Rowland Otieno

Background

About

Visionary Cloud Solutions Architect and Cloud Security Engineer with expertise in designing, deploying, and managing cloud solutions across AWS, GCP, and Azure, currently driving cloud-native adoption at Safaricom. Former Head of ICT Security Operations at a tier-one Kenyan bank, overseeing ISO 27001 and PCI DSS compliance, risk management, and the security of 8.8M account holders' data. Proven leader in cybersecurity, incident response, and system automation, with a passion for aligning technical solutions with strategic business goals.

Work Experience

Cloud Solution Architect/Cloud Security Engineer, Safaricom PLC
Jul, 2022 - Present
Directed Safaricom’s cloud strategy, achieving a 30% reduction in operational costs through optimized cloud adoption, infrastructure design, and management, while ensuring robust security across public and private cloud environments.
- Co-architected the mpesa application for AWS public cloud. https://www.safaricom.co.ke/main-mpesa/m-pesa-services
- Co-architected the myCounty solution for AWS public cloud. https://mycounty.co.ke
- Provided architectural direction to implement Safaricom's cloud strategy.
- Framed the cloud adoption plan, application design, and strategies for cloud management and monitoring.
- Maintained a highly available server infrastructure for deploying instances on public and private clouds.
- Supported cloud operations by collaborating with external and internal stakeholders.
- Administered container orchestration software for public and private clouds.
- Planned and designed cloud infrastructure and software solutions.
- Deployed cloud orchestration tools to automate infrastructure management.
- Applied operating system updates, manage configuration changes, and optimize system performance on public and private cloud accounts.
- Implemented fixes for cloud security vulnerabilities, risks, and audit findings on public and private clouds.
- Reduced operational costs by applying best practices for cost optimization.
Head, ICT Security Operations, Co-operative Bank of Kenya
Jan, 2021 - Jun, 20221 year 6 months
Led the Security Operations Centre (SOC) and cybersecurity initiatives, ensuring 24/7 monitoring, compliance with ISO 27001, progress toward PCI DSS certification, adherence to NIST Cybersecurity Framework, secure cloud migration, and alignment with the Kenya Data Protection Act, while delivering comprehensive security reporting to stakeholders.
- Oversaw the Security Operations Centre (SOC) and ensured 24/7 security monitoring.
- Achieved ISO IEC 27001:2013 certification by identifying risks, assessing implications, and implementing systematic controls to safeguard the bank.
- Implemented systematic steps to attain PCI DSS certification, ensuring the protection of cardholder data during processing, storage, and transmission.
- Aligned cybersecurity activities with the NIST Cybersecurity Framework, integrating business drivers and risk management processes.
- Developed, implemented, and enforced the bank's comprehensive cybersecurity program.
- Led new projects by providing ICT security guidance, ensuring compliance with baseline security standards, and mapping business initiatives to a technical security architecture.
- Delivered timely daily, weekly, monthly, and quarterly reports to senior management and shareholders, highlighting the ICT security posture, emerging threats, trends, and future plans.
Applications and Infrastructure Security Officer, Co-operative Bank of Kenya
Sep, 2018 - Dec, 20202 years 3 months
Led red team penetration testing, security assessments (web, mobile, API), vulnerability and risk assessments, incident response, malware analysis, automation scripting, and cloud adoption planning, while enhancing cybersecurity awareness and aligning with frameworks like OWASP and NIST.
- Performed red team penetration testing to improve enterprise information assurance by demonstrating the impacts of successful attacks and effective defense strategies.
- Conducted web, mobile, and API security assessments following OWASP Top Ten guidelines.
- Identified and addressed known vulnerabilities through timely vulnerability assessments, reducing organizational risk exposure to acceptable levels.
- Performed cyber risk assessments guided by the NIST Cybersecurity Framework.
- Provided training and shared knowledge with team members, the division, and the organization to enhance cybersecurity awareness.
- Developed custom Linux Bash and Python scripts to automate daily tasks with detailed reporting.
