event resolution.
- Facilitate information sharing and transfer of knowledge within the team to promote a culture of continuous improvement and collective responsibility.
- Develop and maintain documentation related to tools, procedures, and detection use cases to ensure clarity and consistency across the team.
Operational Excellence & Continuous Improvement
- Continuously monitor the effectiveness of existing security controls and tools, and propose enhancements based on evolving threats and organizational needs.
- Optimize alerting mechanisms, correlation logic, and case workflows to reduce mean time to detect (MTTD) and mean time to respond (MTTR).
- Contribute to SOC performance metrics, reporting dashboards, and executive summaries.
- Champion the adoption of new technologies, frameworks, and methodologies to improve operational efficiency and security resilience.
- Ensure consistent 24/7 monitoring and timely response to critical security incidents, including participation in on-call support rotations as required.
Why Join Safaricom?
At Safaricom, you will find a collaborative, future-forward environment that encourages innovation, excellence, and impact. By joining our team, you will have the opportunity to:
Make an Impact:
Be at the forefront of defending one of Africa’s most recognized and innovative brands. Your expertise will contribute directly to securing systems and data that affect millions of customers.
Grow Professionally:
Advance your career through access to cutting-edge cybersecurity tools, international best practices, training programs, certifications, and exposure to complex, real-world threat scenarios.
Lead Innovation:
Work with a highly skilled and forward-thinking team in driving the evolution of cybersecurity defenses in a company that constantly pushes boundaries in the tech space.
Enjoy a Supportive Culture:
Thrive in a work environment that values diversity, encourages collaboration, and supports your professional and personal well-being.
About Safaricom
Founded in 1997 as a subsidiary of Telkom Kenya, Safaricom PLC has grown to become the largest telecommunications provider in East Africa, serving over 42 million customers. We are a key economic and social contributor, directly and indirectly supporting more than one million jobs in Kenya and beyond.
Our innovative offerings, such as the revolutionary M-PESA mobile money platform, have transformed how people live and do business across the region. Safaricom is listed on the Nairobi Securities Exchange (NSE) and posted annual revenues of nearly KES 298 billion ($2.5 billion) as of March 2022.
The company’s core purpose is to transform lives by connecting people to people, people to opportunities, and people to information. Our operations are guided by principles of transparency, sustainability, and a relentless pursuit of customer satisfaction.
Under strong leadership, starting from Michael Joseph in 2000 to the present day, Safaricom has maintained its position as a digital innovator and inclusive employer committed to empowering individuals and businesses alike.
Job Summary
Position Title: Principal Cyber Defense Center Analyst
Department: Corporate Security Division
Job Category: Cyber Security
Work Location: Waiyaki Way, P.O. BOX 46350 – 00100, Nairobi, Kenya
Posting Date: 26th March 2025
Application Deadline: 2nd April 2025, 23:59 EAT
Reporting To: Senior Manager – Cyber Defense
Job Reference Number: 668
Minimum Degree Level Required: Bachelor’s Degree
If you are a dedicated cybersecurity professional ready to drive advanced security operations and optimize key infrastructures like SIEM and SOAR, we encourage you to apply today. Kindly proceed to update your candidate profile on the recruitment portal and then click on the apply button. Remember to attach your resume.
