INFRASTRUCTURE ENGINEER

Cape Town

Hybrid working (On-site Tuesday and Thursday)

Based on the Cape Town beachfront – a breathtaking expanse of white sand and surf, against the backdrop of the world-famous Table Mountain is our newest addition to LiveScore Group – Wonderlabz.

With a strong legacy collective expertise, the team in Cape Town push the boundaries of gaming design and development, always aiming to provide advanced solutions to complex operational challenges delivering inhouse gaming software to LiveScore Group of the highest quality, every time.

LiveScore Group is home to LiveScore, LiveScore Bet and Virgin Bet and now Wonderlabz - four of the most exciting brands in the sports and gaming industries today. We are passionate and excited about what we do in the Sports Media, Gaming and Betting sector and are proud of the high ratings we have achieved. We live our values, aiming to enhance and increase the enjoyment of sport through innovative products and immersive experiences. Trust is important in how we work, ensuring we are a collaborative unit who holds each other accountable. Relentlessly ambitious in everything we do, we embrace change and understand that failure is part of success.

We use our platform for positive social change and work to build a company our employees are proud to work for. We have a long-term commitment to diversity and inclusion. Our I.D.E.A (Inclusion, Diversity, Equality, Awareness) Forum is critical to our business and is embedded in our organisational structure to support a sense of belonging for everyone and to create a culture that allows all employees to thrive.

The Role

The Infrastructure Engineer’s role is to administer the Online Gaming platforms, ensure optimum performance and availability of such platform, provide third/fourth-level troubleshooting support, and liaise with all applicable service providers and third parties including NOC/1st/2nd line support. Provide technical support to all roles.

Key Responsibilities 

• Partake in the design and implementation of new setups
• Assist in process improvement and automation.
• Test and design new systems/services and their suitability for possible use in production environments
• Proactive monitoring and support of the live and staging infrastructure
• Investigate and react to any live or staging issues that might arise
• Prepare and take part in the periodic release of new software
• Act as an escalation point for issues flagged by customer support
• Handle service requests, incidents, problems and change requests, using ITIL best practice.
• Assist in process improvement and automation.
• Assist in intensive investigations into problems that would included detailed log and metrics analysis to provide detailed analysis, resolution and future prevention of such issues

Skills, Knowledge and Experience

• All-rounder with proven experience in linux based environments with very good IT knowledge
• Possess excellent communication skills, capable of delivering information to both technical as well as non-technical personnel, the ability to work autonomously and in a team environment
• Detect/analyse alarms to provide fault isolation and remote troubleshooting, being a responsible individual for problems until their complete resolution
• Ability to analyse logs for troubleshooting issues, including malicious activity or cybersecurity threats, code and systems errors and problems
• Understands how to direct, support and guide other team members and knows how to motivate them with great attention to detail and acts as a senior technical resource for outages until restoration.
• Production support or implementation of Kubernetes, preferable in google managed Kubernetes environment (GKE) for at least 24 months
• Virtualisation - OpenStack, VMware, Cloud - Experience with any: Google GKE, Amazon EKS, Azure AKS, OpenShift/OKD
• Excellent log analysis and setup of aggregated logging systems such as Splunk/EFK and excellent networking skills including packet capture and analysis
• Excellent monitoring and metrics analysis and systems implementation such as Grafana, APM, Prometheus, Zabbix, etc… with deep knowledge of various monitoring tools and excellent problem-solving skills
• Experience with code repositories GitHub/Gitlab, CI/CD pipelines and DevOps principles and DNS/HTTPS certificates

What can we offer? 

• Discovery medical aid
• 21 days leave
• Discretionary company performance bonus

The Position

The Regional Sales Manager is a significant driver of company revenue and growth. Your responsibilities will include: learning the OPSWAT technology; developing and implementation of a strategic account plans targeting deployments of our Cybersecurity platforms and solutions. You will build the right relationships inside a target account, know how to leverage your company resources to the fullest, and negotiate and close new business. The ideal candidate will have previous work experience as a member of a corporate sales team and a career track record of exceeding multi-million-dollar sales quotas. Candidates selling into critical infrastructure and data diode sales experience are given a preference.

