About Us:

Wasoko (“people of the market” in Swahili) is transforming communities across Africa by revolutionizing access to essential goods and services. We are East Africa’s biggest digitized retail distribution platform powered by our own in-house logistics network. Tens of thousands of informal retailers across seven countries (Kenya, Tanzania, Rwanda, Uganda, Ivory Coast, Senegal and Zambia) use Wasoko to order everyday essential goods and receive working capital financing.

The informal retailers of Africa today are the primary if not the only channel used by consumers to purchase essential goods worth over $600 billion per year. The fragmented infrastructure across large land mass, distributed but diverse population and rather a smaller basket size spend does not yet lend themselves to big basket retail or mass consumer eCommerce. Instead, the informal retail ecosystem is THE channel for building the plumbing for digital and consumer
commerce across Africa.

This is Wasoko’s opportunity. Wasoko with its brand, scale and logistics network is best positioned to build the technology-leveraged rails to serve the 1+ billion African consumers through informal retailers. We are building a digital-first operating system for informal retailers, initially focusing on B2B distribution but quickly incorporating other tools and services to help communities across Africa get more for less.

Principal Security Engineer / Head of IT and Security
Location: Zanzibar or Nairobi or Bangalore

Wasoko is looking for a highly motivated individual with deep information security experience in distributed services, cloud environments. You will be founding a security engineer that would work to protect sensitive company information, handle potential data breaches, and implement strong security and data governance controls. You will pioneer a company-wide cultural awareness and understanding of security best practices, collaborating to define processes and standards and helping other teams execute security-focused projects.

This role has the potential to lead our entire IT team over time as a qualified leader. We view IT as a function of a secure, monitored, automated self-operating system with a low-cost footprint. The aspiring engineer will set up Wasok as one of the leading commerce businesses with a strong security posture within Africa.

What you will do in this role:

  • Audit GCP-hosted distributed services and customer data to identify vulnerabilities and gaps
  • Evaluate the security posture of our corporate IT systems, networks and data
  • Architect Wasok cyber security guiding principles and best practices
  • Engineer and build automation, tools that scale to then continuously protect our systems
  • Set up governance standards, and best practices working with developers and SREs
  • Own and drive response to any security incidents at tier-1
  • Set up security standards and roadmap for payment-related services
  • Become a voice of security, develop mechanisms to establish a culture of security across Wasoko
  • Partner with a product to instil customer first approach in everything security


    • Hands-on operating at excellence experience as a head security engineer for high traffic production system
    • Deep knowledge of cloud security architecture and toolset (GCP preferred)
    • Expert with developer security standards and ways to address them (OWASP top 10 e.g.)
    • Experience with compliance standards (e.g. PCI DSS) CISSP or other security certification
    • Applied knowledge of security testing a plus SAST, DAST, and SCA
    • Expert in python, ruby to golang
    • Excellent communication, collaboration and influencing skills ` clarity of thought, articulation, data drives and fact-based

    Nice to have:

    • Payment and mobile security exp in scaling e-commerce environment
    • Exp building security function from the ground up in a startup that scale