DevSecOps Technical Lead
BETSoftware
Technical Skills
JOB DESCRIPTION
- Application Security & DevSecOps expertise
- CI/CD pipeline management and automation
- Vulnerability assessment and remediation
- Secure coding practices and code review
- Cloud, container, and API security knowledge
- Security testing tools (SAST, DAST, SCA, penetration testing)
- Programming/scripting proficiency (e.g., Python, Java, or similar)
- Threat modeling and risk assessment
Leadership & Management Skills
- Team leadership and mentoring
- Workflow and process development
- Incident management and escalation
- Strategic decision-making in security contexts
- Project and time management
- Stakeholder management and cross-functional collaboration
Communication Skills
- Clear, concise reporting to technical and non-technical audiences
- Presenting security risks and remediation guidance
- Influencing and negotiating with engineering and management teams
- Facilitating knowledge transfer and training sessions
Analytical & Problem-Solving Skills
- Critical thinking and root cause analysis
- Risk assessment and prioritization
- Research and evaluation of emerging threats and security tools
Professional Tools & Software Skills
- Microsoft Office (Word, Excel, PowerPoint, Teams)
- Security tools: SAST, DAST, SCA, API scanners, penetration testing frameworks
- CI/CD tools: Jenkins, GitLab, GitHub Actions, or equivalent
- Cloud platforms (AWS, Azure, GCP) and container tools (Docker, Kubernetes)
Responsibilities
Technical Output
- Lead the design and execution of secure SDLC practices across application development and delivery
- Own application security testing and validation activities, including: Static, dynamic, dependency, and API security testing (including penetration tests and vulnerability assessments) / Manual validation of high-risk findings
- Embed security controls and testing into CI/CD pipelines in a scalable and developer-friendly manner
- Define and enforce secure coding standards, security patterns, and delivery guardrails
- Perform and oversee threat modeling and secure design reviews for applications and services
- Serve as the senior technical escalation point for complex or high-severity security issues
- Architect and maintain security automation for: Vulnerability detection and prioritization / Secrets management and secure configuration / Software supply chain protection
- Partner with InfoSec, engineering, platform, and infrastructure teams to ensure security requirements are implemented end-to-end
- Continuously assess emerging threats, tools, and techniques, recommending improvements to security capabilities
- Define and track AppSec and DevSecOps KPIs, such as: Risk reduction over time / Vulnerability remediation SLAs /Security testing coverage / Pipeline adoption and developer engagement
- Generate and present reports of findings, remediations and mitigations to security stakeholders and management
- Provide guidance and conduct investigations into security incidents
- Product research and conduct proof of concepts to test viability of new product offerings that secure and enhance our security stature
Leadership and Professional Competencies
- Develop, lead and mentor a team of DevSecOps / Application Security engineers
- Establish clear workflows, playbooks, and escalation paths for a tiered security function
- Communicate security risks and remediation guidance clearly to DevOps, engineers and management
- Influence engineering teams through collaboration, credibility, and pragmatic security guidance
- Balance risk reduction with delivery speed, enabling secure innovation in line with business requirements
- Foster a culture of shared responsibility for security across engineering teams
- Provide calm, decisive leadership during security incidents, investigations, and remediation efforts
- Create and maintain partnerships with Dev Team Leads and Management
Qualifications
7+ years of experience in application security, security engineering, DevOps, or software engineering
- Demonstrated leadership of application security initiatives in production environments
- Strong hands-on experience with: Application security testing tools (SAST, DAST, SCA, API security)
/ Secure code review and vulnerability validation / Penetration testing or advanced application testing experience / Web Application Firewalls
- Solid understanding of: OWASP Top 10 and common application attack patterns / Security frameworks (OWASP ASVS, ISO27001, NIST CSF etc) / Secure SDLC and threat modeling methodologies (STRIDE, DREAD & PASTA) /Web, API, and cloud-native application architectures
- Security Certifications (e.g. CISSP, OSCP, CCISO, CISSM, CSSLP, CISSM etc)
- Proficiency in at least one programming or scripting language (e.g. Python, Java, JavaScript, Go, Bash)
Leadership & Team Experience
- Prior experience leading or mentoring junior and mid-level security or DevSecOps engineers
- Experience building workflows and operational playbooks for tiered teams
- Ability to set technical standards and hold teams accountable to them
Preferred Qualifications
- Experience in containerized application and cloud-native environments
- Familiarity with software supply chain security concepts (SBOMs, dependency risk)
We Don't Just Recruit Talent... We Cultivate It
BET Software is one of the most diverse betting software providers in Sub-Saharan Africa, with a rapidly growing international footprint. Our multiskilled Team is responsible for providing advanced software solutions, while supporting incredibly high transactional volumes in a fast-paced industry, making BET Software a lively and engaging place to be.
Our progressive use of technology enables our talented Team to work with the tech stack of their choice and we encourage an environment and culture that supports collaboration, learning, and growth. We believe that our strength lies in our diversity and that Teamwork makes the dream work, a place where you can flourish amongst like-minded individuals.
We are a dynamic group of people that stem from a variety of cultures, backgrounds, and locations. While our head office is based in Umhlanga, South Africa we recruit talent throughout South Africa and Internationally.