Senior DevSecOps Engineer

I'm excited to share that one of our clients in South Africa is hiring for a Senior DevSecOps Engineer. Below are the job details. If you're interested, please send your CV to apply.

Title: Senior DevSecOps Engineer – Multi-Cloud & Full Stack
Location: South Africa
Duration: Permanent, fulltime (open to contract as well)
Job Type: Fully Remote

Must have GCP experience.

About the Role

• We are seeking a Senior DevSecOps Engineer with experience in one or more major cloud platforms (GCP, Azure, or AWS). Strong expertise in a single cloud is welcome, while candidates with multi-cloud experience will have a distinct advantage. A solid background in full stack software engineering is also essential.
• In this role, you will play a key part in building, scaling, and automating infrastructure for high-performance systems. You'll be expected to apply sound architectural thinking across the stack. We’re looking for someone with deep technical competence, a passion for robust system design, and an independent, proactive mindset - someone who does not rely on excessive oversight or hand-holding to deliver outcomes.

Responsibilities

• Design, build, and maintain cloud-native and hybrid infrastructure across AWS, GCP, and/or Azure.
• Own CI/CD pipelines end-to-end, optimizing for reliability, speed, and security.
• Lead efforts in infrastructure-as-code (e.g., Terraform, Pulumi) and Kubernetes operations.
• Partner with software engineers to ensure seamless deployments, observability, and scaling.
• Architect and maintain secure, cost-efficient cloud environments aligned with business goals.
• Write clean, maintainable code in one or more backend and frontend stacks (e.g., Python, Node.js, Go, React, etc.).
• Lead incident response and postmortem processes, improving system resilience.
• Champion DevSecOps best practices and infrastructure observability.
• Contribute to internal technical standards, architecture documentation, and mentoring.
• Experience integrating security scanning tools (e.g., Snyk, Checkov, Trivy, Aqua) into CI/CD pipelines.
• Proven ability to implement and manage policy-as-code using tools like OPA (Open Policy Agent) or HashiCorp Sentinel.
• Solid understanding of Secrets Management and experience with tools like HashiCorp Vault, AWS KMS, Azure Key Vault, or Google Secret Manager.
• Experience enforcing least privilege IAM policies and managing secure identities across multi-cloud environments.
• Familiarity with container image signing, SBOMs, and supply chain security (e.g., Sigstore, Cosign, Chainguard).
• Knowledge of compliance frameworks (e.g., ISO27001, SOC 2, CIS Benchmarks) and how to align infrastructure and pipelines to meet them.
• Experience with runtime security monitoring in containerized/Kubernetes environments (e.g., Falco, Sysdig Secure, Datadog CSPM).
• Capable of building automated security guardrails and pre-deployment checks to prevent misconfigurations or vulnerabilities.
• Deep familiarity with threat modeling, vulnerability management, and infrastructure risk mitigation techniques.

Requirements

• 5+ years in DevSecOps/SRE roles with production-level responsibilities.
• 3+ years as a lead developer in a production environment, enterprise corporates will be a bonus.
• Production experience deploying and maintaining workloads in at least one major cloud platform (GCP, Azure, or AWS) is required. Experience with two or more is preferred.
• Strong hands-on experience with Google Cloud - particularly in secure CI/CD pipelines, IAM, and infrastructure automation - is highly desirable.
• Prior experience as a full stack engineer, fluent in at least two backend languages and familiar with frontend frameworks.
• Expertise with container orchestration (Kubernetes), service mesh, and logging/monitoring stacks (Prometheus, Grafana, ELK).
• Hands-on with tools like Terraform, Helm, GitOps workflows, Docker, Vault, ArgoCD, etc.
• Deep understanding of distributed systems, networking, and cloud security principles.
• University Degree in Computer Engineering, Software Engineering, or similar technical discipline.
• Proven track record of shipping infrastructure and product features at scale.
• Strong grasp of systems architecture and an interest in making design trade-offs.
• Comfortable in asynchronous and distributed teams

Bonus

• Experience with hybrid environments or edge/cloud convergence.
• Exposure to serverless architectures, data engineering, or MLOps workflows.
• Active participation in open-source or internal tooling contributions.
• Experience with designing and deploying AI Solutions.