Website Optimal Growth Technologies
Optimal Growth Technologies provides organizations of all sizes with the best, most trustworthy solutions. In the ever-evolving technology market, we believe that companies need reliable allies who can guide them through the challenges that accompany technological growth
Role Summary
This senior role drives secure, automated, and compliant cloud-native delivery while managing monitoring/alerting, penetration testing programs, vulnerability management, and broader cybersecurity initiatives.
You will lead a team of DevSecOps engineers, foster a security by design culture, and enable the business to innovate rapidly in a regulated South African and global context
Key Responsibilities
DevOps
Provision and manage cloud infrastructure as code (Terraform, Ansible, CloudFormation) on AWS, Azure, or GCP.
Implement containerization and orchestration (Docker, Kubernetes, Helm) for consistent environments.
Automate repetitive tasks, reduce toil, and improve developer experience through self service tools
Collaborate with software developers, QA, and security teams to embed DevOps practices (shift-left security, automated testing).
Perform root-cause analysis on production issues, implement fixes, and drive continuous improvement.
Participate in on-call rotations and incident response.
Leadership & Team Management
Lead, mentor, and develop a high-performing team of DevOps, SRE, and security engineers.
Mentor junior engineers and promote a culture of automation and shared ownership
Champion DevSecOps practices and culture across Development, Operations, Security, and Compliance teams.
Define and track KPIs: vulnerability remediation time, security gate pass rate, MTTR, deployment frequency, and alert reduction.
AWS Cloud Environment Management & Security
Design, implement, and govern secure AWS architectures (multi-account landing zones via Control Tower, VPCs, EKS, Lambda, RDS, etc.) using Infrastructure as Code (Terraform, AWS CloudFormation, CDK).
Enforce least-privilege IAM, encryption (KMS), secrets management, network security, and data sovereignty for POPIA compliance.
Leverage AWS-native services: Amazon Inspector, GuardDuty, Security Hub, Config, IAM Access Analyzer, and AWS Security Agent for automated security.
Build and Secure CI/CD Pipelines & Automation
Build and evolve secure CI/CD pipelines (AWS CodePipeline, GitLab), optimizing workflows to automate testing, builds, and deployments with security gates (SAST,
DAST, SCA, IaC, secret, and container scanning)
Monitoring, Alerting & Observability
Architect comprehensive monitoring and alerting using AWS CloudWatch, GuardDuty, X-Ray, EventBridge, and SIEM integrations.
Design intelligent alerting with automated routing, escalation, noise reduction, and rapid incident response processes (critical for Cybercrimes Act obligations).
Set up monitoring, logging, and alerting to maintain high availability and performance.
Ensure 24/7 visibility into security posture, performance, and compliance.
Cybersecurity, Penetration Testing & Risk Management
Lead and coordinate regular penetration testing
Oversee vulnerability management: scanning, risk-based prioritization, remediation tracking, and exception processes.
Conduct threat modelling, runtime protection, supply-chain security, zero-trust implementation, and incident response.
Ensure appropriate, reasonable technical and organisational measures for POPIA Condition 7 (Security Safeguards), including encryption, access controls, logging, and regular testing.
Compliance, Governance & Continuous Improvement
Support audits and evidence collection
Collaborate on release management with security go/no-go decisions.
Stay current with AWS security updates, emerging threats, and South African regulatory changes.
Drive maturity of DevSecOps practices and conduct regular AWS Well-Architected
Framework reviews (Security Pillar).
Qualifications & Experience
Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Engineering
Experience
8–10+ years in DevOps, Cloud Engineering, or Cybersecurity.
3–5+ years in technical leadership or management roles.
Strong hands-on AWS experience
Proven track record in regulated environments with POPIA/GDPR compliance.
Certifications
AWS Certified Security – Specialty or AWS Certified DevOps Engineer – Professional.
CISSP, CISM, CCSP, or CISA.
Essential Skills & Competencies
Technical:
Deep expertise in AWS.
Proficiency with security tools (Inspector, GuardDuty, SAST/DAST like SonarQube, SIEM).
Proficiency in at least one scripting language (Python, Bash, PowerShell).
Strong experience with Linux, networking, and Git.
Hands-on expertise with CI/CD, IaC, Docker/Kubernetes, and at least one major
cloud platform (AWS/Azure/GCP certifications preferred).
Penetration testing methodologies and vulnerability management.
Knowledge of monitoring, observability, and infrastructure security.
Leadership & Soft Skills:
Excellent stakeholder communication (technical to executive level).
Ability to drive cultural change in hybrid/fast-paced environments.
Strong problem-solving, metrics-driven approach, and collaboration skills.
go to method of application »
Apply via company website ( N / A ) or