Hiring?Get vetted candidates in 48 hours. Pay only when you hire.Get vetted candidates in 48 hours.
M
Manager - Engineering, Development, Security & Operations(DevSecOps)
MTN
Posted 3 months agoKampala, Uganda
Location
Kampala, Uganda
Job Type
Full-time
Experience
Senior
Category
Telecommunications
Job Description
Reporting to: Senior Manager Solution Architecture
Division – Technology
Mission/ Core purpose of the Job
Institutionalize automated testing (unit, integration, contract, E2E), test data management, and quality gates in CI/CD.
Experience: 5–7+ years in software engineering with 3–5+ years leading DevOps/Platform/SRE/Engineering teams in FinTech, payments, or high‑availability digital platforms.
Domain: Payments/wallets, banking integrations, digital channels, KYC, fraud controls, reconciliation/settlement, regulatory environments.
Security Tooling: SAST (e.g., SonarQube), DAST (e.g., OWASP ZAP), dependency scanning (e.g., Trivy/Snyk), secrets mgmt (e.g., Vault/KMS), container/image signing (Cosign), WAF/IDS/IPS.
NB: Presentation of false academic documents and certification will lead to criminal prosecution. Any form of canvassing will lead to automa
ProGigFinder Press
Fifty silent applications, or one that lands.
Pick any job above and pay $2.99 with MoMo or Card. In 60 seconds you get a CV written for that role: it passes the screening software and reads the way a recruiter expects.
Get my CV for this job: $2.99
Requirements
- Education:
- Minimum 4-year Academic Degree with Honors (B Eng. / BSc Computer Science / Engineering or equivalent Degree Preferred)
- Relevant certification/accreditation/membership with professional body as required for role e.g., TOGAF
- Experience:
- Languages: Java/Kotlin, .NET/C#, Node.js, Python, or Go (at least two).
- APIs & Messaging: REST/GraphQL, gRPC; Kafka/RabbitMQ; API Gateway management.
- Cloud & Containers: AWS/Azure/GCP; Kubernetes, Helm, Docker; service mesh (Istio/Linkerd).
- CI/CD & IaC: Azure DevOps/GitHub Actions/Jenkins; Terraform, Ansible; artifact registries (Nexus/Artifactory).
- Observability: Prometheus/Grafana, ELK/EFK, OpenTelemetry, Jaeger/Tempo; incident tooling (PagerDuty/Opsgenie).
- Data: PostgreSQL/MySQL, Redis, object storage; basics of data pipelines for events/audit trails.
- Standards/Compliance: PCI DSS, ISO 27001/27002, OWASP ASVS/Top 10, NIST CSF.
- Competencies:
- Technical Proficiency:
- Skills
- Strong stakeholder management; ability to translate business goals into delivery plans.
- Excellent communication and documentation; effective incident leadership under pressure.
- Coaching mindset; continuous improvement and measurable outcomes orientation.
- Behavioral Qualities
- Complete Accountability
- Courage
- Relational
- Adaptable
- Complete candour
- Culturally aware
- Emotional Maturity (High EQ)
- Innovation
- Integrity
- Leadership
- Team Player
Responsibilities
- Main Job Functions:
- Lead cross-functional squads to ship features and platforms on predictable cadences (sprints/PI).
- Define engineering standards: coding, branching, code review, testing, and release criteria.
- Drive architecture with the Enterprise/Platform Architect (microservices, event-driven, API-first).
- Remove delivery blockers; manage tech debt; enforce “definition of done”.
- Establish golden paths/templates for services and infrastructure.
- Operate and optimize cloud/Kubernetes platforms (HA, autoscaling, backups, DR, multi‑AZ/region where applicable).
- Manage configuration, service mesh, API gateways, ingress/egress, certificates, and key rotations.
- Champion FinOps: capacity planning, rightsizing, tagging, cost visibility and governance.
- Implement SLOs/SLIs, error budgets, proactive alerting, and runbooks.
- Lead incident response (on-call rotations, post-incident reviews, corrective actions).
- Ensure performance, resilience, and latency objectives for customer‑facing journeys.
- Security, Risk & Compliance
- Align SDLC and operations to PCI DSS, ISO 27001/27002, SOC 2, local data protection, and internal security policies.
- Enforce least privilege, network segmentation, VPNs, IP whitelisting, WAF, and API security.
- Coordinate vulnerability management and pen test remediation with InfoSec and R&C.
- Quality Engineering
- Promote shift‑left testing and canary/blue‑green deployment strategies.
- APIs, Integrations & Ecosystem
- Govern API lifecycle (design, versioning, documentation, developer portal, monitoring).
- Ensure robust, secure integrations with banks, merchants, and 3PPs via VPNs, mTLS,
- Lead and grow an in‑house engineering capability that designs, builds, secures, deploys, and operates digital financial services platforms (e.g., wallet, payments, APIs, integrations).
- Own the full software delivery lifecycle (SDLC) and DevSecOps practices—ensuring secure-by-design delivery, reliability, speed-to-market, and regulatory compliance across environments (dev/QA/stage/prod).
- Own CI/CD pipelines, artifact repositories, infrastructure-as-code (IaC), secrets management, release automation, and environment parity.
- Implement secure-by-design: SAST/DAST, dependency scanning, container image scanning, SBOMs, signed artifacts, and policy-as-code.
Similar Jobs
Ingénieur NSOC (Network and Security Operations Center) | Devoteam Maroc Nearshore
Devoteam
Rabat, Morocco•
Consultant Senior Securité Réseaux
Devoteam
Tunis, Tunisia•
Expert Network and Security Operations Center N3
Devoteam
Tunis, Tunisia•
Consultant Expert Sécurité des Réseaux (NSOC) N3
Devoteam
Tunis, Tunisia•