DevSecOps Manager

This senior role drives secure, automated, and compliant cloud-native delivery while managing monitoring/alerting, penetration testing programs, vulnerability management, and broader cybersecurity initiatives. You will lead a team of DevSecOps engineers, foster a “security by design” culture, and enable the business to innovate rapidly in a regulated South African and global context

Key Responsibilities

DevOps

  • Provision and manage cloud infrastructure as code (Terraform, Ansible,
  • CloudFormation) on AWS, Azure, or GCP.
  • Implement containerization and orchestration (Docker, Kubernetes, Helm) for consistent environments.
  • Automate repetitive tasks, reduce toil, and improve developer experience through self -service tools
  • Collaborate with software developers, QA, and security teams to embed DevOps practices (shift-left security, automated testing).
  • Perform root-cause analysis on production issues, implement fixes, and drive continuous improvement.
  • Participate in on-call rotations and incident response.

Leadership & Team Management

  • Lead, mentor, and develop a high-performing team of DevOps, SRE, and security engineers.
  • Mentor junior engineers and promote a culture of automation and shared ownership
  • Champion DevSecOps practices and culture across Development, Operations, Security, and Compliance teams.
  • Define and track KPIs: vulnerability remediation time, security gate pass rate, MTTR, deployment frequency, and alert reduction.

AWS Cloud Environment Management & Security

  • Design, implement, and govern secure AWS architectures (multi-account landing zones via Control Tower, VPCs, EKS, Lambda, RDS, etc.) using Infrastructure as Code (Terraform, AWS CloudFormation, CDK).
  • Enforce least-privilege IAM, encryption (KMS), secrets management, network security, and data sovereignty for POPIA compliance. C2 General
  • Leverage AWS-native services: Amazon Inspector, GuardDuty, Security Hub, Config, IAM Access Analyzer, and AWS Security Agent for automated security.

Build and Secure CI/CD Pipelines & Automation

  • Build and evolve secure CI/CD pipelines (AWS CodePipeline, GitLab), optimizing workflows to automate testing, builds, and deployments with security gates (SAST, DAST, SCA, IaC, secret, and container scanning)

Monitoring, Alerting & Observability

  • Architect comprehensive monitoring and alerting using AWS CloudWatch, GuardDuty,
  • X-Ray, EventBridge, and SIEM integrations.
  • Design intelligent alerting with automated routing, escalation, noise reduction, and rapid incident response processes (critical for Cybercrimes Act obligations).
  • Set up monitoring, logging, and alerting to maintain high availability and performance.
  • Ensure 24/7 visibility into security posture, performance, and compliance.

Cybersecurity, Penetration Testing & Risk Management

  • Lead and coordinate regular penetration testing
  • Oversee vulnerability management: scanning, risk-based prioritization, remediation tracking, and exception processes.
  • Conduct threat modelling, runtime protection, supply-chain security, zero-trust implementation, and incident response.
  • Ensure “appropriate, reasonable technical and organisational measures” for POPIA
  • Condition 7 (Security Safeguards), including encryption, access controls, logging, and regular testing.

Compliance, Governance & Continuous Improvement

  • Support audits and evidence collection
  • Collaborate on release management with security go/no-go decisions.
  • Stay current with AWS security updates, emerging threats, and South African regulatory changes.
  • Drive maturity of DevSecOps practices and conduct regular AWS Well-Architected
  • Framework reviews (Security Pillar).

Qualifications & Experience
Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering

Experience

  • 8–10+ years in DevOps, Cloud Engineering, or Cybersecurity.
  • 3–5+ years in technical leadership or management roles.
  • Strong hands-on AWS experience
  • Proven track record in regulated environments with POPIA/GDPR compliance.
  • C2 General

Certifications

• AWS Certified Security – Specialty or AWS Certified DevOps Engineer – Professional.

• CISSP, CISM, CCSP, or CISA.

Essential Skills & Competencies

Technical:

  • Deep expertise in AWS.
  • Proficiency with security tools (Inspector, GuardDuty, SAST/DAST like SonarQube, SIEM).
  • Proficiency in at least one scripting language (Python, Bash, PowerShell).
  • Strong experience with Linux, networking, and Git.
  • Hands-on expertise with CI/CD, IaC, Docker/Kubernetes, and at least one major cloud platform (AWS/Azure/GCP certifications preferred).
  • Penetration testing methodologies and vulnerability management.
  • Knowledge of monitoring, observability, and infrastructure security.

Leadership & Soft Skills:

  • Excellent stakeholder communication (technical to executive level).
  • Ability to drive cultural change in hybrid/fast-paced environments.
  • Strong problem-solving, metrics-driven approach, and collaboration skills.

For more Job Opportunities click HERE
To stay up to date with all new positions coming in follow us on LinkedIn

Job Category: DevSecOps Manager
Job Type: 12 Month Contract
Job Location: Midrand
Education: Relevant Qualifications
Level: Mid - Seior Level
Working Hours: Hybrid 3 Days Office

Apply for this position

Allowed Type(s): .pdf, .doc, .docx