Job Title DevSecOps Manager Location Midrand - Hybrid Duration 12 months Role Summary This senior role drives secure, automated, and compliant cloud-native delivery while managing monitoring/alerting, penetration testing programs, vulnerability management, and broader cybersecurity initiatives. You will lead a team of DevSecOps engineers, foster a security by design culture, and enable the business to innovate rapidly in a regulated South African and global context. Key Responsibilities DevOps Provision and manage cloud infrastructure as code (Terraform, Ansible, CloudFormation) on AWS, Azure, or GCP. Implement containerization and orchestration (Docker, Kubernetes, Helm) for consistent environments. Automate repetitive tasks, reduce toil, and improve developer experience through self‑service tools. Collaborate with software developers, QA, and security teams to embed DevOps practices (shift-left security, automated testing). Perform root‑cause analysis on production issues, implement fixes, and drive continuous improvement. Participate in on‑call rotations and incident response. Leadership & Team Management Lead, mentor, and develop a high‑performing team of DevOps, SRE, and security engineers. Mentor junior engineers and promote a culture of automation and shared ownership. Champion DevSecOps practices and culture across Development, Operations, Security, and Compliance teams. Define and track KPIs: vulnerability remediation time, security gate pass rate, MTTR, deployment frequency, and alert reduction. AWS Cloud Environment Management & Security Design, implement, and govern secure AWS architectures (multi‑account landing zones via Control Tower, VPCs, EKS, Lambda, RDS, etc.) using Infrastructure as Code (Terraform, AWS CloudFormation, CDK). Enforce least‑privilege IAM, encryption (KMS), secrets management, network security, and data sovereignty for POPIA compliance. Leverage AWS‑native services: Amazon Inspector, GuardDuty, Security Hub, Config, IAM Access Analyzer, and AWS Security Hub for automated security. Build and evolve secure CI/CD pipelines (AWS CodePipeline, GitLab), optimizing workflows to automate testing, builds, and deployments with security gates (SAST, DAST, SCA, IaC, secret, and container scanning). Monitoring, Alerting & Observability Architect comprehensive monitoring and alerting using AWS CloudWatch, GuardDuty, X‑Ray, EventBridge, and SIEM integrations. Design intelligent alerting with automated routing, escalation, noise reduction, and rapid incident response processes (critical for Cybercrimes Act obligations). Set up monitoring, logging, and alerting to maintain high availability and performance. Ensure 24/7 visibility into security posture, performance, and compliance. Cybersecurity, Penetration Testing & Risk Management Lead and coordinate regular penetration testing. Oversee vulnerability management: scanning, risk‑based prioritization, remediation tracking, and exception processes. Conduct threat modelling, runtime protection, supply‑chain security, zero‑trust implementation, and incident response. Ensure appropriate, reasonable technical and organisational measures for POPIA Condition 7 (Security Safeguards), including encryption, access controls, logging, and regular testing. Compliance, Governance & Continuous Improvement Support audits and evidence collection. Collaborate on release management with security go/no‑go decisions. Stay current with AWS security updates, emerging threats, and South African regulatory changes. Drive maturity of DevSecOps practices and conduct regular AWS Well‑Architected Framework reviews (Security Pillar). Qualifications & Experience Education Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or Engineering. Experience 8–10+ years in DevOps, Cloud Engineering, or Cybersecurity. 3–5+ years in technical leadership or management roles. Strong hands‑on AWS experience. Proven track record in regulated environments with POPIA/GDPR compliance. Certifications AWS Certified Security – Specialty or AWS Certified DevOps Engineer – Professional. CISSP, CISM, CCSP, or CISA. Essential Skills & Competencies Technical Deep expertise in AWS. Proficiency with security tools (Inspector, GuardDuty, SAST/DAST like SonarQube, SIEM). Proficiency in at least one scripting language (Python, Bash, PowerShell). Strong experience with Linux, networking, and Git. Hands‑on expertise with CI/CD, IaC, Docker/Kubernetes, and at least one major cloud platform (AWS/Azure/GCP certifications preferred). Penetration testing methodologies and vulnerability management. Knowledge of monitoring, observability, and infrastructure security. Leadership & Soft Skills Excellent stakeholder communication (technical to executive level). Ability to drive cultural change in hybrid/fast‑paced environments. Strong problem‑solving, metrics‑driven approach, and collaboration skills. #J-18808-Ljbffr