35 Penetration Tester jobs in Nairobi

Our client is seeking a vigilant and skilled Information Security Analyst to join their dedicated security team. This role operates entirely remotely, offering a flexible environment for safeguarding our client's digital assets. You will be responsible for monitoring security systems, identifying potential threats, and responding to security incidents to protect the organization's data and infrastructure. Key duties include analyzing security logs, evaluating vulnerabilities, and implementing security controls to mitigate risks. You will stay abreast of the latest security threats, trends, and technologies to ensure our defenses remain robust. The ideal candidate will have experience with various security tools and technologies, such as SIEM (Security Information and Event Management), intrusion detection/prevention systems (IDS/IPS), firewalls, and antivirus software. Conducting security audits, risk assessments, and developing security awareness training programs will also be part of your responsibilities. Excellent analytical and problem-solving skills are essential, as is the ability to work independently and as part of a distributed team. Strong communication skills are needed to report on security findings and recommend remediation strategies. This is a critical role requiring a meticulous approach and a commitment to maintaining a secure computing environment. If you possess a strong foundation in cybersecurity principles and are eager to contribute to a secure digital future from a remote setting, we encourage you to apply.

Responsibilities:

• Monitor security alerts and logs from various security systems.
• Identify, analyze, and respond to security incidents and breaches.
• Conduct vulnerability assessments and penetration testing.
• Implement and manage security controls and policies.
• Stay updated on emerging cybersecurity threats and technologies.
• Assist in the development and delivery of security awareness training.
• Perform regular security audits and recommend improvements.
• Document security procedures and incident response plans.
• Collaborate with IT teams to ensure secure system configurations.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• 3+ years of experience in information security or cybersecurity.
• Strong understanding of cybersecurity principles, frameworks, and best practices.
• Experience with SIEM, IDS/IPS, firewalls, and endpoint security solutions.
• Knowledge of network protocols and security concepts.
• Excellent analytical, problem-solving, and critical thinking skills.
• Relevant certifications such as CompTIA Security+, CISSP, or CEH are highly desirable.
• Ability to work independently and communicate effectively in a remote team environment.

**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Your day at NTT DATA**
The Associate Information Security Services Analyst is an entry subject matter expert, responsible for supporting with the design and implementation of security systems to protect the organization's computer networks from cyber-attacks, and to help set and maintain security standards.
This role assists with monitoring the organization's computer networks for security issues, installs security software, and documents any security issues or breaches found.
The Associate Information Security Services Analyst is responsible for supporting with the planning, implementation, and management of information security measures to safeguard the organization's digital assets and systems and contributes to maintaining a secure and compliant environment.
**Key responsibilities:**
+ Assists with monitoring security alerts and events from various sources.
+ Assists with investigating potential threats and escalates incidents as necessary.
+ Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls.
+ Assists with performing regular vulnerability assessments, analyses scan results, and assists in prioritising and remediating identified vulnerabilities.
+ Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts.
+ Assists in ensuring compliance with industry standards (for example, GDPR, ISO 27001) by conducting assessments and implementing necessary controls.
+ Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs
+ Documents security breaches and assess the damage they cause.
+ Works with the security team to perform tests and uncover network vulnerabilities.
+ Fixes detected vulnerabilities to maintain a high-security standard.
+ Develops organizational best practices for IT security.
+ Supports with penetration testing and upgrading of systems to unable security software.
+ Installs and upgrades antivirus software and assists with testing and evaluating new technology.
+ Assists with the installation of security software and understands information security management.
+ Researches security enhancements and makes recommendations to management.
+ Stays abreast of information technology trends and security standards.
+ Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices.
+ Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes.
+ Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems.
+ Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization.
+ Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects.
+ Performs any other related task as required.
**To thrive in this role, you need to have:**
+ Good communication skills to effectively convey technical information to non-technical stakeholders.
+ Good analytical thinking and problem-solving skills to prevent hacking on a network.
+ Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
+ Understands firewalls, proxies, SIEM, antivirus, and IDPS concepts.
+ Understands patch management with the ability to deploy patches in a timely manner whilst understanding business impact.
+ Some proficiency with MAC and OS.
+ Familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR).
+ Basic understanding of network and system architecture, protocols, and security controls.
+ Ability to analyze security incidents and assess potential risks.
+ Ability to work both independently and collaboratively in a fast-paced environment.
**Academic qualifications and certifications:**
+ Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related.
+ Security certifications such as CompTIA Security+ are advantageous
**Required experience:**
+ Entry level demonstrated experience in information security or cybersecurity, or related roles.
+ Entry level demonstrated experience working in a global IT organization.
+ Entry level demonstrated experience with computer network penetration testing and techniques.
+ Entry level demonstrated experience with security assessment and vulnerability scanning tools
**Workplace type** **:**
On-site Working
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Our client, a global leader in aviation services and technology, is seeking a highly experienced Senior Aviation Security Analyst to join their fully remote team. This critical role will focus on assessing, developing, and implementing comprehensive security strategies to protect aircraft, passengers, crew, and airport infrastructure. You will play a key part in mitigating risks, responding to security threats, and ensuring compliance with international aviation security regulations. The ideal candidate possesses extensive knowledge of aviation security protocols, threat assessment methodologies, and a proactive approach to safeguarding operations.

