MTN Nigeria - The leader in telecommunications in Nigeria, and a part of a diverse community in Africa and the Middle East, our brand is instantly recognisable. It is through our compelling brand that we are able to attract the right talents who we carefully nurture by continuously improving our employment offerings even beyond reward and recognition.
We are recruiting to fill the position below:
Job Title: Senior Specialist - DevSecOps, Information Technology
Job Identification: 7547 Location: Ikoyi, Lagos
Job Category: MTN Level 3
Reports To: Senior Manager - Information Security
Division: Information Technology
Mission
The Senior Specialist, DevSecOps is responsible for the delivery of the design, implementation, and continuous improvement of secure DevOps processes within MTN Nigeria by integrating security controls, automation, and monitoring into CI/CD pipelines, ensuring rapid delivery of high-quality and secure applications.
They will drive a security-first engineering culture by proactively identifying risks, automating security controls, and enabling development teams to deliver scalable, compliant, and resilient systems at speed.
Description
The role operates within a highly complex internal technology and delivery ecosystem, requiring deep technical expertise and strong coordination across multiple domains:
Application & Platform Complexity:
Securing diverse enterprise applications and digital platforms, with varying architectures (monolithic, microservices, APIs)
Managing security across legacy systems and modern cloud-native applications
Ensuring consistent security standards across multiple development teams and product lines
CI/CD & DevOps Integration:
Embedding security into end-to-end CI/CD pipelines without disrupting delivery timelines
Managing integration of multiple security tools (SAST, DAST, SCA, secrets scanning) within automated workflows
Handling pipeline failures, false positives, and tuning tools for optimal performance
Cloud & Infrastructure Complexity:
Securing multi-cloud and hybrid environments with differing configurations and controls
Implementing secure Infrastructure as Code (IaC) while maintaining scalability and consistency
Managing containerized environments (e.g., Kubernetes) with evolving security requirements
Data Protection & Access Control:
Enforcing data security, encryption, and access governance across internal systems
Managing identity and access controls (IAM) for developers, systems, and applications
Ensuring proper handling of sensitive customer and business data across environments
Tooling & Automation Challenges:
Selecting, integrating, and maintaining DevSecOps toolchains across the organization
Ensuring interoperability between tools (CI/CD, security scanners, ticketing systems, SIEM)
Continuously optimizing automation to reduce manual intervention
Compliance & Internal Governance
Aligning internal processes with security policies, standards, and audit requirements
Supporting internal audits, risk assessments, and control validations
Maintaining documentation and evidence for compliance without slowing delivery
Requirements
Education:
Bachelor’s Degree
Master’s in information science is preferred
Certification: Security Certifications (Minimum of 1)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Ethical Hacker (CEH)
Cloud & DevSecOps-related professional Certifications
AWS Certified Security – Specialty
Microsoft Azure Security Engineer Associate
Google Professional Cloud Security Engineer
Certified Kubernetes Security Specialist (CKS)
Experience:
6–13 years of experience in IT, Cybersecurity, or DevOps roles
Minimum of 5+ years specifically in DevSecOps
Experience in large-scale, high-availability environments (telecom, fintech, or enterprise IT)
Proven track record of implementing secure CI/CD pipelines and automation
Proficiency in:
Secure software development lifecycle
Cloud security architecture (AWS, Azure, GCP)
Containerization and orchestration security (Docker, Kubernetes)
API security and microservices architecture
Identity and Access Management (IAM)
Vulnerability management and security testing tools (SAST, DAST, SCA)
Experience working in a large organization.
Application Closing Date
13th July, 2026, 10:55 PM.