TeKnowledge

Overview

We’re seeking a Manager: Application Security Engineering Lead to lead the application security strategy, engineering practices, and platforms across the enterprise. This role ensures that all software — from web and mobile apps to APIs and integrations — is designed, built, and operated securely. The Manager champions DevSecOps adoption, drives secure-by-design principles, and partners with engineering leaders to reduce risk while enabling rapid delivery.

At TeKnowledge, your work makes an impact from day one. We partner with organizations to deliver AI-First Expert Technology Services that drive meaningful impact in AI, Customer Experience, and Cybersecurity. We turn complexity into clarity and potential into progress—in a place where people lead and tech empowers.

You’ll be part of a diverse and inclusive team where trust, teamwork, and shared success fuel everything we do. We push boundaries, using advanced technologies to solve complex challenges for clients around the world.

Here, your work drives real change, and your ideas help shape the future of technology. We invest in you with top-tier training, mentorship, and career development—ensuring you stay ahead in an ever-evolving world.

Why You’ll Enjoy It Here:

• Be Part of Something Big – A growing company where your contributions matter.
• Make an Immediate Impact – Support groundbreaking technologies with real-world results.
• Work on Cutting-Edge Tech – AI, cybersecurity, and next-gen digital solutions.
• Thrive in an Inclusive Team – A culture built on trust, collaboration, and respect.
• We Care – Integrity, empathy, and purpose guide every decision.

We’re looking for innovators, problem-solvers, and experts ready to drive change and grow with us.

We Are TeKnowledge. Where People Lead and Tech Empowers.

Responsibilities

Security Strategy & Leadership

• Define and execute the application security roadmap, ensuring alignment with enterprise security strategy and compliance obligations.
• Champion secure-by-design and DevSecOps practices across backend, frontend, mobile, cloud, and integration teams.
• Partner with engineering, product, and security stakeholders to balance speed-to-market with security and compliance.
• Stay ahead of emerging threats, tools, and frameworks relevant to application security.

Secure SDLC & DevSecOps Enablement

• Embed security into every stage of the software development lifecycle (SDLC).
• Oversee deployment of application security testing tools (SAST, DAST, IAST, SCA) within CI/CD pipelines.
• Drive adoption of secure coding practices, threat modelling, and code reviews.
• Establish policies and playbooks for secure development and release management.

Governance, Risk & Compliance

• Ensure applications comply with regulatory and industry standards (e.g., PCI DSS, GDPR, POPIA, ISO 27001, SOC 2).
• Oversee secure design reviews, penetration testing, and vulnerability remediation.
• Govern API security, identity management, and encryption standards across platforms.
• Partner with enterprise GRC (Governance, Risk & Compliance) to manage audits and security certifications.

Leadership & People Development

• Lead and mentor application security engineers, DevSecOps specialists, and secure coding champions.
• Build organizational expertise in secure development, cloud-native security, and API security.
• Foster a culture of security-first engineering through training, awareness, and technical leadership.
• Develop career pathways and succession planning for security-focused engineering talent.

Stakeholder & Vendor Management

• Collaborate with DevOps, cloud, and software engineering leads to ensure security alignment across platforms.
• Partner with external vendors and consultants for pen testing, code audits, and security toolchains.
• Represent application security in architecture boards, risk committees, and executive forums.
• Manage vendor relationships for AppSec platforms, scanners, and monitoring tools.

Qualifications

Education & Certifications

• Bachelor’s degree in Computer Science, Software Engineering, Information Security, or related field (mandatory).
• Postgraduate qualification (MSc in Cybersecurity, MBA) – advantageous.
• Professional Certifications (preferred/required): CISSP, CISM, or CISA; CSSLP, GWAPT, or OSWE; AWS/Azure/GCP Security certifications, Kubernetes Security Specialist; SAFe Practitioner, Scrum Master (advantageous).

Experience

• 8–12 years’ experience in software or security engineering, with at least 3–5 years in an application security leadership role.
• Proven track record in embedding security into large-scale enterprise software delivery.
• Hands-on experience with secure coding, API security, cryptography, and OWASP Top 10.
• Experience implementing SAST, DAST, IAST, and SCA tools into CI/CD pipelines.
• Strong exposure to cloud-native architectures, microservices, and containerized environments.
• Experience managing security audits, regulatory compliance, and third-party risk assessments.

Core Skills & Competencies

• Deep expertise in application security frameworks, secure SDLC, and DevSecOps.
• Strong knowledge of threat modelling, risk assessment, and security design reviews.
• Leadership ability to build and mentor security-focused engineering teams.
• Excellent stakeholder engagement skills, with the ability to influence engineering and executive leadership.
• Strong analytical and problem-solving abilities with a proactive, prevention-first mindset.