Summary
Overview
Work History
Education
Skills
Certification
Timeline
Work Availability
Work Preference
Languages
Software
Interests
Websites
Rowland Otieno

Rowland Otieno

Nairobi

Summary

Professional with strong background in designing and implementing cloud solutions, equipped to drive technological advancements. Expertise in cloud architecture, migration strategies, and security protocols. Known for fostering team collaboration and consistently achieving results. Adaptable to evolving project needs, ensuring reliable delivery of high-quality solutions.

Overview

18
18
years of professional experience
1
1
Certification

Work History

Cloud Solution Architect/Cloud Security Engineer

Safaricom PLC
07.2022 - Current
  • Directed Safaricom’s cloud strategy, achieving a30% reduction in operational costs through optimized cloud adoption, infrastructure design, and management, while ensuring robust security across public and private cloud environments
  • Co-architected the mpesa application for AWS public cloud
  • Https://www.safaricom.co.ke/main-mpesa/m-pesa-services
  • Co-architected the myCounty solution for AWS public cloud
  • Https://mycounty.co.ke
  • Provided architectural direction to implement Safaricom's cloud strategy
  • Framed the cloud adoption plan, application design, and strategies for cloud management and monitoring
  • Maintained a highly available server infrastructure for deploying instances on public and private clouds
  • Supported cloud operations by collaborating with external and internal stakeholders
  • Administered container orchestration software for public and private clouds
  • Planned and designed cloud infrastructure and software solutions
  • Deployed cloud orchestration tools to automate infrastructure management
  • Applied operating system updates, manage configuration changes, and optimize system performance on public and private cloud accounts
  • Implemented fixes for cloud security vulnerabilities, risks, and audit findings on public and private clouds
  • Reduced operational costs by applying best practices for cost optimization

Head, ICT Security Operations

Co-operative Bank of Kenya
01.2021 - 06.2022
  • Led the Security Operations Centre (SOC) and cybersecurity initiatives, ensuring24/7 monitoring, compliance with ISO27001, progress toward PCI DSS certification, adherence to NIST Cybersecurity Framework, secure cloud migration, and alignment with the Kenya Data Protection Act, while delivering comprehensive security reporting to stakeholders
  • Oversaw the Security Operations Centre (SOC) and ensured24/7 security monitoring
  • Achieved ISO IEC27001:2013 certification by identifying risks, assessing implications, and implementing systematic controls to safeguard the bank
  • Implemented systematic steps to attain PCI DSS certification, ensuring the protection of cardholder data during processing, storage, and transmission
  • Aligned cybersecurity activities with the NIST Cybersecurity Framework, integrating business drivers and risk management processes
  • Developed, implemented, and enforced the bank's comprehensive cybersecurity program
  • Led new projects by providing ICT security guidance, ensuring compliance with baseline security standards, and mapping business initiatives to a technical security architecture
  • Delivered timely daily, weekly, monthly, and quarterly reports to senior management and shareholders, highlighting the ICT security posture, emerging threats, trends, and future plans

Applications and Infrastructure Security Officer

Co-operative Bank of Kenya
09.2018 - 12.2020
  • Led red team penetration testing, security assessments (web, mobile, API), vulnerability and risk assessments, incident response, malware analysis, automation scripting, and cloud adoption planning, while enhancing cybersecurity awareness and aligning with frameworks like OWASP and NIST
  • Performed red team penetration testing to improve enterprise information assurance by demonstrating the impacts of successful attacks and effective defense strategies
  • Conducted web, mobile, and API security assessments following OWASP Top Ten guidelines
  • Identified and addressed known vulnerabilities through timely vulnerability assessments, reducing organizational risk exposure to acceptable levels
  • Performed cyber risk assessments guided by the NIST Cybersecurity Framework
  • Provided training and shared knowledge with team members, the division, and the organization to enhance cybersecurity awareness
  • Developed custom Linux Bash and Python scripts to automate daily tasks with detailed reporting
  • Created the cloud adoption roadmap, advising the bank on technology gaps to ensure cybersecurity visibility
  • Led the cyber incident response and forensics stream
  • Conducting static, dynamic and post-mortem malware analysis

Computer Incident Response and Forensics Manager

Equity Group Holdings
04.2017 - 09.2018
  • Led cyber incident response and forensics aligned with ISO27001:2013, including malware analysis, policy development, security testing for web and mobile applications, and managing incidents across Windows and Unix/Linux environments
  • Led the cyber incident response and forensics stream, adhering to ISO IEC27001:2013 standards to ensure digital forensic evidence was admissible and of evidential value in court
  • Performed static, dynamic, and post-mortem malware analysis
  • Managed cyber incident response across physical and remote Windows and Unix/Linux environments, including laptops, desktops, and servers
  • Developed and implemented incident response policies and procedures aligned with ISO IEC27001:2013 standards
  • Conducted web and mobile application security testing for various functions of the bank and its subsidiaries

