Manager - Engineering, Development, Security & Operations(DevSecOps) job at MTN-Uganda

Background information about the job or company (e.g., role context, company overview)

Want to know more about us? We’ve got you! Please scroll to the end of the section to get to know us better.

Job Description

Job Title: Manager Engineering, Development, Security & Operations (DevSecOps)

Reporting to: Senior Manager Solution Architecture

Division – Technology

Mission/ Core purpose of the Job

To Lead and grow an in‑house engineering capability that designs, builds, secures, deploys, and operates digital financial services platforms (e.g., wallet, payments, APIs, integrations). Own the full software delivery lifecycle (SDLC) and DevSecOps practices—ensuring secure-by-design delivery, reliability, speed-to-market, and regulatory compliance across environments (dev/QA/stage/prod).

Responsibilities or duties

Main Job Functions:

Engineering Leadership & Delivery

• Lead cross-functional squads to ship features and platforms on predictable cadences (sprints/PI).
• Define engineering standards: coding, branching, code review, testing, and release criteria.
• Drive architecture with the Enterprise/Platform Architect (microservices, event-driven, API-first).
• Remove delivery blockers; manage tech debt; enforce “definition of done”.

DevSecOps & Platform Engineering

• Own CI/CD pipelines, artifact repositories, infrastructure-as-code (IaC), secrets management, release automation, and environment parity.
• Implement secure-by-design: SAST/DAST, dependency scanning, container image scanning, SBOMs, signed artifacts, and policy-as-code.
• Establish golden paths/templates for services and infrastructure.

Cloud/Container & Runtime Operations

• Operate and optimize cloud/Kubernetes platforms (HA, autoscaling, backups, DR, multi‑AZ/region where applicable).
• Manage configuration, service mesh, API gateways, ingress/egress, certificates, and key rotations.
• Champion FinOps: capacity planning, rightsizing, tagging, cost visibility and governance.

Reliability, Observability & Incident Management

• Implement SLOs/SLIs, error budgets, proactive alerting, and runbooks.
• Lead incident response (on-call rotations, post-incident reviews, corrective actions).
• Ensure performance, resilience, and latency objectives for customer‑facing journeys.

Security, Risk & Compliance

• Align SDLC and operations to PCI DSS, ISO 27001/27002, SOC 2, local data protection, and internal security policies.
• Enforce least privilege, network segmentation, VPNs, IP whitelisting, WAF, and API security.
• Coordinate vulnerability management and pen test remediation with InfoSec and R&C.

Quality Engineering

• Institutionalize automated testing (unit, integration, contract, E2E), test data management, and quality gates in CI/CD.
• Promote shift‑left testing and canary/blue‑green deployment strategies.

APIs, Integrations & Ecosystem

• Govern API lifecycle (design, versioning, documentation, developer portal, monitoring).
• Ensure robust, secure integrations with banks, merchants, and 3PPs via VPNs, mTLS, whitelisting, and signed CSRs.
• Maintain sandbox/staging for partners and certification processes.

People, Culture & Vendor Management

• Hire, mentor, and develop engineers; foster a blameless, learning culture.
• Manage vendors/partners; ensure contract deliverables, SLAs, knowledge transfer, and source code/IP obligations.
• Own workforce planning, succession, and skills uplift (cloud-native, security, automation).

Governance & Documentation

• Maintain architecture diagrams, runbooks, SOPs, playbooks, and asset inventories.
• Drive change, release, and configuration management aligned to audit standards.
• Produce management reporting on KPIs/OKRs, risks, incidents, and roadmap health.

Qualifications or requirements (e.g., education, skills)

Education:

• Minimum 4-year Academic Degree with Honors (B Eng. / BSc Computer Science / Engineering or equivalent Degree Preferred)
• Relevant certification/accreditation/membership with professional body as required for role e.g., TOGAF

Experience needed

Experience:

• 5–7+ years in software engineering with 3–5+ years leading DevOps/Platform/SRE/Engineering teams in FinTech, payments, or high‑availability digital platforms.
• Domain: Payments/wallets, banking integrations, digital channels, KYC, fraud controls, reconciliation/settlement, regulatory environments.
• Languages: Java/Kotlin, .NET/C#, Node.js, Python, or Go (at least two).
• APIs & Messaging: REST/GraphQL, gRPC; Kafka/RabbitMQ; API Gateway management.
• Cloud & Containers: AWS/Azure/GCP; Kubernetes, Helm, Docker; service mesh (Istio/Linkerd).
• CI/CD & IaC: Azure DevOps/GitHub Actions/Jenkins; Terraform, Ansible; artifact registries (Nexus/Artifactory).
• Observability: Prometheus/Grafana, ELK/EFK, OpenTelemetry, Jaeger/Tempo; incident tooling (PagerDuty/Opsgenie).
• Security Tooling: SAST (e.g., SonarQube), DAST (e.g., OWASP ZAP), dependency scanning (e.g., Trivy/Snyk), secrets mgmt (e.g., Vault/KMS), container/image signing (Cosign), WAF/IDS/IPS.
• Data: PostgreSQL/MySQL, Redis, object storage; basics of data pipelines for events/audit trails.
• Standards/Compliance: PCI DSS, ISO 27001/27002, OWASP ASVS/Top 10, NIST CSF.