What You Will be Doing

• Strategically target business opportunities that leverage high value use cases, in key verticals.
• Develop and execute sales strategies and tactics to sell OPSWAT products, solutions, and services to exceed your sales quotas.
• Communicate value propositions to clients that speak intimately to their needs and requirements.
• Utilize client-centric, solutions-oriented selling strategies and hunter’s mentality to identify, qualify, convert enterprise sales.
• Effectively articulate financial ROI/TCO value, and build value throughout the negotiation process.
• Maintain extensive account and opportunity detail in Salesforce CRM, including account win plans, customer touch points, sales inhibitors, etc.
• Forecast and report revenue projections accurately to management.
• Overachieve on annual quota, measured quarterly.

What We Need from You 

• A minimum of 5 years successfully selling technology products and solutions to business.
• Bachelor’s degree, preferably in a technical discipline or equivalent experience.
• A successful track record selling complex-solutions directly to enterprise customers and through Channel/SI Partners.
• You’re persuasive, and have excellent negotiation and presentation skills. You can effectively communicate with both technology-oriented and senior business executives at the “C” level, and are comfortable articulating the technical and business value of the OPSWAT platforms.
• Your work is a mix of strategic and proactive account activity, and you have a demonstrated ability of uncovering, qualifying, developing, and closing new accounts.
• Ability to set goals, prioritize tasks, and achieve success with minimal oversight in a sometimes ambiguous work environment.
• You keep your pipeline accurate and your forecast updated for management.
• Possess, at minimum, a fundamental understanding of security threats, solutions, and security tools.
• Excellent time management skills, and work with high levels of autonomy and self-direction.
• You’re highly competitive, ramp quickly, are extremely adaptive, and pride yourself on exceeding sales goals.
• You are able to travel as necessary to your assigned accounts, and to Company meetings.
• Highly ethical and professional personal conduct.

The Position

The Solution Engineer will be the primary technical sales resource for our regional sales team and will assist in identifying customer challenges and driving technical alignment between customer needs and the OPSWAT solutions. You will serve as a product and industry expert, effectively describing and demonstrating our solution as well as promoting our vision and approach. You will be a trusted point of contact for our customers while advancing the sales process.

At the same time, you will be a liaison to the engineering team to drive the direction of the product. The ideal candidate will have previous work experience as a member of a corporate sales team and a career track record of supporting large and complex enterprise sales.

What You Will be Doing

• Work with the OPSWAT sales team as well as partners to drive Enterprise business 
• Manage customer requirements, expectations, and solution buy-in
• Build customer’s confidence and awareness in our products/solutions
• Manage, deliver, and present detailed responses to industry RFPs
• Train and certify resellers and partners
• Present at Conferences and Seminars
• Support proof of concepts, implementations and installs as needed to successfully satisfy customer requirements

What We Need from You 

• 5+ years of cybersecurity or networking software sales engineering or technical sales experience 
• Excellent track record in developing new business and meeting/exceeding sales targets 
• Comfortable leading discussions within the cybersecurity domain to all customer levels (CISO to IT administrator)
• Strong presentation and application demo skills 
• Experience installing and troubleshooting enterprise applications in Windows and Linux environments
• A self-motivator who thrives on identifying and resolving customer pain points.

It Would be Nice if You Had

• Experience in enterprise software or networking solutions, ideally within the network or device security space
• Knowledge of Sandbox and anti-malware products and markets
• A technical understanding of APIs
• Experience working with CRM software

Who we are

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us

Working in Cyber at S-RM

Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Incident Response and Managed Services practices are in more demand than ever.

We’re building a team to meet this challenge.  We’re quick to respond, innovate, and improve.  We don’t get too hung up on hierarchy or bureaucracy.  If your ideas are good enough, we’ll empower you to implement them.  If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical cyber security professional.  We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more.  You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

The role

Cyber Threat Intelligence (CTI) is an integral part of our Incident Response (IR) and Managed Services practices. As a CTI analyst you will be a critical part of our wider cyber team’s success.

