Senior Engineer – Cloud & Application Security
Cellulant
full-time
Posted on:
Location Type: Hybrid
Location: Lusaka • Zambia
Visit company websiteExplore more
Job Level
About the role
- Architect, deploy, and maintain cloud-native security controls across AWS environments
- Implement and optimize CSPM, CIEM, CWPP, CDP, and container security tools
- Define/Enhance secure cloud patterns for compute, network, storage, IAM, secrets management, and multi-account strategies
- Build/enhance and enforce least-privilege IAM policies, service roles, and credential lifecycle management
- Support cloud hardening (OS-level and service-level), encryption, key management (KMS), and network segmentation
- Perform threat modeling, secure code reviews, architecture reviews, and security assessments across multiple codebases
- Partner with engineering teams to continually embed security into SDLC, CI/CD pipelines, and DevSecOps workflows
- Secure APIs, microservices, backend services, and distributed systems using best practices and industry frameworks
- Enhance secure coding standards, patterns, and reusable security modules
- Support API security design, testing, and governance across internal and external integrations
- Perform security reviews for REST, event-driven, and payment-processing APIs
- Ensure strong authentication (OAuth2, OIDC, mTLS) and secure token design
- Harden and secure workloads, containers, and orchestration platforms (Docker, Kubernetes)
- Review/enhance runtime detection & response (EDR/XDR) for cloud-native environments
- Ensure secure configurations, kernel-level protections, logging, and monitoring
- Automate cloud and application security tasks using Python, Bash, Terraform, CloudFormation and/or CI/CD workflows
- Develop automated guardrails, policy-as-code, and security-as-code pipelines
- Support the SOC team to develop and maintain security detection rules, alerts, and response playbooks
- Perform deep technical investigation of cloud, application, and API security incidents
- Collaborate with the SOC team to improve signals, automate responses, and reduce MTTD and MTTR
- Ensure alignment with PSP security requirements including PCI DSS and BFSI-grade controls
- Support security testing, continuous monitoring, and continuous assurance for payment platforms
- Partner with the Infosec GRC team during audits, pentests, and regulatory assessments
- Advise product, engineering, and DevOps teams on secure architectures and design choices
- Provide training and champion a “secure-by-default” engineering culture
- Operate as a senior technical security expert without direct managerial responsibilities
Requirements
- 6+ years experience in information security, with at least 4+ years focused on cloud and application security
- Strong hands-on expertise with AWS (preferred)
- Deep experience securing Linux-based cloud workloads
- Strong understanding of: API security architectures, Microservices and container ecosystems, CI/CD pipelines, DevSecOps principles, Infrastructure as code (Terraform, CloudFormation), Security as code
- Practical experience remediating vulnerabilities identified through SAST/SCA/DAST/container scanning tools
- Strong programming or scripting skills (Python, Bash, or Go preferred)
- Experience with Kubernetes, container hardening, and runtime security solutions
- Prior work in fintech, PSPs, BFSI, or other high-compliance environments is highly desirable, but not mandatory.
Benefits
- Generous personal time off
- Medical and life insurance benefits (markets permitting)
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cloud-native security controlsCSPMCIEMCWPPCDPcontainer securityIAM policiesencryptionkey managementsecurity assessments
Soft skills
collaborationtrainingcommunicationproblem-solvingleadership
Certifications
PCI DSS