Responsibilities:

• Conduct thorough risk assessments and vulnerability analyses of aviation operations, facilities, and systems.
• Develop and implement robust security policies, procedures, and contingency plans in line with international standards (e.g., ICAO, TSA, EASA).
• Monitor global security intelligence and assess potential threats to aviation operations.
• Investigate security incidents, breaches, and anomalies, recommending corrective actions.
• Oversee the implementation and effectiveness of security technologies and surveillance systems.
• Liaise with government agencies, law enforcement, and other aviation stakeholders on security matters.
• Develop and deliver security awareness training programs for staff and relevant personnel.
• Contribute to the continuous improvement of aviation security measures and protocols.
• Prepare detailed reports on security assessments, incident findings, and recommendations for senior management.
• Stay current with evolving threats, regulatory changes, and best practices in aviation security.

Qualifications:

• Bachelor's degree in Aviation Management, Security Studies, Criminology, or a related field. Advanced degree or relevant certifications are highly desirable.
• Minimum of 7 years of progressive experience in aviation security, including roles in risk assessment, threat analysis, and security management.
• In-depth knowledge of international aviation security regulations, standards, and best practices.
• Proven experience in developing and implementing security policies and procedures.
• Strong analytical and critical thinking skills, with the ability to assess complex security situations.
• Excellent report writing and presentation skills.
• Demonstrated ability to work effectively in a remote team environment and collaborate with diverse stakeholders.
• Experience with security technologies and surveillance systems is a plus.
• Ability to maintain confidentiality and handle sensitive information.
• Professional certifications such as Certified Protection Professional (CPP) or aviation security specific certifications are advantageous.

This is an exceptional opportunity for a seasoned aviation security professional to contribute to a vital global industry from a remote setting. The designated area for this role is Malindi, Kilifi, KE , however, the position is entirely remote.

Our client, a leading global cybersecurity firm, is seeking a highly motivated and experienced Senior Information Security Analyst to join their dynamic, fully remote team. This pivotal role is responsible for safeguarding sensitive company and client data against a constantly evolving threat landscape. You will be instrumental in developing, implementing, and managing robust security protocols and systems. Your expertise will be crucial in identifying vulnerabilities, conducting risk assessments, and responding effectively to security incidents. The ideal candidate will possess a deep understanding of network security, endpoint protection, cloud security, and data privacy regulations.

Key Responsibilities:

• Conducting comprehensive security audits and penetration testing to identify and mitigate risks.
• Developing and maintaining security policies, procedures, and guidelines.
• Monitoring security alerts and incidents, performing root cause analysis, and implementing remediation strategies.
• Managing and configuring security tools, including firewalls, intrusion detection/prevention systems, SIEM, and endpoint detection and response (EDR) solutions.
• Collaborating with IT and development teams to ensure security is integrated into all stages of the software development lifecycle (SDLC).
• Providing security awareness training to employees across the organization.
• Staying abreast of the latest cybersecurity threats, trends, and technologies.
• Ensuring compliance with relevant data protection regulations (e.g., GDPR, CCPA).
• Contributing to the development and execution of incident response plans.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of progressive experience in information security.
• Proven experience with security frameworks such as NIST, ISO 27001.
• Strong knowledge of TCP/IP, networking protocols, and cybersecurity principles.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CISM, or CEH are highly desirable.
• Ability to work independently and collaboratively in a fast-paced, remote environment.

Our client is committed to fostering a secure and inclusive work environment, offering competitive compensation and opportunities for professional growth. This role offers the flexibility of working from anywhere within Kenya, with a focus on delivering exceptional security outcomes for our organization. We value individuals who are proactive, detail-oriented, and possess a strong ethical compass in their approach to cybersecurity. The opportunity to make a significant impact on a global scale awaits a dedicated security professional.

Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their robust cybersecurity team. This is a fully remote position, offering the flexibility to protect our client's digital assets from anywhere. You will be responsible for identifying, assessing, and mitigating security risks across the organization's IT infrastructure and applications. This involves developing and implementing security policies, monitoring for threats, responding to incidents, and ensuring compliance with relevant regulations. You will play a critical role in safeguarding sensitive data and maintaining the integrity of our client's systems. Key responsibilities include:

• Developing and implementing comprehensive information security strategies and policies.
• Conducting vulnerability assessments and penetration testing to identify security weaknesses.
• Monitoring security systems (SIEM, IDS/IPS) for potential threats and intrusions.
• Investigating and responding to security incidents, including analysis, containment, and remediation.
• Implementing and managing security controls, such as firewalls, encryption, and access management.
• Ensuring compliance with industry standards and regulatory requirements (e.g., GDPR, ISO 27001).
• Developing and delivering security awareness training to employees.
• Staying current with emerging cybersecurity threats, vulnerabilities, and technologies.
• Collaborating with IT teams to ensure secure system configurations and deployments.
• Performing risk assessments and developing mitigation plans.
• Managing security documentation and reporting on security posture.
• Providing technical guidance and mentorship to junior security staff.

The ideal candidate will have a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as CISSP, CISM, or CEH are highly desirable. A minimum of 5-7 years of experience in information security is required. Proven expertise in security frameworks, risk management, incident response, and threat analysis is essential. Strong technical skills in areas like network security, endpoint security, and cloud security are paramount. Excellent analytical, problem-solving, and communication skills are necessary for effectively working in a remote team environment and articulating complex security issues.

Our client, a leading financial services institution, is seeking a highly skilled and experienced Senior Information Security Analyst to join their dedicated security team. This position requires on-site presence and offers an excellent opportunity to contribute to the protection of sensitive data and systems. The successful candidate will be responsible for implementing and managing security controls, monitoring security threats, conducting vulnerability assessments, and responding to security incidents. You will play a vital role in maintaining the integrity, confidentiality, and availability of information assets.

Key Responsibilities:

• Develop, implement, and maintain security policies, standards, and procedures.
• Monitor security systems and networks for potential threats and vulnerabilities using SIEM tools and other security technologies.
• Conduct regular vulnerability assessments and penetration testing to identify weaknesses in systems and applications.
• Investigate and respond to security incidents, including data breaches, malware infections, and unauthorized access.
• Develop and deliver security awareness training programs for employees.
• Manage and configure security technologies such as firewalls, intrusion detection/prevention systems (IDPS), VPNs, and endpoint protection.
• Collaborate with IT operations teams to ensure security is integrated into system design and deployment.
• Perform risk assessments and develop mitigation strategies for identified security risks.
• Stay current with emerging security threats, vulnerabilities, and technologies.
• Participate in security audits and ensure compliance with relevant regulations (e.g., GDPR, PCI DSS).
• Develop and maintain incident response plans and business continuity strategies.
• Provide technical guidance and support to other IT staff on security matters.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of experience in information security, cybersecurity operations, or a related role.
• Strong knowledge of security principles, frameworks (e.g., ISO 27001, NIST), and best practices.
• Experience with SIEM tools, vulnerability scanners, and endpoint security solutions.
• Proficiency in network security, firewalls, IDS/IPS, and encryption technologies.
• Excellent analytical, problem-solving, and incident response skills.
• Strong communication and interpersonal skills, with the ability to explain technical concepts to non-technical audiences.
• Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable.
• Ability to work effectively in a team environment and manage multiple priorities.
• Experience in the financial services industry is a plus.

The position is located in Malindi, Kilifi, KE , and requires the candidate to work on-site. If you are a dedicated security professional looking to safeguard critical information assets, we encourage you to apply.

Our client is actively seeking a highly motivated and experienced Lead Information Security Analyst to join their established, fully remote security operations team. This critical role will be responsible for safeguarding the organization's digital assets, developing and implementing robust security strategies, and responding to evolving cyber threats. The ideal candidate will possess a deep understanding of security principles, a proactive approach to risk mitigation, and exceptional analytical skills. This is an excellent opportunity for a seasoned professional to make a significant impact in a security-first, remote-first environment.