You will work across the full intelligence cycle to help our clients respond and recover to security incidents, and stay ahead of evolving threats, including:

• Threat Actor Intelligence: You will track developments in the ransomware and cybercrime ecosystem, and write and update profiles on key threat actors of interest which will be shared with clients to inform case strategy and externally as thought leadership
• Threat Actor Engagement: You will monitor leak sites and negotiation portals across our global IR cases, and inform case leads of regular developments. You will assist with researching and drafting attestations on sanctions exposure for given threat actors
• Dark Web Monitoring: You will use threat intelligence platforms and specialist tools to conduct targeted research the dark web and set up and deliver regular monitoring engagements. You will assist with renewals of these cases
• Technical IOC Management: You will help collate technical indicators of compromise (IOCs) from across our global IR team, ensure these are enriched and correctly classified, and facilitate dissemination across the organisation to improve the operational effectiveness of our IR and Managed Services teams
• Incident Data Collection and Analysis: You will help ensure that incident data collected by our global IR team from our engagements is accurate and consistent. You will assist with the management of this dataset, and with analysis to produce regular reporting on trends and insights to use for presentations, events and training sessions
• CTI-lead analysis: You will assist with in-depth investigations which have a strong threat intelligence component, including conducting research and drafting client-facing reports
• Blockchain analysis: You will use specialist tools to trace ransom payments to identify sanctions exposure or other compliance risks, and draft reports to present findings to clients
• Thought leadership: You will contribute to public write ups and presentations on new vulnerabilities, trends, and threat actor techniques
• Help develop and share domain expertise: We will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
• Help contribute to business development: You will help cultivate and manage close relationships with external partners who we share intelligence with and help identify business development opportunities.

Other features of the role include:

• Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
• Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your cyber threat intelligence and incident response expertise.
• Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.

What we're looking for

Candidates with the following qualifications and experience are likely to succeed as Cyber Threat Intelligence Analysts at S-RM. 

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

Required Skills:

• Excellent written and verbal communication skills, with the ability to produce clear and  concise reports.
• Strong analytical and problem-solving skills, including the ability to work with incomplete, ambiguous, or conflicting information.

• Understanding of foundational cyber concepts, such as common attack vectors (e.g., phishing, credential misuse), high-level security terminology, and general threat actor motivations.
• Understanding of core intelligence concepts, including the intelligence lifecycle, requirements gathering, and the distinction between tactical, operational, and strategic intelligence outputs.

• A demonstrated interest in cyber threats, including financially-motivated activity such as ransomware and extortion.

Preferred Skills:

• Academic or professional background in a research-focused discipline (qualitative or quantitative), such as Political Science, Intelligence Studies, Criminology, Cybersecurity, Computer Science, Data Science, or related fields.
• Familiarity with cybersecurity fundamentals, such as threat actor TTPs, IOCs, and relevant frameworks (e.g., MITRE ATT&CK).
• Ability to contextualize findings into business-relevant assessments, including potential impact, likelihood and recommended mitigations.
• Experience using OSINT and/or Threat Intelligence platforms (e.g. VirusTotal, Shodan, MISP, Recorded Future).

Successful candidates are likely to show the following personal attributes: 

• An investigative mindset and an enthusiasm for investigations.
• Exceptional attention to detail, especially when examining indicators, infrastructure data, and adversary behaviours.
• A collaborative mindset and willingness to collaborate across teams.
• Ability to thrive under pressure, prioritize multiple tasks, and meet short deadlines.
• A self-starter, demonstrating initiative, ownership of work and the ability to identify opportunities to enhance S-RM's cyber capabilities.

Relevant industry certifications are not required for this role. However, holding relevant CTI or cyber security related certifications such as the following is beneficial: GCTI, GCFA, SSCP, or Security+

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside of work. This includes but is not exhaustive of:

• Holiday – 23 days per year increasing to 28 days (+1 day for every year you worked at S-RM, up to a maximum of 5 days) in addition to bank holidays
• Gap Cover policy – allowing you to bridge the gap between your medical bills and your medical aid cover.
• Hybrid working and flexible working hours;
• Private pension – up to 7% contribution matched by the company
• Life Insurance 4X annual salary.

Parental Support:

• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay.
• Various Health and Medical Benefits including:
• Medical aid with Discovery Health for employee, partner, and children up to the cost of the Classic Saver plan(taxable benefit) for you and your family;
• EAP programme for you and your immediate family;
• Free access to the world-famous mindfulness app Headspace.

The application process

We want to get to know you, and for you to get to know us, to see if we’d be a good fit. We are responsive and respectful of people’s time throughout our hiring process.

A typical application process includes:

• Initial screening of your application by our recruiting team.
• An interview to assess your baseline technical skills.
• An interview to discuss your previous experience, broader competencies, and suitability for the role.

