+254736 427 842info@mobiwave.co.ke
CALL FOR APPLICATION

Information Security Specialist

About the Role

We are seeking an experienced Information Security Specialist to conduct a comprehensive security audit of our platform, identify vulnerabilities, implement security patches, and provide detailed security assessment reports.

Key Responsibilities

  • Conduct thorough security assessments and penetration testing of the existing system.
  • Identify and document security vulnerabilities and potential threats.
  • Develop and implement security patches to address identified issues.
  • Perform system hardening and security configuration reviews.
  • Test all security implementations to ensure effectiveness.
  • Provide comprehensive written reports on findings, remediation actions, and recommendations.
  • Document all security procedures and create security guidelines.
  • Conduct post-implementation testing and validation.

Required Qualifications

  • Proven experience in information security and penetration testing (minimum 3 years).
  • Strong knowledge of common security vulnerabilities (OWASP Top 10, CVE).
  • Experience with security testing tools (Burp Suite, Nmap, Metasploit, etc.).
  • Proficiency in security frameworks and best practices (ISO 27001, NIST, etc.).
  • Experience with web application security and API security.
  • Strong understanding of network security, encryption, and authentication protocols.
  • Excellent report writing and documentation skills.

Preferred Qualifications

  • Security certifications (CEH, OSCP, CISSP, or equivalent).
  • Experience with PHP-based applications.
  • Knowledge of payment gateway security (especially M-Pesa/mobile money integrations).
  • Experience with database security (MySQL/PostgreSQL).
  • Familiarity with cloud security (AWS, Azure, or GCP).

Technical Skills

  • Burp Suite, Nmap, Wireshark, Metasploit, and related tooling.
  • Linux/Ubuntu administration and hardening.
  • Secure configuration of web servers, proxies, and gateways.
  • API security testing and automation (Postman, scripts).
  • SIEM/log analysis fundamentals and incident response basics.

Deliverables

  1. Initial security assessment report with identified vulnerabilities.
  2. Detailed remediation plan with prioritized actions.
  3. Implementation of security patches and fixes.
  4. Post-implementation testing report.
  5. Final comprehensive security audit report.
  6. Security best practices documentation.

Project Details

Estimated Duration: 4-5 weeks (negotiable based on system complexity)
Type: Contract
Location: Remote
Start Date: Immediate

How to Apply

Please submit the following to careers@mobiwave.co.ke:

  • Updated CV/Resume
  • Cover letter highlighting relevant security experience
  • Portfolio or case studies of previous security audit work
  • Availability and expected timeline
  • Professional references
  • Rate/compensation expectations

Application Deadline: 5 Nov 2025

Note: All applicants will be required to sign an NDA before project commencement.

Additional Information

  • Selected candidates may be required to complete a practical technical assessment.
  • References from previous security projects will be requested.
  • Clear, concise documentation quality will be strongly considered.
careers@mobiwave.co.ke

Apply Now

Take the first step towards joining our team