DevSecOps Engineer needed at Mukuru

About the Role

• As a DevSecOps Engineer, you’ll play a key role in strengthening Mukuru’s security posture across all platforms, infrastructure, and applications. You’ll be the bridge between development, operations, and security, ensuring every line of code and every deployment meets the highest security standards.
• From designing secure architectures to automating threat detection, this is your chance to shape the way Mukuru builds, protects, and scales its systems in a fast-moving fintech environment.

What You’ll Do

Security Engineering & Automation

• Uplift and maintain Mukuru’s security posture across AWS, APIs, Kubernetes, WAFs, and Azure environments.
• Review, enhance, and automate security controls and tooling across multiple platforms.
• Integrate security tools into CI/CD pipelines to enable secure-by-design development.
• Manage vulnerability scanning, patching, and configuration hardening processes.
• Conduct regular security audits and implement best practices aligned with ISO27001, CIS20, and OWASP.

Monitoring & Incident Response

• Monitor systems for breaches, vulnerabilities, and suspicious activity.
• Build and improve alerting and visibility systems for proactive security monitoring.
• Investigate incidents, perform root-cause analysis, and lead forensic investigations when necessary.
• Provide reporting and metrics to leadership for transparency and improvement.

Resilience & Reliability

• Support DR and BCM testing, ensuring system reliability under stress.
• Contribute to site reliability engineering initiatives and infrastructure resilience.

Continuous Improvement

• Test and evaluate emerging security technologies.
• Collaborate with engineering and product teams to embed security early in the SDLC.
• Stay informed on global cybersecurity trends and threats to keep Mukuru ahead of the curve.

What You’ll Bring

• 5+ years’ experience in IT systems security, DevOps, or DevSecOps.
• Proven experience managing AWS production environments.
• Strong understanding of CI/CD, cloud security, containerization, and API security.
• Experience with tools such as Terraform, AWS GuardDuty, Tenable, Puppet, Cloudflare, and WAFs.
• Familiarity with ISO27001, PCI DSS, POPIA, MITRE, CIS20, or OWASP frameworks.
• Tertiary qualification in Computer Science or related field (Essential).
• Certifications such as AWS Certified Security, CISSP, CISM, OSCP, or DevSecOps (Highly Desirable).

You’re Great At

• Problem-solving complex technical issues with creativity and precision.
• Automating security processes to make protection scalable.
• Collaborating across teams while balancing security and delivery needs.
• Paying attention to the smallest details — because in security, every detail matters.
• Thinking ahead and staying curious about new technologies and risks.