At 2U, we are all in on purpose. We are motivated by our mission – to eliminate the back row in education – and connected by our shared passion to deliver world-class digital education at scale. As the parent company of edX, the world’s leading online learning platform, 2U powers more than 4,000 online higher education offerings – from free courses to full degrees. Together with more than 230 colleges, universities, and corporate partners, we are helping to unlock human potential.

What We’re Looking For:

As the Senior Manager of Cybersecurity Operations, you will lead and mature 2U’s global cyber defense and security operations capabilities. This role is accountable for the effective execution of threat detection, incident response, vulnerability management, and operational security monitoring across a global enterprise.

You will manage and develop a team of security engineers responsible for day-to-day security operations, while also acting as the operational bridge between cybersecurity engineering, infrastructure, SRE, IT, and external partners (including managed or embedded resources). While remaining technically credible, your primary focus will be on operational excellence, incident readiness, process maturity, and ensuring consistent, high-quality execution of security operations at scale.

This role requires strong leadership, sound judgment under pressure, and the ability to translate technical security events into clear risk-based communication for senior stakeholders. You will own operational outcomes, ensure alignment to industry frameworks, and continuously improve tools, processes, and team capability to reduce risk across 2U’s most critical systems.

Responsibilities Include, But Are Not Limited To:

Cybersecurity Operations & Execution

• Own and oversee day-to-day cybersecurity operations, ensuring effective threat detection, investigation, response, and remediation across cloud, application, and infrastructure environments.
• Ensure security monitoring, alerting, and response processes are consistently executed, well-documented, and aligned to defined SLAs and severity models.
• Provide operational oversight of security tooling (e.g., SIEM, EDR, SOAR), ensuring tools are properly configured, maintained, and delivering actionable outcomes.
• Drive continuous improvement of operational runbooks, response workflows, and automation to reduce manual effort and improve response quality.

Cybersecurity Incident Management & Operational Readiness

• Own the cybersecurity incident management program, ensuring incidents are triaged, escalated, coordinated, and resolved effectively.
• Ensure clear roles, escalation paths, and communications are in place for security incidents, including coordination with SRE, Engineering, Infrastructure, IT, Legal, Privacy, and Communications teams.
• Lead post-incident reviews for security incidents, driving root cause analysis, remediation tracking, and systemic improvements.
• Ensure incident response practices align with industry standards and internal risk management expectations.

Engineering, Cloud & Application Security Alignment

• Partner with Cloud Security, Application Security, and Engineering teams to ensure security controls, detections, and response requirements are operationalised within cybersecurity operations.
• Ensure outputs from Cloud Security and Application Security initiatives (e.g., controls, detections, alerts, runbooks) are effectively integrated into security monitoring, incident response, and operational workflows.
• Act as the primary intake point for security-relevant operational signals from engineering and platform teams, ensuring they are triaged, prioritised, and actioned appropriately by cybersecurity operations.
• Collaborate with partner teams to identify gaps in detection, response coverage, and operational readiness, and drive improvements to expand and mature cybersecurity operations coverage.
• Serve as an escalation and advisory point for security-related operational issues, ensuring coordination with the appropriate domain owners (Cloud, Application, Infrastructure, SRE) while maintaining clear accountability.

Security Operations Coverage & Readiness

• Ensure cybersecurity operations maintain effective visibility and response capability across cloud, infrastructure, and application environments, aligned to defined risk and threat models.
• Oversee the integration of logging, telemetry, alerts, and response playbooks into operational tooling (e.g., SIEM, SOAR, EDR), without assuming ownership of underlying platform or application architectures.
• Partner with domain security teams to validate that new systems, services, and changes are adequately covered by operational security monitoring and incident response processes.
• Continuously assess and improve operational coverage to ensure cybersecurity operations can detect, respond to, and support incidents across the evolving technical environment.

Proactive Risk & Vulnerability Management

• Own the operational vulnerability management lifecycle, ensuring vulnerabilities are identified, prioritized, remediated, and tracked to closure.
• Use risk-based prioritization to balance remediation effort with business impact and operational realities.
• Ensure security findings and risk trends are translated into clear, actionable insights for technical and non-technical stakeholders.

Team Leadership & Partner Management

• Lead, mentor, and develop cybersecurity operations engineers, fostering a culture of accountability, continuous improvement, and operational excellence.
• Provide direction and oversight to embedded or partner resources (e.g., Sonata), ensuring clear expectations, quality delivery, and alignment to 2U standards.
• Contribute to workforce planning, skills development, and operational maturity of the cybersecurity operations function.

