DevSecOps Engineer

About Verto

At Verto, we&aposre on a mission to democratise global finance and empower businesses in Emerging Markets to reach the world. Founded by British-Nigerian entrepreneurs Ola Oyetayo and Anthony Oduu, our roots in Africa provided a first-hand understanding of the significant challenges businesses face with cross-border payments, from illiquid currencies and high fees to slow transactions. This deep-rooted insight is why Africa remains a core focus, as we&aposre committed to bridging the gap between emerging and developed markets and fostering global economic growth.What started as an FX solution for the Nigerian Naira has evolved into a market-leading platform, enabling thousands of businesses to seamlessly transfer billions of dollars annually.

We believe that where you do business shouldnt determine your success or ability to scale.

We&aposre creating equal access to the easy payment and liquidity solutions that are already a given in developed markets.We&aposre not alone in realising this crucial need; we&aposre backed by world-class investors including Y-Combinator, Quona, and MEVP. Our impact has been recognised with accolades such as &aposFintech Start-Up of the Year' and the Milken-Motsepe Prize, a testament to our role in powering payments for some of the world&aposs most disruptive startups. Join us as we continue to grow and transform global finance.

Role Overview

This role is critical for fortifying Verto&aposs application security by focusing on

penetration testing across Web, API, and Mobile platforms

, while also embedding security automation directly into our development processes. You will significantly reduce vulnerabilities and champion a security-first culture, ensuring our products are robust and trustworthy.

About The Role

Were seeking a skilled

DevSecOps Engineer

who is passionate about security testing and securing modern applications.

What Youll Be Doing

• Conduct in-depth penetration testing for Web, API, and Mobile (iOS & Android) applications.
• Perform secure code reviews and provide actionable remediation guidance, especially for Node.js.
• Automate security testing and integrate tools into CI/CD pipelines.
• Writing scripts for automating mundane security tasks.
• Develop and implement security best practices (OWASP Top 10, SANS 25).
• Monitor and strengthen AWS cloud security configurations, including AWS auditing and AWS penetration testing .
• Collaborate with development teams for early-stage threat modeling and risk assessments.
• Create and maintain security playbooks for incident response.
• Stay ahead of emerging threats and introduce new security methodologies.
  

What You Need

• Proven experience in penetration testing for Web, API, and Mobile (iOS & Android) applications.
• Strong expertise in security testing tools (e.g., Burp Suite, OWASP ZAP, Python scripting).
• Proficiency in scripting languages such as Python or other relevant languages (e.g., PowerShell, Bash)
• Hands-on experience in secure code reviews and remediation guidance.
• Solid understanding of OWASP Top 10, SANS 25, and other security frameworks.
• Experience integrating security tools into CI/CD pipelines.
• Cloud security expertise, particularly in AWS (IAM, security monitoring, infrastructure security).
• Cloud security expertise, particularly in AWS (IAM, security monitoring, infrastructure security, including AWS auditing and AWS penetration testing capabilities)
• Familiarity with Agile and DevOps methodologies with a security-first mindset.
  

Best If You Have

• Experience with Node.js applications for code reviews and remediation.
• Relevant certifications (e.g., OSCP, CISSP, CEH, AWS Security Specialty, Certified DevSecOps Engineer).
• Experience working in a fast-paced startup environment.
• Experience working in a DevOps environment - Product Team.
• Experience with Infrastructure as Code (IaC) tools (Terraform, Ansible)
• Experience with specific industry domains (e.g., Fintech, Logistics, E-commerce) where robust application security is critical.
  

Culture at Verto

Were a community of folks who care about their craft, collaborate with purpose, and enjoy the journey together

General Perks

• Health & Life insurance, flexible work schedules, generous leave policy
  

Additional Perks

• Gym membership, free lunch, car lease policy and a professional development budget
  

Youll Fit Right In If You

• Love asking why
• Value solving problems over just completing tasks
• Understand sync vs. async communication practices
• Thrive in ambiguity and change
• Actively seek feedback
• Prioritise impact over activity
• Are fun to work with - we love good humour!
  

About The Interview Process

It will have (in no strict order) a chat with the talent team, an online assessment round, and 2 (technical + culture) interviews rounds.