- Created the cloud adoption roadmap, advising the bank on technology gaps to ensure cybersecurity visibility.
- Led the cyber incident response and forensics stream.
- Conducting static, dynamic and post-mortem malware analysis.
- Managed cyber incident response across physical and remote Windows and Unix/Linux environments, including laptops, desktops, servers, and embedded appliances.
Computer Incident Response and Forensics Manager, Equity Group Holdings
Apr, 2017 - Sep, 20181 year 5 months
Led cyber incident response and forensics aligned with ISO 27001:2013, including malware analysis, policy development, security testing for web and mobile applications, and managing incidents across Windows and Unix/Linux environments.
- Led the cyber incident response and forensics stream, adhering to ISO IEC 27001:2013 standards to ensure digital forensic evidence was admissible and of evidential value in court.
- Performed static, dynamic, and post-mortem malware analysis.
- Managed cyber incident response across physical and remote Windows and Unix/Linux environments, including laptops, desktops, and servers.
- Developed and implemented incident response policies and procedures aligned with ISO IEC 27001:2013 standards.
- Conducted web and mobile application security testing for various functions of the bank and its subsidiaries.
Team Lead, Cyber Security and Cyber Forensics, Constellis (Formerly Olive Group)
Jan, 2017 - Mar, 20173 months
Performed malware analysis, penetration testing, cloud security management (AWS, Azure), incident response, policy reviews, and security testing for web, mobile, and IT environments, while conducting forensic analysis across servers, desktops, and mobile devices.
- Executed static, dynamic, and post-mortem malware analysis.
- Conducted penetration tests for both external and internal corporate environments.
- Managed the organization’s AWS EC2 cloud instances used to host web apps and websites.
- Controlled Microsoft Azure cloud machines hosting web apps, websites, databases, and developer tools across development, test, and production environments.
- Performed security assessments on AWS and Microsoft Azure environments.
- Led cyber incident response efforts for both physical and remote desktop environments.
- Reviewed IT security policies and procedures for the banking and telephony industries.
- Directed mobile application security testing for the banking and telephony industries.
- Tested web application security for clients in the banking and telephony industries.
- Conducted forensic analysis of servers, desktops, and mobile devices.
Cyber Security and Cyber Forensics Analyst, Constellis (Formerly Olive Group)
Mar, 2013 - Dec, 20163 years 10 months
Contributed to cybersecurity and forensics, overseeing penetration testing, vulnerability assessments, cloud security (AWS), server forensics, and mobile incident response for banking and telephony industries.
- Contributed as a team member in the cybersecurity and cyber forensics team.
- Led penetration testing efforts for the banking and telephony industries.
- Performed vulnerability assessments for the banking industry.
- Managed the organization’s AWS EC2 cloud instances hosting web apps, websites, databases, and developer tools.
- Conducted security assessments on AWS instances.
- Performed forensic analysis on Windows and Linux servers for the banking and telephony industries.
- Handled mobile device cyber incident response and forensics for the telephony and banking industries.
Full Stack Software Developer and Trainer, Brand ID East Africa
Dec, 2010 - Mar, 20132 years 4 months
Served as a programmer and systems integrator for SMS routing systems and conducted end-user training on Brand ID's product authentication platform.
- Programmed and integrated computing systems, SMS aggregation, and routing between Brand ID servers and East African telephony providers.
- Delivered end-user training for clients and consumers of Brand ID's product authentication system.
Full Stack Software Developer and Trainer, Future Link Technologies
May, 2007 - Dec, 20081 year 8 months
Developed Savings Plus banking applications and bulk messaging systems, integrated with telecom providers, and conducted end-user training across Uganda, Rwanda, and Zambia.
- Developed the Savings Plus SACCO and microfinance banking application.
- Created bulk messaging systems with scheduling and routing, integrating with telephone providers MTN, Airtel (formerly Zain), Uganda Telecom, and Orange Uganda.
- Conducted end-user training for Savings Plus clients in Uganda, Rwanda, and Zambia.