Things That Should Be In Your Background:

• 5+ years experience in cybersecurity or security operations, with progression into technical leadership or people management.
• Experience leading or supporting security operations, incident response, or threat management in complex environments.
• Working knowledge of AWS; exposure to GCP or Azure is a plus.
• Comfortable with scripting/automation (e.g., Python, Bash) to guide and review operational improvements.
• Experience partnering on CI/CD and DevSecOps initiatives to ensure security signals feed into detection and response.
• Familiarity with cloud-native and containerised environments and their operational security risks.
• Required: Hands-on experience with SIEM and EDR platforms supporting security monitoring, investigation, and incident response.
• Beneficial: Experience with SOAR workflows and WAF technologies to support security automation and application protection.
• Strong analytical judgment, able to make risk-based decisions under pressure.
• Clear communicator with both technical teams and senior stakeholders.

Benefits & Culture

Our global employee base is a diverse collection of innovators, dreamers, and doers working together to transform lives through higher education. We believe that every employee can advance our shared purpose, and that life at 2U should be fun and meaningful. If you’re excited by the opportunity to provide over 40 million learners and counting with access to world-class online higher education, then join us – and do work that makes a difference. #NoBackRow

We offer comprehensive benefits (unique per country) and excellent work/life balance.
Full-time, ZA benefits include: 

• 2 complimentary Getsmarter short courses per year
• Subsidised medical aid with Discovery Health Medical Scheme
• 4% 2U contribution towards Discovery Life Pension Fund and Group Risk Benefit
• Employee Assistance Program (EAP)
• Generous leave policy including time off to volunteer for non-profit organization, study leave, sports leave and a company-wide festive season break

2U Diversity and Inclusion Statement

At 2U, we are committed to building and sustaining a culture of belonging, respect, and inclusion. We are proud of the steps we’ve taken to bring together an employee base that embodies diverse walks of life, ideas, genders, ages, races, cultures, sexual orientations, abilities and other unique qualities. We strive to offer a workplace where every employee feels empowered by what makes us different, as well as by how we are alike. 

2U is committed to providing reasonable accommodations during our recruitment process. If you need assistance or accommodations, please reach out to us at: recruitingaccommodations@2u.com. 

About 2U

For more than a decade, 2U has been the digital transformation partner of choice to great non-profit colleges and universities delivering high-quality online education at scale. As the parent company of edX, a leading global online learning platform, 2U provides over 45 million learners with access to world-class education in partnership with more than 230 colleges, universities, and corporations. Our people and technology are powering more than 4,000 digital education offerings — from free courses to full degrees — and helping unlock human potential. To learn more: visit 2U.com.

About edX

edX is the education movement for restless learners and a leading global online learning platform from 2U. Together with the majority of the world’s top-ranked universities and industry-leading companies, we bring our community of over 45 million learners world-class education to support them at every stage of their lives and careers, from free courses to full degrees. And we're not stopping there — we're relentlessly pursuing our vision of a world where every learner can access education to unlock their potential, without the barriers of cost or location. Learn more at edX.org.

Learn more at https://2u.com/careers/
#NoBackRow

The above statements are intended to describe the general nature and level of work performed by individuals assigned to this position, and are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.

2U is an equal opportunity employer that does not discriminate against applicants or employees and ensures equal employment opportunity for all persons regardless of their race, creed, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, marital status, disability, citizenship, military or veterans’ status, or any other classifications protected by applicable federal, state or local laws. 2U’s equal opportunity policy applies to all terms and conditions of employment, including but not limited to recruiting, hiring, training, promotion, job benefits and pay. 

2U is strongly committed to diversity within its community and especially welcomes applications from South African citizens who are members of designated groups who may contribute to Employment Equity within the workplace and the further diversification of ideas. In this regard, the relevant laws and principles associated with Employment Equity will be considered when appointing potential candidates. We are required by law to verify your ability to work lawfully in South Africa. 2U requires that you submit a copy of either your identity document or your passport and any applicable work permit if you are a foreign national, along with an updated curriculum vitae.

About Nintex: 

At Nintex, we are transforming the way people work, everywhere.   