Responsibilities:

• Develop, implement, and maintain comprehensive information security policies, procedures, and controls.
• Oversee and conduct regular vulnerability assessments and penetration testing to identify security weaknesses.
• Manage and monitor security infrastructure, including firewalls, intrusion detection/prevention systems, and SIEM solutions.
• Lead incident response efforts, including detection, containment, eradication, and recovery from security breaches.
• Analyze security logs and alerts to detect and investigate suspicious activities.
• Provide expert guidance on information security best practices and regulatory compliance (e.g., GDPR, PCI DSS).
• Develop and deliver security awareness training programs for employees.
• Stay current with the latest cybersecurity threats, vulnerabilities, and mitigation techniques.
• Collaborate with IT and development teams to ensure security is integrated into the software development lifecycle.
• Conduct risk assessments and develop strategies to mitigate identified risks.
• Manage security-related projects and initiatives.
• Act as a primary point of contact for security-related inquiries and escalations.
• Contribute to the continuous improvement of the organization's security posture.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred.
• Minimum of 6 years of experience in information security, with at least 2 years in a leadership or senior analyst role.
• In-depth knowledge of network security, endpoint security, data loss prevention, and cloud security.
• Proficiency with security tools such as SIEM, vulnerability scanners, and endpoint detection and response (EDR) solutions.
• Experience in incident response and forensic analysis.
• Strong understanding of cybersecurity frameworks and best practices.
• Relevant security certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Proven ability to work independently and collaboratively in a remote setting.
• Experience with scripting languages (e.g., Python, PowerShell) for automation is a plus.

This is a unique opportunity to lead security initiatives from a remote location. Our client values a culture of continuous learning and offers substantial professional development opportunities. The role is fundamentally based in Malindi, Kilifi, KE but operated entirely remotely.

Our client is seeking a highly skilled and experienced Senior Information Security Analyst to join their fully remote cybersecurity team. This critical role involves protecting the organization's digital assets through proactive threat detection, incident response, vulnerability management, and security policy enforcement. You will play a leading role in assessing security risks, implementing robust security measures, and ensuring compliance with industry best practices and regulations.

Key Responsibilities:

• Monitor security systems, including firewalls, intrusion detection/prevention systems (IDPS), and SIEM platforms, for security incidents.
• Investigate security breaches and other cybersecurity incidents, performing root cause analysis and recommending corrective actions.
• Develop, implement, and maintain security policies, procedures, and controls.
• Conduct regular vulnerability assessments and penetration tests to identify and address weaknesses.
• Manage and configure security tools and technologies.
• Respond to security alerts and incidents in a timely and effective manner.
• Develop and deliver security awareness training to employees.
• Stay abreast of the latest cybersecurity threats, trends, and technologies.
• Collaborate with IT and other departments to ensure security is integrated into all aspects of the business.
• Participate in security audits and ensure compliance with relevant standards (e.g., ISO 27001, GDPR).
• Contribute to the development and refinement of the organization's incident response plan.
• Provide expert guidance on security best practices and risk management.
• Evaluate and recommend new security technologies and solutions.
• Maintain detailed documentation of security infrastructure and processes.
• Lead security projects and initiatives as assigned.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 7 years of progressive experience in information security.
• Proven experience with security monitoring tools, SIEM, IDPS, firewalls, and endpoint security solutions.
• Strong understanding of network security, cloud security (AWS, Azure, GCP), and application security.
• Experience with vulnerability assessment tools and penetration testing methodologies.
• Excellent analytical and problem-solving skills, with a keen eye for detail.
• Strong written and verbal communication skills, with the ability to articulate technical concepts to non-technical audiences.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.
• Ability to work independently and collaboratively in a remote team environment.
• Demonstrated ability to manage complex security projects.
• A proactive approach to identifying and mitigating security risks.
• This role is fully remote and serves a client base that includes operations in Malindi, Kilifi, KE .

Join our client's robust security team and make a tangible difference in protecting critical information assets in a fully remote capacity.

Our client is seeking a highly skilled Senior Information Security Analyst to join their dedicated security team. This position is based at our offices in Malindi, Kilifi, KE , and plays a crucial role in safeguarding our organization's digital assets and information infrastructure. You will be responsible for implementing and managing robust security measures, conducting threat assessments, and responding to security incidents. This includes developing and enforcing security policies and procedures, monitoring network security, and performing vulnerability assessments and penetration testing. You will also be involved in security awareness training for employees, ensuring they understand and adhere to best practices. The role requires staying abreast of the latest security threats, technologies, and industry trends to proactively identify and mitigate risks. Collaboration with IT teams, management, and external partners to ensure comprehensive security coverage is essential. The ideal candidate will possess a deep understanding of network security, cryptography, risk management, and compliance frameworks (e.g., ISO 27001, NIST). Excellent analytical, problem-solving, and communication skills are required. Experience with security information and event management (SIEM) tools, firewalls, intrusion detection/prevention systems, and endpoint security solutions is critical. A Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field, coupled with at least 5 years of experience in information security, is required. Relevant professional certifications such as CISSP, CISM, or CEH are highly desirable. Join our team and be at the forefront of protecting critical information assets for our organization in Malindi, Kilifi, KE .