Skills

Cloud Security Architect
Risk Assessment and Mitigation

Threat Modeling

Security Policies and Standards

Defence in Depth

Zero Trust Architecture

Principle of Least Privilege

Data Confidentiality, Integrity and Availability

NIST Cybersecurity Framework

OWASP for application security

Security by Design

Privacy by Design

Multi-factor Authentication

Identity Federation and Single Sign-On (SSO)

OpenIdentity

EKS

Fargate

Docker

AWS Certified Cloud Practitioner
Amazon Web Services (AWS)
EC2

Auto Scaling

S3

Glacier

RDS

ElastiCache

VPC

Route 53

Elastic Load Balancing

Direct Connect

IAM

AWS WAF

Cost Explorer

CloudWatch

EKS

Fargate

Docker

AWS Certified Cloud Practitioner
Linux Administration
ext4

yum

apt

rpm

Bash Scripting

Shell Automation

Process Management

SSH configuration and hardening

SELinux

Encryption via GPG, LUKS and OpenSSL

Networking via ifconfig, ip and nmcli

Squid Proxy

Privoxy

TOR

DHCP and IP address management

Load Balancing via HAProxy

System logs via rsyslog

Virtualization via KVM and QEMU

Containerisation via Docker and Podman

Container Orchestration via Kubernetes
Python
Python2/3

Data structures using lists, dictionaries and tuples

Object-Oriented Programming

File handling

Python standard library

Python web development using Django and Flask

Web scraping using BeautifulSoup and Selenium

GUI automation using PyAutoGUI

Python virtual environments using venv and Conda

Python dependency management using pip

JSON, CSV and XML parsing
Malware Analysis
Static analysis using Binwalk and Strings

Dynamic analysis using Wireshark and RegShot

Reverse engineering

Sandboxing

Debugging using OllyDBG

Assembly language

Python for automation

PowerShell

Indicators of Compromise

Privilege Escalation

Threat feed and reporting using VirusTotal

Forensics using Autopsy, FTK, Internet Evidence Finder (now Magnet Axiom) and EnCase (now OpenText Forensic)

Education

DevSecOps Engineering, AWS Certified DevOps Engineer - Professional, AWS Skill Builder
Sep, 2024 - Mar, 2025
SDLC Automation

Configuration Management & IaC

Resilient Cloud Solutions

Monitoring and Logging

Incident and Event Response

Security and Compliance
Cloud Computing, AWS Cloud Practitioner Essentials, AWS Skill Builder
Sep, 2022 - Sep, 2022
AWS Cloud

Hybrid Cloud

All-in Cloud

Benefits of AWS Cloud

Global Cloud Infrastructure
Ethical Hacking, Offensive Security Certified Professional (OSCP), Offensive Security
Dec, 2020 - Dec, 2020
Security Essentials

Penetration Testing

Web Application Security

Security Operations

Threat Hunting

Incident Response

Exploit Development
ISO IEC 27001:2013, ISO IEC 27001:2013 Lead Implementer, British Standards Institution (BSI)
Dec, 2020 - Dec, 2020
Implementation plan of an Information Security Management System

Implentation of an Information Security Management System

ISMS monitoring, continual improvement, and preparation for the certification audit
Information Systems Auditing, Certified Information Systems Auditor (CISA), Information Systems Audit and Control Association (ISACA)
Aug, 2017 - Aug, 2017
Information Systems Auditing Process

Governance and Management of Information Technology

Information Systems Acquisition, Development & Implentation

Information Systems Operations and Business Resilience

Protection of Information Assets
Incident Response and Forensics, Certified Incident Handler (CIH), EC-Council
Jun, 2017 - Jun, 2017
Incident Response Process

First Response

Handling and Responding to Malware Incidents

Handling and Responding to Network Security Incidents

Handling and Responding to Web Application Security Incidents

Handling and Responding to Insider Threats

Handling and Responding to Endpoint Security Incidents
Information Technology, Bachelor of Business Administration, Bugema University
May, 2004 - Oct, 2010
Business Information Systems
Kenya Certificate of Secondary Education, Secondary Education, Jamhuri High School
Jan, 1997 - Dec, 2001
Kenya Certificate of Secondary Education

Interests

DIY
WoodworkingHome electronicsHome automation
Motorcycling
Track daysTrail braking

References

Kipkoech Rono, Safaricom PLC
Ms Rose Mwai, Co-operative Bank of Kenya (Co-op Bank)
Eric Nderi, Kenya Commercial Bank (KCB)
Victor Akidiva, Housing Finance Bank of Kenya (HFCK)
Charles Wanyoike, Equity Group Holdings Limited (EGHL)
Annette Otunga, Constellis Group