As the global standard for process intelligence and automation, we're trusted by over 10,000 public and private sector organizations across 90 countries. Our customers, from industry giants like Amazon, Coca-Cola, and Microsoft, rely on the Nintex Platform to accelerate their digital transformation journeys by managing, automating, and optimizing business processes quickly and efficiently. We improve their lives through the technology we build.  

We are committed to fostering a workplace that supports amazing people in doing their very best work every day. Collaboration is constant, our workplace is fun, the environment is fast-paced, and we value our people’s curiosity, ideas, and enthusiasm. Driven by passion and accountability, we take initiative, measure progress, and deliver results. Our culture fosters innovation and problem-solving, fueled by curiosity and a commitment to thinking big. Together, we move with agility, prioritize customer needs, and build unity through empathy, leaving a positive impact wherever we go.  

Working in engineering: 

Working at Nintex as an engineer means building more than just software; it’s about making a tangible impact with every line of code. Our engineers are process experts, developing the industry’s most complete process and automation platform to transform the way people work. If you’re interested, curious and want to learn and do more, the sky is the limit here. We take a solutions-oriented and collaborative approach, constantly innovating our business and products. 

About the role: 

As a Platform Security Engineer, you are a developing security professional building expertise in securing cloud-native infrastructure, container platforms, CI/CD pipelines, and product services within the Platform Engineering organization. You take ownership of moderately complex security tasks with increasing autonomy while receiving guidance on architectural decisions and strategic direction. Your focus is the security posture of our platform and product infrastructure — the container orchestration layer, service mesh, observability stack, CI/CD pipelines, and cloud infrastructure that engineering teams build and deploy on.  

You implement and maintain security controls, build standardized security processes for engineering teams (vulnerability management, production security checks, secure build pipelines), support penetration testing and SOC operations for the product environment, contribute to compliance-related activities from the product security perspective, and help embed security practices into the developer experience through tooling and documentation.  

You are building depth and maturity in infrastructure security, application security, and shift-left practices needed to progress toward a senior platform security role. 

Your contribution will be: 

• You implement and maintain security controls across the platform, including container orchestration security policies, network segmentation, role-based access controls, and admission control mechanisms. 
• You manage container image scanning and enforce image policies in CI/CD pipelines and cluster admission, ensuring only vetted and signed images reach production environments. 
• You support infrastructure-as-code security scanning using policy-as-code tooling, flagging and remediating misconfigurations in infrastructure definitions before they reach production. 
• You maintain and improve secrets management workflows, ensuring rotation policies are enforced, access is audited, and no secrets are hardcoded or exposed in source code or configuration. 
• You support cloud security posture management across cloud environments, monitoring for drift, misconfiguration, and compliance deviations against established baselines. 
• You support service mesh security configuration including mutual TLS enforcement, authorization policies, and traffic policies that enforce zero-trust communication between platform services. 
• You contribute to tenant isolation and access control configuration for shared platform services, ensuring appropriate segmentation between teams and environments. 
• You conduct vulnerability assessments of platform and product infrastructure components, coordinating remediation with SRE, Platform Engineering, and product service teams. 
• You maintain a vulnerability tracking system and produce regular reporting on security posture, remediation velocity, and risk trends for engineering leadership. 
• You implement and maintain security gates in CI/CD pipelines including dependency scanning, static application security testing (SAST), software composition analysis (SCA), and container image scanning. 
• You participate in security incident response for platform and product-related events, supporting investigation, containment, evidence preservation, and documentation under guidance from the Senior Platform Security Engineer. 
• You support compliance-related activities from the product security perspective, providing evidence, documentation, and technical validation for audits and assessments (SOC 2, ISO 27001, CIS Benchmarks) without owning the compliance program itself. 
• Vulnerability report generation, security posture dashboards, and remediation workflow tooling. 
• You contribute to security reviews for infrastructure and product changes, providing feedback on pull requests and architecture proposals from a security perspective. 
• You explain security concepts and requirements to engineering teams, empowering them to build securely and understand the rationale behind security controls. 

