Manager – Engineering, Development, Security & Operations (DevSecOps)

Education:

• Minimum 4-year Academic Degree with Honors (B Eng. / BSc Computer Science / Engineering or equivalent Degree Preferred)
  
• Relevant certification/accreditation/membership with professional body as required for role e.g., TOGAF
  

Experience:

• Experience: 5–7years in software engineering with 3–5years leading DevOps/Platform/SRE/Engineering teams in FinTech, payments, or high‑availability digital platforms.
  
• Domain: Payments/wallets, banking integrations, digital channels, KYC, fraud controls, reconciliation/settlement, regulatory environments.
  
• Languages: Java/Kotlin, .NET/C#, Node.js, Python, or Go (at least two).
  
• APIs & Messaging: REST/GraphQL, gRPC; Kafka/RabbitMQ; API Gateway management.
  
• Cloud & Containers: AWS/Azure/GCP; Kubernetes, Helm, Docker; service mesh (Istio/Linkerd).
  
• CI/CD & IaC: Azure DevOps/GitHub Actions/Jenkins; Terraform, Ansible; artifact registries (Nexus/Artifactory).
  
• Observability: Prometheus/Grafana, ELK/EFK, OpenTelemetry, Jaeger/Tempo; incident tooling (PagerDuty/Opsgenie).
  
• Security Tooling: SAST (e.g., SonarQube), DAST (e.g., OWASP ZAP), dependency scanning (e.g., Trivy/Snyk), secrets mgmt (e.g., Vault/KMS), container/image signing (Cosign), WAF/IDS/IPS.
  
• Data: PostgreSQL/MySQL, Redis, object storage; basics of data pipelines for events/audit trails.
  
• Standards/Compliance: PCI DSS, ISO 27001/27002, OWASP ASVS/Top 10, NIST CSF.
  

Skills

• Strong stakeholder management; ability to translate business goals into delivery plans.
  
• Excellent communication and documentation; effective incident leadership under pressure.
  
• Coaching mindset; continuous improvement and measurable outcomes orientation.
  
• Behavioral Qualities
  
• Complete Accountability
  
• Courage
  
• Relational
  
• Adaptable
  
• Complete candour
  
• Culturally aware
  
• Emotional Maturity (High EQ)
  
• Innovation
  
• Integrity
  
• Leadership
  
• Team Player
  

• Engineering Leadership & Delivery
  
• Lead cross-functional squads to ship features and platforms on predictable cadences (sprints/PI).
  
• Define engineering standards: coding, branching, code review, testing, and release criteria.
  
• Drive architecture with the Enterprise/Platform Architect (microservices, event-driven, API-first).
  
• Remove delivery blockers; manage tech debt; enforce “definition of done”.
  
• DevSecOps & Platform Engineering
  
• Own CI/CD pipelines, artifact repositories, infrastructure-as-code (IaC), secrets management, release automation, and environment parity.
  
• Implement secure-by-design: SAST/DAST, dependency scanning, container image scanning, SBOMs, signed artifacts, and policy-as-code.
  
• Establish golden paths/templates for services and infrastructure.
  
• Cloud/Container & Runtime Operations
  
• Operate and optimize cloud/Kubernetes platforms (HA, autoscaling, backups, DR, multi‑AZ/region where applicable).
  
• Manage configuration, service mesh, API gateways, ingress/egress, certificates, and key rotations.
  
• Champion FinOps: capacity planning, rightsizing, tagging, cost visibility and governance.
  
• Reliability, Observability & Incident Management
  
• Implement SLOs/SLIs, error budgets, proactive alerting, and runbooks.
  
• Lead incident response (on-call rotations, post-incident reviews, corrective actions).
  
• Ensure performance, resilience, and latency objectives for customer‑facing journeys.
  
• Security, Risk & Compliance
  
• Align SDLC and operations to PCI DSS, ISO 27001/27002, SOC 2, local data protection, and internal security policies.
  
• Enforce least privilege, network segmentation, VPNs, IP whitelisting, WAF, and API security.
  
• Coordinate vulnerability management and pen test remediation with InfoSec and R&C.
  
• Quality Engineering
  
• Institutionalize automated testing (unit, integration, contract, E2E), test data management, and quality gates in CI/CD.
  
• Promote shift‑left testing and canary/blue‑green deployment strategies.
  
• APIs, Integrations & Ecosystem
  
• Govern API lifecycle (design, versioning, documentation, developer portal, monitoring).
  
• Ensure robust, secure integrations with banks, merchants, and 3PPs via VPNs, mTLS, whitelisting, and signed CSRs.
  
• Maintain sandbox/staging for partners and certification processes.
  
• People, Culture & Vendor Management
  
• Hire, mentor, and develop engineers; foster a blameless, learning culture.
  
• Manage vendors/partners; ensure contract deliverables, SLAs, knowledge transfer, and source code/IP obligations.
  
• Own workforce planning, succession, and skills uplift (cloud-native, security, automation).
  
• Governance & Documentation
  
• Maintain architecture diagrams, runbooks, SOPs, playbooks, and asset inventories.
  
• Drive change, release, and configuration management aligned to audit standards.
  
• Produce management reporting on KPIs/OKRs, risks, incidents, and roadmap health.