Team Lead, Cyber Security and Cyber Forensics

Constellis (Formerly Olive Group)
01.2017 - 03.2017
  • Performed malware analysis, penetration testing, cloud security management (AWS, Azure), incident response, forensics, and security testing for web, mobile, and IT environments, while conducting forensic analysis across servers, desktops, and mobile devices
  • Executed static, dynamic, and post-mortem malware analysis
  • Conducted penetration tests for both external and internal corporate environments
  • Managed the organization's AWS EC2 cloud instances used to host web apps and websites
  • Controlled Microsoft Azure cloud machines hosting web apps, websites, databases, and developer tools across development, test, and production environments
  • Performed security assessments on AWS and Microsoft Azure environments
  • Led cyber incident response efforts for both physical and remote desktop environments
  • Reviewed IT security policies and procedures for the banking and telephony industries
  • Directed mobile application security testing for the banking and telephony industries
  • Tested web application security for clients in the banking and telephony industries
  • Conducted forensic analysis of servers, desktops, and mobile devices

Cyber Security and Cyber Forensics Analyst

Constellis (Formerly Olive Group)
03.2013 - 12.2016
  • Contributed to cybersecurity and forensics, overseeing penetration testing, vulnerability assessments, cloud security (AWS), server forensics, and mobile incident response for banking and telephony industries
  • Contributed as a team member in the cybersecurity and cyber forensics team
  • Led penetration testing efforts for the banking and telephony industries
  • Performed vulnerability assessments for the banking industry
  • Managed the organization's AWS EC2 cloud instances hosting web apps, websites, databases, and developer tools
  • Conducted security assessments on AWS instances
  • Performed forensic analysis on Windows and Linux servers for the telephony and banking industries
  • Handled mobile device cyber incident response and forensics for the telephony and banking industries

Full Stack Software Developer and Trainer

Brand ID East Africa
12.2010 - 03.2013
  • Served as a programmer and systems integrator for SMS routing systems and conducted end-user training on Brand ID's product authentication platform
  • Programmed and integrated computing systems, SMS aggregation, and routing between Brand ID servers and East African telephony providers
  • Delivered end-user training for clients and consumers of Brand ID's product authentication system

Full Stack Software Developer and Trainer

Future Link Technologies
05.2007 - 12.2008
  • Developed Savings Plus banking applications and bulk messaging systems, integrated with telecom providers, and conducted end-user training across Uganda, Rwanda, and Zambia
  • Developed the Savings Plus SACCO and microfinance banking application
  • Created bulk messaging systems with scheduling and routing, integrating with telephone providers MTN, Airtel (formerly Zain), Uganda Telecom, and Orange Uganda
  • Conducted end-user training for Savings Plus clients in Uganda, Rwanda, and Zambia

Education

BBA - Business Information Systems

Bugema University, Kampala, Uganda
10-2010

Skills

  • Cloud architecture design
  • Network configuration
  • Kubernetes management
  • Application modernization
  • Automation scripting
  • Multi-cloud strategy
  • Container orchestration

Certification

  • AWS Certified DevOps Engineer - Professional AWS Skill Builder 2025 Jan
  • AWS Cloud Practitioner Essentials - AWS Skill Builder 2022 Oct
  • Offensive Security Certified Professional (OSCP) - Offensive Security 2020 Dec
  • ISO IEC 27001:2013 Lead Implementer - British Standards Institution 2020 Dec
  • Certified Information Systems Auditor (CISA) - ISACA 2017 Oct
  • Certified Incident Handler (CIH) - EC-Council 2017 June

Timeline

Cloud Solution Architect/Cloud Security Engineer - Safaricom PLC
07.2022 - Current
Head, ICT Security Operations - Co-operative Bank of Kenya
01.2021 - 06.2022
Applications and Infrastructure Security Officer - Co-operative Bank of Kenya
09.2018 - 12.2020
Computer Incident Response and Forensics Manager - Equity Group Holdings
04.2017 - 09.2018
Team Lead, Cyber Security and Cyber Forensics - Constellis (Formerly Olive Group)
01.2017 - 03.2017
Cyber Security and Cyber Forensics Analyst - Constellis (Formerly Olive Group)
03.2013 - 12.2016
Full Stack Software Developer and Trainer - Brand ID East Africa
12.2010 - 03.2013
Full Stack Software Developer and Trainer - Future Link Technologies
05.2007 - 12.2008
Bugema University - BBA, Business Information Systems

Work Availability

monday
tuesday
wednesday
thursday
friday
saturday
sunday
morning
afternoon
evening
swipe to browse

Work Preference

Work Type

Full TimeContract Work

Work Location

Remote

Important To Me

Work-life balanceWork from home optionFlexible work hours

Languages

English
Bilingual or Proficient (C2)

Software

Golang

Python

Bash

Interests

Mountain Cycling

Motorcycling

Philanthropy

Similar Profiles

  • Esther Mumbua Kasila

    Esther Mumbua KasilaEsther Mumbua Kasila

    Customer Experience Executive (Call Centre) at Safaricom PLCCustomer Experience Executive (Call Centre) at Safaricom PLC

    View Profile
  • Naomi Kosgei

    Naomi KosgeiNaomi Kosgei

    Senior Cyber Security Analyst at Safaricom PLCSenior Cyber Security Analyst at Safaricom PLC

    View Profile
  • Clifford Owens Obura

    Clifford Owens OburaClifford Owens Obura

    Acting Lead - Cloud, Cybersecurity and IoT Product Management at SAFARICOM PLCActing Lead - Cloud, Cybersecurity and IoT Product Management at SAFARICOM PLC

    View Profile
Rowland Otieno