To be successful, we think you need: 

Minimum Requirements: 

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Engineering, or related field; or equivalent combination of education and experience.
• 2+ years of professional experience in security engineering, infrastructure security, DevSecOps, application security, or related field. 
• Hands-on experience with at least one major cloud platform (Azure or AWS). 
• Working knowledge of container orchestration security concepts in Kubernetes: pod security, role-based access control, network policies, admission controllers. 
• Experience with infrastructure-as-code tools and understanding of how to secure IaC workflows. 
• Understanding of CI/CD pipeline security: dependency scanning, SAST/SCA integration, artifact integrity.
• Understanding of security frameworks and compliance standards (SOC 2, ISO 27001, CIS Benchmarks, OWASP). 
• Proficiency in scripting (Python, Bash, Go, or PowerShell) for security automation and tooling. 
• Proficiency with programing languages ( C#, Javascript/Typescript).
• Experience with or exposure to penetration testing concepts, vulnerability management workflows, and security incident response. 
• Strong communication skills with the ability to explain security findings and build standardized processes that engineering teams adopt. GitHub and/or Azure DevOps pipelines 

 What’s in it for you? 

Nintex has a hybrid working model, enabling us to build culture, learn, and grow together. We intentionally connect and collaborate, while emphasizing flexibility with a blend of at-home and in-office work. This role is a hybrid role in our local Nintex office.

While our offerings differ from country to country, we offer our entire global workforce an array of exciting perks and benefits, including 

• Global Gratitude and Recharge Days
• Flexible, paid time off policy
• Employee wellness programs and counseling resources
• Meaningful peer recognition and awards
• Paid parental leave
• Invention/patenting assistance
• Community impact, paid volunteer time, and opportunities
• Intercultural learning and celebration
• Multiple tools through which to learn and grow, and an incredible global community 

View more about our benefits here: https://www.nintex.com/wp-content/uploads/2023/01/Global-Perks-and-Benefits.pdf.  

Equity Statement: Preference will be given to People Living with Disability who are members of the designated groups in line with the Employment Equity Plan and Targets of the Company.

The Ideal Candidate

The Lead Software Engineer: Cloud Modernisation will play a key role in advancing Entersekt’s transition toward cloud-ready and cloud-native architectures across the company’s SaaS product suite. This role combines senior technical leadership with hands-on engineering delivery.

You are an experienced engineer who is comfortable working directly within complex production codebases while also shaping architectural direction and modernisation strategy. You bring a pragmatic mindset when working with legacy systems and understand how to balance performance, cost efficiency, operational reliability, and delivery timelines when introducing cloud-native patterns.

The successful candidate will guide the modernisation of existing systems by introducing scalable architecture patterns, automation, and operational improvements while partnering closely with product engineering, platform engineering, DevOps, security, compliance, and product management teams.

Initial focus for this role will be the modernisation of Entersekt’s 3DS product suite, with patterns, architectural approaches, and enablement efforts expected to scale across the broader SaaS platform over time.

The Role

This is a senior individual contributor role operating at Lead Engineer level. The role combines architectural leadership with hands-on engineering execution and is responsible for defining and delivering the modernisation roadmap for key product systems.

The Lead Software Engineer will assess previous generation (heritage) components, design target-state architecture, and implement modernisation improvements directly in product codebases. The role will introduce modern engineering practices and cloud-native patterns while establishing guardrails, reference implementations, and repeatable approaches that product teams can adopt.

The position plays an important role in enabling a scalable SaaS operating model by improving automation, observability, deployment consistency, and tenant lifecycle management. Through close collaboration with engineering and platform teams, the role will help accelerate cloud-native delivery while maintaining strong operational, security, and regulatory standards.

Responsibilities

Modernisation Strategy, Roadmap and Architecture

• Define modernisation roadmaps for product applications, including target-state architecture for services, infrastructure, and data flows.
• Assess legacy components to identify modernisation opportunities, technical debt, and pragmatic remediation paths.
• Determine appropriate modernisation approaches including refactoring, re-platforming, or re-architecting based on performance, cost, risk, and delivery considerations.
• Contribute architectural insight to the modernisation business case and support financial modelling related to infrastructure and platform decisions.

Engineering Delivery

• Implement modernisation changes directly within product codebases, including refactoring legacy components and decomposing monolithic architectures.
• Introduce cloud-native engineering patterns such as microservices, event-driven architecture, containerisation, and serverless services.
• Identify and implement performance, scalability, and reliability improvements using observability platforms, cloud metrics, and logging tools.
• Develop reference implementations and engineering patterns that enable teams to accelerate modernisation across products.
• Drive code-level implementation decisions and ensure successful delivery of modernisation outcomes across multiple engineering teams.