Competencies:

Technical Proficiency:

Skills

• Strong stakeholder management; ability to translate business goals into delivery plans.
• Excellent communication and documentation; effective incident leadership under pressure.
• Coaching mindset; continuous improvement and measurable outcomes orientation.

Behavioral Qualities

• Complete Accountability
• Courage
• Relational
• Adaptable
• Complete candour
• Culturally aware
• Emotional Maturity (High EQ)
• Innovation
• Integrity
• Leadership
• Team Player

Any other provided details (e.g., benefits, work environment, team info, or additional notes)

NB: Presentation of false academic documents and certification will lead to criminal prosecution. Any form of canvassing will lead to automatic disqualification. Should you not hear from us within fourteen (14) days from the closing date of this advertisement, you may consider your application to be unsuccessful.

Female candidates are strongly encouraged to apply.

• Lead cross-functional squads to ship features and platforms on predictable cadences (sprints/PI).
• Define engineering standards: coding, branching, code review, testing, and release criteria.
• Drive architecture with the Enterprise/Platform Architect (microservices, event-driven, API-first).
• Remove delivery blockers; manage tech debt; enforce “definition of done”.
• Own CI/CD pipelines, artifact repositories, infrastructure-as-code (IaC), secrets management, release automation, and environment parity.
• Implement secure-by-design: SAST/DAST, dependency scanning, container image scanning, SBOMs, signed artifacts, and policy-as-code.
• Establish golden paths/templates for services and infrastructure.
• Operate and optimize cloud/Kubernetes platforms (HA, autoscaling, backups, DR, multi‑AZ/region where applicable).
• Manage configuration, service mesh, API gateways, ingress/egress, certificates, and key rotations.
• Champion FinOps: capacity planning, rightsizing, tagging, cost visibility and governance.
• Implement SLOs/SLIs, error budgets, proactive alerting, and runbooks.
• Lead incident response (on-call rotations, post-incident reviews, corrective actions).
• Ensure performance, resilience, and latency objectives for customer‑facing journeys.
• Align SDLC and operations to PCI DSS, ISO 27001/27002, SOC 2, local data protection, and internal security policies.
• Enforce least privilege, network segmentation, VPNs, IP whitelisting, WAF, and API security.
• Coordinate vulnerability management and pen test remediation with InfoSec and R&C.
• Institutionalize automated testing (unit, integration, contract, E2E), test data management, and quality gates in CI/CD.
• Promote shift‑left testing and canary/blue‑green deployment strategies.
• Govern API lifecycle (design, versioning, documentation, developer portal, monitoring).
• Ensure robust, secure integrations with banks, merchants, and 3PPs via VPNs, mTLS, whitelisting, and signed CSRs.
• Maintain sandbox/staging for partners and certification processes.
• Hire, mentor, and develop engineers; foster a blameless, learning culture.
• Manage vendors/partners; ensure contract deliverables, SLAs, knowledge transfer, and source code/IP obligations.
• Own workforce planning, succession, and skills uplift (cloud-native, security, automation).
• Maintain architecture diagrams, runbooks, SOPs, playbooks, and asset inventories.
• Drive change, release, and configuration management aligned to audit standards.
• Produce management reporting on KPIs/OKRs, risks, incidents, and roadmap health.

• Strong stakeholder management; ability to translate business goals into delivery plans.
• Excellent communication and documentation; effective incident leadership under pressure.
• Coaching mindset; continuous improvement and measurable outcomes orientation.
• Complete Accountability
• Courage
• Relational
• Adaptable
• Complete candour
• Culturally aware
• Emotional Maturity (High EQ)
• Innovation
• Integrity
• Leadership
• Team Player

• Minimum 4-year Academic Degree with Honors (B Eng. / BSc Computer Science / Engineering or equivalent Degree Preferred)
• Relevant certification/accreditation/membership with professional body as required for role e.g., TOGAF
• 5–7+ years in software engineering with 3–5+ years leading DevOps/Platform/SRE/Engineering teams in FinTech, payments, or high‑availability digital platforms.
• Domain: Payments/wallets, banking integrations, digital channels, KYC, fraud controls, reconciliation/settlement, regulatory environments.
• Languages: Java/Kotlin, .NET/C#, Node.js, Python, or Go (at least two).
• APIs & Messaging: REST/GraphQL, gRPC; Kafka/RabbitMQ; API Gateway management.
• Cloud & Containers: AWS/Azure/GCP; Kubernetes, Helm, Docker; service mesh (Istio/Linkerd).
• CI/CD & IaC: Azure DevOps/GitHub Actions/Jenkins; Terraform, Ansible; artifact registries (Nexus/Artifactory).
• Observability: Prometheus/Grafana, ELK/EFK, OpenTelemetry, Jaeger/Tempo; incident tooling (PagerDuty/Opsgenie).
• Security Tooling: SAST (e.g., SonarQube), DAST (e.g., OWASP ZAP), dependency scanning (e.g., Trivy/Snyk), secrets mgmt (e.g., Vault/KMS), container/image signing (Cosign), WAF/IDS/IPS.
• Data: PostgreSQL/MySQL, Redis, object storage; basics of data pipelines for events/audit trails.
• Standards/Compliance: PCI DSS, ISO 27001/27002, OWASP ASVS/Top 10, NIST CSF.