DevSecOps Manager at Optimal Growth Technologies

Role Summary

• This senior role drives secure, automated, and compliant cloud-native delivery while managing monitoring/alerting, penetration testing programs, vulnerability management, and broader cybersecurity initiatives.
• You will lead a team of DevSecOps engineers, foster a security by design culture, and enable the business to innovate rapidly in a regulated South African and global context

Key Responsibilities

DevOps

• Provision and manage cloud infrastructure as code (Terraform, Ansible, CloudFormation) on AWS, Azure, or GCP.
• Implement containerization and orchestration (Docker, Kubernetes, Helm) for consistent environments.
• Automate repetitive tasks, reduce toil, and improve developer experience through self service tools
• Collaborate with software developers, QA, and security teams to embed DevOps practices (shift-left security, automated testing).
• Perform root-cause analysis on production issues, implement fixes, and drive continuous improvement.
• Participate in on-call rotations and incident response.

Leadership & Team Management

• Lead, mentor, and develop a high-performing team of DevOps, SRE, and security engineers.
• Mentor junior engineers and promote a culture of automation and shared ownership
• Champion DevSecOps practices and culture across Development, Operations, Security, and Compliance teams.
• Define and track KPIs: vulnerability remediation time, security gate pass rate, MTTR, deployment frequency, and alert reduction.

AWS Cloud Environment Management & Security

• Design, implement, and govern secure AWS architectures (multi-account landing zones via Control Tower, VPCs, EKS, Lambda, RDS, etc.) using Infrastructure as Code (Terraform, AWS CloudFormation, CDK).
• Enforce least-privilege IAM, encryption (KMS), secrets management, network security, and data sovereignty for POPIA compliance.
• Leverage AWS-native services: Amazon Inspector, GuardDuty, Security Hub, Config, IAM Access Analyzer, and AWS Security Agent for automated security.
• Build and Secure CI/CD Pipelines & Automation
• Build and evolve secure CI/CD pipelines (AWS CodePipeline, GitLab), optimizing workflows to automate testing, builds, and deployments with security gates (SAST,
• DAST, SCA, IaC, secret, and container scanning)

Monitoring, Alerting & Observability

• Architect comprehensive monitoring and alerting using AWS CloudWatch, GuardDuty, X-Ray, EventBridge, and SIEM integrations.
• Design intelligent alerting with automated routing, escalation, noise reduction, and rapid incident response processes (critical for Cybercrimes Act obligations).
• Set up monitoring, logging, and alerting to maintain high availability and performance.
• Ensure 24/7 visibility into security posture, performance, and compliance.

Cybersecurity, Penetration Testing & Risk Management

• Lead and coordinate regular penetration testing
• Oversee vulnerability management: scanning, risk-based prioritization, remediation tracking, and exception processes.
• Conduct threat modelling, runtime protection, supply-chain security, zero-trust implementation, and incident response.
• Ensure appropriate, reasonable technical and organisational measures for POPIA Condition 7 (Security Safeguards), including encryption, access controls, logging, and regular testing.

Compliance, Governance & Continuous Improvement

• Support audits and evidence collection
• Collaborate on release management with security go/no-go decisions.
• Stay current with AWS security updates, emerging threats, and South African regulatory changes.
• Drive maturity of DevSecOps practices and conduct regular AWS Well-Architected
• Framework reviews (Security Pillar).

Qualifications & Experience

• Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering

Experience

• 8–10+ years in DevOps, Cloud Engineering, or Cybersecurity.
• 3–5+ years in technical leadership or management roles.
• Strong hands-on AWS experience
• Proven track record in regulated environments with POPIA/GDPR compliance.

Certifications

• AWS Certified Security – Specialty or AWS Certified DevOps Engineer – Professional.
• CISSP, CISM, CCSP, or CISA.

Essential Skills & Competencies

Technical:

• Deep expertise in AWS.
• Proficiency with security tools (Inspector, GuardDuty, SAST/DAST like SonarQube, SIEM).
• Proficiency in at least one scripting language (Python, Bash, PowerShell).
• Strong experience with Linux, networking, and Git.
• Hands-on expertise with CI/CD, IaC, Docker/Kubernetes, and at least one major
• cloud platform (AWS/Azure/GCP certifications preferred).
• Penetration testing methodologies and vulnerability management.
• Knowledge of monitoring, observability, and infrastructure security.

Leadership & Soft Skills:

• Excellent stakeholder communication (technical to executive level).
• Ability to drive cultural change in hybrid/fast-paced environments.
• Strong problem-solving, metrics-driven approach, and collaboration skills.