DevSecOps Manager

FinX aims to build a digital bank that will deliver on the promise of simple, technologically advanced, and superior customer products & services.

Our Brand and Marketing department is lookout for a creative, talented and experienced Multimedia Creative Designer to join our fast-growing talented team. The candidate for the position should be passionate about creating game-changing and innovative work and comfortable working on anything from high-profile multimedia experiential activations to microsites and larger platform dot-coms and brand campaigns and projects that are multimedia-related.

• Define and implement the DevSecOps strategy and roadmap across cloud, CI/CD, and application layers — ensuring automation, compliance, and resilience by default.
• Architect and secure multi-account AWS environments, including Landing Zones, IAM, SCPs, and Control Tower.
• Embed security automation within CI/CD pipelines (GitLab CI, Jenkins, or GitHub Actions) using SAST, DAST, SCA, and IaC scanning tools.
• Establish Infrastructure as Code (IaC) best practices using Terraform, Helm, and Kubernetes manifests with policy enforcement (OPA, Kyverno).
• Integrate runtime security and observability through container scanning, EDR, and CSPM (e.g., AWS GuardDuty, Security Hub, Prisma Cloud).
• Drive continuous compliance and configuration drift detection against standards like CIS Benchmarks, NIST 800-53, and ISO 27001.
• Implement secure SDLC and DevSecOps maturity frameworks (e.g., OWASP SAMM, BSIMM, SLSA, DORA metrics).
• Oversee vulnerability management, threat modeling, and incident response playbooks for cloud workloads.
• Lead quarterly Security Posture Reviews (Security QBRs), coordinating across Engineering, Risk, and Audit functions.
• Mentor and scale a DevSecOps engineering team, building a culture of automation, observability, and “shift-left” security.

• 8+ years of experience in DevOps, Cloud, or Security Engineering, with at least 4 years in a leadership or architectural role.
• Proven expertise with AWS (multi-account governance, identity, and security automation).
• Strong command of CI/CD, Kubernetes, and Infrastructure as Code (Terraform, Helm, Ansible).

Solid understanding of:

• Security frameworks: NIST 800-53, NIST CSF, CIS Controls v8, ISO/IEC 27001, PCI DSS, OWASP ASVS, SOC 2.
• DevOps standards: DORA Metrics, SRE Principles, ITIL v4, Cloud Adoption Framework (AWS CAF).
• Compliance domains: SBV cybersecurity regulations, GDPR, and data residency policies.
• Experience integrating security as code, policy as code, and compliance as code into CI/CD pipelines.
• Strong background in incident response, cloud monitoring, and posture management (CSPM, CWPP).
• Excellent leadership, stakeholder management, and communication skills.

At FinX, you’ll shape the infrastructure backbone of a fast-scaling digital bank – where innovation meets reliability. You’ll work at the intersection of DevOps, Cloud, and Security, driving automation and resilience in every deployment.