Senior Cloud Security & DevSecOps Manager FULL TIME & PERMANENT

Job Title: DevSecOps Manager
Location: Midrand – Hybrid
Duration: 12 months
Role Summary
This senior role drives secure, automated, and compliant cloud-native delivery while managing monitoring/alerting, penetration testing programs, vulnerability management, and broader cybersecurity initiatives.You will lead a team of DevSecOps engineers, foster a security by design culture, and enable the business to innovate rapidly in a regulated South African and global context
Key Responsibilities
DevOps
Provision and manage cloud infrastructure as code (Terraform, Ansible,
CloudFormation) on AWS, Azure, or GCP.
Implement containerization and orchestration (Docker, Kubernetes, Helm) for
consistent environments.
Automate repetitive tasks, reduce toil, and improve developer experience through self
service tools
Collaborate with software developers, QA, and security teams to embed DevOps
practices (shift-left security, automated testing).
Perform root-cause analysis on production issues, implement fixes, and drive
continuous improvement.
Participate in on-call rotations and incident response.
Leadership & Team Management
Lead, mentor, and develop a high-performing team of DevOps, SRE, and security
engineers.
Mentor junior engineers and promote a culture of automation and shared ownershipChampion DevSecOps practices and culture across Development, Operations, Security, and Compliance teams.Define and track KPIs: vulnerability remediation time, security gate pass rate, MTTR, deployment frequency, and alert reduction.
AWS Cloud Environment Management & Security
Design, implement, and govern secure AWS architectures (multi-account landing
zones via Control Tower, VPCs, EKS, Lambda, RDS, etc.) using Infrastructure as
Code (Terraform, AWS CloudFormation, CDK).
Enforce least-privilege IAM, encryption (KMS), secrets management, network
security, and data sovereignty for POPIA compliance.
Leverage AWS-native services: Amazon Inspector, GuardDuty, Security Hub, Config,
IAM Access Analyzer, and AWS Security Agent for automated security.
Build and Secure CI/CD Pipelines & AutomationBuild and evolve secure CI/CD pipelines (AWS CodePipeline, GitLab), optimizing
workflows to automate testing, builds, and deployments with security gates (SAST,
DAST, SCA, IaC, secret, and container scanning)
Monitoring, Alerting & Observability
Architect comprehensive monitoring and alerting using AWS CloudWatch, GuardDuty,
X-Ray, EventBridge, and SIEM integrations.
Design intelligent alerting with automated routing, escalation, noise reduction, and
rapid incident response processes (critical for Cybercrimes Act obligations).
Set up monitoring, logging, and alerting to maintain high availability and performance.Ensure 24/7 visibility into security posture, performance, and compliance.
Cybersecurity, Penetration Testing & Risk Management
Lead and coordinate regular penetration testing Oversee vulnerability management: scanning, risk-based prioritization, remediation
tracking, and exception processes.
Conduct threat modelling, runtime protection, supply-chain security, zero-trust
implementation, and incident response.
Ensure appropriate, reasonable technical and organisational measures for POPIA
Condition 7 (Security Safeguards), including encryption, access controls, logging,
and regular testing.
Compliance, Governance & Continuous Improvement
Support audits and evidence collectionCollaborate on release management with security go/no-go decisions.Stay current with AWS security updates, emerging threats, and South African
regulatory changes.
Drive maturity of DevSecOps practices and conduct regular AWS Well-ArchitectedFramework reviews (Security Pillar).
Qualifications & Experience
Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering
Experience
8–10+ years in DevOps, Cloud Engineering, or Cybersecurity.3–5+ years in technical leadership or management roles.Strong hands-on AWS experienceProven track record in regulated environments with POPIA/GDPR compliance.
Certifications
AWS Certified Security – Specialty or AWS Certified DevOps Engineer – Professional.CISSP, CISM, CCSP, or CISA.
Essential Skills & Competencies
Technical:
Deep expertise in AWS.Proficiency with security tools (Inspector, GuardDuty, SAST/DAST like SonarQube,SIEM).Proficiency in at least one scripting language (Python, Bash, PowerShell).Strong experience with Linux, networking, and Git.Hands-on expertise with CI/CD, IaC, Docker/Kubernetes, and at least one majorcloud platform (AWS/Azure/GCP certifications preferred).Penetration testing methodologies and vulnerability management.Knowledge of monitoring, observability, and infrastructure security.
Leadership & Soft Skills:
Excellent stakeholder communication (technical to executive level).Ability to drive cultural change in hybrid/fast-paced environments.Strong problem-solving, metrics-driven approach, and collaboration skills.