Manager - Engineering, Development, Security & Operations

Job Summary: To Lead and grow an in‑house engineering capability that designs, builds, secures, deploys, and operates digital financial services platforms (e.g., wallet, payments, APIs, integrations). Own the full software delivery lifecycle (SDLC) and DevSecOps practices—ensuring secure-by-design delivery, reliability, speed-to-market, and regulatory compliance across environments (dev/QA/stage/prod).

Key Duties and Responsibilities:
Engineering Leadership & DeliveryLead cross-functional squads to ship features and platforms on predictable cadences (sprints/PI).Define engineering standards: coding, branching, code review, testing, and release criteria.Drive architecture with the Enterprise/Platform Architect (microservices, event-driven, API-first).Remove delivery blockers; manage tech debt; enforce “definition of done”.DevSecOps & Platform EngineeringOwn CI/CD pipelines, artifact repositories, infrastructure-as-code (IaC), secrets management, release automation, and environment parity.Implement secure-by-design: SAST/DAST, dependency scanning, container image scanning, SBOMs, signed artifacts, and policy-as-code.Establish golden paths/templates for services and infrastructure.Cloud/Container & Runtime OperationsOperate and optimize cloud/Kubernetes platforms (HA, autoscaling, backups, DR, multi‑AZ/region where applicable).Manage configuration, service mesh, API gateways, ingress/egress, certificates, and key rotations.Champion FinOps: capacity planning, rightsizing, tagging, cost visibility and governance.Reliability, Observability & Incident ManagementImplement SLOs/SLIs, error budgets, proactive alerting, and runbooks.Lead incident response (on-call rotations, post-incident reviews, corrective actions).Ensure performance, resilience, and latency objectives for customer‑facing journeys.Security, Risk & ComplianceAlign SDLC and operations to PCI DSS, ISO 27001/27002, SOC 2, local data protection, and internal security policies.Enforce least privilege, network segmentation, VPNs, IP whitelisting, WAF, and API security.Coordinate vulnerability management and pen test remediation with InfoSec and R&C.Quality EngineeringInstitutionalize automated testing (unit, integration, contract, E2E), test data management, and quality gates in CI/CD.Promote shift‑left testing and canary/blue‑green deployment strategies.APIs, Integrations & EcosystemGovern API lifecycle (design, versioning, documentation, developer portal, monitoring).Ensure robust, secure integrations with banks, merchants, and 3PPs via VPNs, mTLS, whitelisting, and signed CSRs.Maintain sandbox/staging for partners and certification processes.People, Culture & Vendor ManagementHire, mentor, and develop engineers; foster a blameless, learning culture.Manage vendors/partners; ensure contract deliverables, SLAs, knowledge transfer, and source code/IP obligations.Own workforce planning, succession, and skills uplift (cloud-native, security, automation).Governance & DocumentationMaintain architecture diagrams, runbooks, SOPs, playbooks, and asset inventories.Drive change, release, and configuration management aligned to audit standards.Produce management reporting on KPIs/OKRs, risks, incidents, and roadmap health.