M-Pesa Africa: Senior Specialist Cloud & Network Security

Job Description

M-Pesa is a pioneering fintech business and global market leader in mobile money. Starting from 2007 as a convenient means by which the unbanked and underbanked could make digital payments, M-Pesa has now grown to offer over 60 million active customers Financial Services, Enterprise, Merchant and Retail solutions. We are proud of our work in enabling the digital economy in our markets, and in driving financial inclusion.

M-Pesa Africa is the largest FinTech providing services to more than 60 million customers and 5 million businesses solutions across Financial Services, Enterprise, Merchant and Retail. We are now well on our way to becoming the preferred digital payment method across the markets that we serve, for both in-store, remote and online payments. With headquarters in both Nairobi and Johannesburg, we serve markets that include Kenya, Tanzania, DRC, Lesotho, Ghana, Egypt, Ethiopia, and Mozambique.

We are a united, energetic and passionate team. A place where leaders coach, teams connect, and everyone is empowered to go further, faster. A place where heroes become superheroes; through growth, opportunity, and the chance to work with the best minds in FinTech.

Role Purpose

The Senior Specialist – Cloud & Network Cyber Security ensures the design, implementation, and operation of secure, reliable, and scalable cloud and network security capabilities across M‑Pesa Africa. The role provides expert security architecture for projects, drives automation and Zero Trust initiatives, maintains critical security controls, and strengthens the organisation’s overall cyber resilience. As a dedicated Cyber Security SPOC for assigned markets, the role supports vulnerability management, incident response, and compliance, ensuring harmonised standards and continuous improvement of M‑Pesa’s security posture.

Your responsibilities will include:

Impact on the Business

• Coordinate optimisation of Operational and Monitoring Cyber Security Baseline (CSB) controls related to Network Security.
• Design and implement network security measures to protect data, software, and hardware.
• Monitor network traffic for unusual activity and respond to security breaches.
• Conduct regular security audits and vulnerability assessments, including perimeter and insecure port reviews.
• Develop, enforce, and maintain security policies, standards, and procedures.
• Collaborate with IT, Cloud, Network, and business teams to ensure integrated security controls.
• Deliver training and knowledge‑sharing on network security practices.
• Support internal and external technology audits and ensure closure of audit findings within agreed timelines.

Customers, Suppliers and Third Parties

• Ensure compliance with legal, regulatory, and stakeholder security requirements.
• Monitor compliance of Cyber Security managed services contracts against agreed SLAs.
• Support validation and completion of technology audit checklists and user access reviews.
• Coordinate analytical processes and cyber incident response activities.
• Ensure adherence to change management processes for all planned and emergency changes.

Innovation and change

• Contribute to Security & Privacy by Design Assurance (SPDA) processes to ensure GDPR and business requirements are met.
• Continuously review and enhance security policies, controls, and baselines to meet evolving threats.
• Establish analytics frameworks and tools to improve threat visibility and readiness.
• Drive continuous improvement through simplification, automation and optimisation of cyber security processes.

Communication

• Lead internal and third‑party service review meetings covering performance, SLAs, quality and service improvements.
• Recommend and track Cyber Security Service Improvement Plans, ensuring actions are completed on time.
• Train and raise security awareness across MPA users, partners and third‑party vendors.
• Drive timely communication during planned or emergency incidents to internal and external stakeholders.

The ideal candidate for this role will have:

Qualifications

• Degree in Electrical Eng/Computer Science/information Technology or equivalent Technology related degree
• Preferred certifications: CISSP, CISM, CCSP, AZ‑500, CEH, Security+, Network+, ComptiaSecurity+/CCNA Security
• Continuous professional development in cloud, network or cybersecurity.
• In-depth knowledge of network protocols, firewalls, VPNs, and security tools.

Core Competencies,knowledge and experience:

• Strong experience in Cloud and Network Security architecture and operations.
• Hands‑on experience with IPS, WAF, VPN, firewalls, endpoint security and SIEM tools.
• Solid knowledge of Azure security services and cloud security best practices.
• Ability to troubleshoot complex cloud and network security issues (L1–L3).
• Strong analytical thinking, communication and stakeholder engagement skills.
• Excellent documentation and report writing ability.
• Proven project execution capability and proactive threat management mindset.
• Ability to work collaboratively with cross‑market and cross‑functional teams.

Experience

• Minimum 5 years Network Security experience (IPS, WAF, VPNs, Content Filters, scanning tools).
• Minimum 2 years hands‑on experience implementing and maintaining Network Security solutions.
• Experience with Azure cloud security tools and hybrid cloud environments.
• Experience supporting vulnerability remediation, audits and security incidents.
• Experience producing HLDs, LLDs and network/cloud documentation.
• Exposure to regional or multi‑market environments is an advantage.

Closing date for Applications: 09 February 2026.

The base location for this role is, Vodacom Midrand Campus.

The Company's approved Employment Equity Plan and Targets will be considered as part of the recruitment process. As an Equal Opportunities employer, we actively encourage and welcome people with various disabilities to apply.
Vodacom is committed to an organisational culture that recognises, appreciates and values diversity & inclusion.