DevSecOps Engineer

Mukuru is one of Africa’s leading fintech companies, empowering millions across borders through accessible and secure financial services. We’re growing fast — and with that comes the responsibility to safeguard our systems, our people, and our customers.

We’re looking for a DevSecOps Engineer who’s passionate about cloud security, automation, and innovation — someone who thrives in solving complex problems, enjoys hands‑on technical work, and believes that great security enables great business.

As a DevSecOps Engineer, you’ll play a key role in strengthening Mukuru’s security posture across all platforms, infrastructure, and applications. You’ll be the bridge between development, operations, and security, ensuring every line of code and every deployment meets the highest security standards.

From designing secure architectures to automating threat detection, this is your chance to shape the way Mukuru builds, protects, and scales its systems in a fast‑moving fintech environment.

Security Engineering & Automation

• Uplift and maintain Mukuru’s security posture across AWS, APIs, Kubernetes, WAFs, and Azure environments.
• Review, enhance, and automate security controls and tooling across multiple platforms.
• Integrate security tools into CI/CD pipelines to enable secure‑by‑design development.
• Manage vulnerability scanning, patching, and configuration hardening processes.
• Conduct regular security audits and implement best practices aligned with ISO27001, CIS20, and OWASP.

Monitoring & Incident Response

• Monitor systems for breaches, vulnerabilities, and suspicious activity.
• Build and improve alerting and visibility systems for proactive security monitoring.
• Investigate incidents, perform root‑cause analysis, and lead forensic investigations when necessary.
• Provide reporting and metrics to leadership for transparency and improvement.

Resilience & Reliability

• Support DR and BCM testing, ensuring system reliability under stress.
• Contribute to site reliability engineering initiatives and infrastructure resilience.

Continuous Improvement

• Test and evaluate emerging security technologies.
• Collaborate with engineering and product teams to embed security early in the SDLC.
• Stay informed on global cybersecurity trends and threats to keep Mukuru ahead of the curve.

• 5+ years’ experience in IT systems security, DevOps, or DevSecOps.
• Proven experience managing AWS production environments.
• Strong understanding of CI/CD, cloud security, containerization, and API security.
• Experience with tools such as Terraform, AWS GuardDuty, Tenable, Puppet, Cloudflare, and WAFs.
• Familiarity with ISO27001, PCI DSS, POPIA, MITRE, CIS20, or OWASP frameworks.
• Tertiary qualification in Computer Science or related field (Essential).
• Certifications such as AWS Certified Security, CISSP, CISM, OSCP, or DevSecOps (Highly Desirable).

• Problem‑solving complex technical issues with creativity and precision.
• Automating security processes to make protection scalable.
• Collaborating across teams while balancing security and delivery needs.
• Paying attention to the smallest details — because in security, every detail matters.
• Thinking ahead and staying curious about new technologies and risks.

Should you be appointed in a remote/work from home role at Mukuru, it is your responsibility to ensure that you have uninterrupted internet connectivity and a ‘work‑like’ environment at your home location, in order to deliver your best in terms of performance, productivity and service to our customers.

If you do not receive any response after two weeks, please consider your application unsuccessful.

NB: ALL STAFF APPOINTMENTS WILL BE MADE WITH DUE CONSIDERATION OF THE COMPANY’S DIVERSITY AND INCLUSION PLANS