Assistant Manager, (DevSecOps), Information Technology

Job Summary

The Assistant Manager, Information Technology (DevSecOps) will be responsible for integrating security practices within the software development lifecycle (SDLC), managing application security, vulnerability assessments, and security automation. The role involves coordinating security projects, ensuring compliance, and enhancing the security posture of Afreximbank’s IT infrastructure.

The ideal candidate should have strong expertise in DevSecOps, vulnerability scanning, penetration testing, cloud security, and security automation within a financial or multinational environment.

Key Responsibilities

DevSecOps Security Implementation

• Coordinate application security projects and services across Afreximbank and its subsidiaries.
• Implement security automation frameworks, integrating security into DevOps pipelines.
• Manage vulnerability assessments (VA), penetration testing (PT), and remediation tracking for all applications.
• Ensure compliance with secure software development life cycle (SDLC) principles.
• Oversee security controls automation to enhance security efficiency.

Vulnerability & Risk Management

• Conduct security testing for web and mobile applications, ensuring adherence to OWASP standards.
• Develop and execute remediation plans for identified vulnerabilities.
• Monitor and manage key security tools including SAST, DAST, and vulnerability scanning tools.
• Define and maintain password policies, certificate management, and security configurations.

Security Compliance & Governance

• Define security documentation and policies for application development teams.
• Ensure compliance with industry security standards (CIS, NIST, ISO 27001, OWASP, etc.).
• Support internal KPIs and KRIs for security compliance tracking.
• Work closely with audit teams to ensure compliance with security guidelines.

Cloud Security & Automation

• Support secure deployment, monitoring, and infrastructure management in a cloud environment.
• Implement container security for Kubernetes, Docker, OpenShift, and similar platforms.
• Ensure security automation using scripting tools (Python, Bash, etc.) for CI/CD pipelines.
• Collaborate with development teams to integrate security into DevOps workflows.

Minimum Qualifications & Experience

• Education:

  • Bachelor’s or Master’s degree in Computer Science, Telecommunications, or Information Security.
  • Certifications in Cloud Security (AWS, Azure, GCP), OSCP, CEH, or equivalent are preferred.

• Experience:

  • Minimum 5 years of experience in DevSecOps, security engineering, or related fields.
  • Experience in secure software development, security automation, and DevOps integration.
  • Expertise in penetration testing, vulnerability management, and security configuration.

• Technical Skills & Knowledge:

  • Strong knowledge of DevSecOps tools (SAST, DAST, vulnerability scanners).
  • Experience with CI/CD tools (Jenkins, GitLab, Bamboo, TeamCity).
  • Familiarity with container security (Docker, Kubernetes, OpenShift).
  • Ability to perform penetration testing (Burp Suite, Metasploit, Nmap, etc.).
  • Proficiency in programming and scripting (Python, Bash, PowerShell).
  • Understanding of cloud security best practices and key management systems.

• Soft Skills:

  • Excellent problem-solving and analytical skills.
  • Strong communication and collaboration skills to engage with cross-functional teams.
  • High attention to detail, integrity, and ability to manage security risks proactively.
  • Ability to work independently and deliver security solutions in a fast-paced environment.

Application Process

Interested candidates should submit their CVs to Afreximbank@robertwalters.com with the job title “Assistant Manager, Information Technology (DevSecOps)” clearly stated in the email subject line for proper consideration.