SaaS Platform and Operational Modernisation

• Improve the operational and platform capabilities that support Entersekt’s SaaS delivery model.
• Reduce reliance on manual operational processes and bespoke scripts by introducing automation across tenant lifecycle management.
• Design and implement repeatable processes for tenant provisioning, configuration, and environment management.
• Improve onboarding speed for new tenants through standardised workflows and environment templates.
• Establish tenant-aware observability by improving consistency of logs, metrics, traces, dashboards, and alerting across services.
• Contribute to multi-tenant architecture design, including tenant isolation and service tiering considerations.
• Improve deployment consistency through repeatable deployment patterns, automation, and safer release processes.

Engineering Standards and Governance

• Introduce practical engineering guardrails that support modern development practices including API-first design, event streaming, cloud-native storage, and container orchestration.
• Define and maintain architectural standards, patterns, and best practices for cloud-native development.
• Contribute to cloud governance initiatives and participate in architecture reviews that guide engineering teams through modernisation efforts.

Cross-Functional Collaboration

• Lead technical workshops, architecture discussions, and design reviews across product teams.
• Support engineering teams in translating modernisation objectives into practical implementation changes.
• Partner closely with DevOps, Platform Engineering, Cybersecurity, Compliance, and Product teams to ensure modernisation initiatives align with operational and regulatory requirements.
• Build trust with engineering teams by introducing modern practices through collaborative design and working reference implementations.

Team Development

• As the modernisation programme evolves, contribute to shaping a small, specialised engineering capability that supports broader platform modernisation initiatives.
• Maintain a strong hands-on focus while helping teams adopt new patterns and technologies.

Success Measures (First 12 Months)

Success in this role will be measured by the ability to deliver meaningful modernisation outcomes across Entersekt’s SaaS platform while establishing scalable engineering patterns that enable teams to accelerate cloud-native delivery.

Key outcomes in the first 12 months may include:

• Completing a comprehensive architectural assessment of the 3DS product suite, identifying key modernisation opportunities, technical constraints, and priority areas for improvement.
• Delivering a modernisation roadmap and migration plan that clearly defines architectural direction, sequencing, and the associated performance, operational, and cost considerations.
• Successfully modernising at least one product or major product component, resulting in measurable improvements in system operability, maintainability, and performance.
• Reducing reliance on manual operational processes and bespoke scripts through the introduction of automated tenant lifecycle management and environment provisioning.
• Improving observability and operational readiness by introducing consistent logging, metrics, dashboards, and alerting across services and tenants.
• Contributing architectural insights and cost considerations to the modernisation business case, supporting decision-making around infrastructure and platform investments.
• Establishing trusted working relationships with product and platform engineering teams by delivering working modernisation patterns and reference implementations that teams can adopt.
• Contributing to the development of a long-term platform architecture roadmap that supports modernisation across multiple products within the Entersekt SaaS ecosystem.

Skills and Experience

Successful candidates for this role will generally possess the following qualifications and skills:

• Demonstrated experience designing and delivering application modernisation programmes within AWS environments.
• Experience modernising applications through refactoring, re-platforming, or re-architecting legacy systems.
• Strong experience building and operating production systems using containers and orchestration platforms such as Kubernetes (or equivalent platforms).
• Solid backend engineering experience with the ability to diagnose and improve performance, scalability, and reliability in production systems.
• Experience working with Java-based systems or comparable backend development stacks.
• Proven experience implementing modern architectural patterns such as microservices, event-driven architectures, and distributed systems.
• Experience improving operational maturity through automation, observability, monitoring, and repeatable deployment processes.
• 8+ years of experience in cloud architecture, platform engineering, or senior software engineering roles responsible for production systems.
• Strong communication and collaboration skills with the ability to influence engineering, product, and platform teams.
• AWS certification is advantageous but not required.

Personality Attributes

• Strong bias toward delivery with a willingness to work hands-on in complex production systems.
• Pragmatic and comfortable working with legacy environments while introducing modern engineering approaches.
• Ability to influence teams through working solutions, reference implementations, and practical improvements.
• Systems thinker who balances architecture decisions with operational reliability, cost management, and security.
• Collaborative team player who builds trust across engineering teams through clear communication and inclusive technical leadership.
• Maintains accountability for delivering measurable outcomes while enabling teams to adopt modern engineering practices.