About Cellulant:
Cellulant is Africa’s leading payments company, providing seamless, secure and innovative solutions that empower businesses, banks, and global brands to thrive in a fast-changing global economy.
With a presence in over 24 countries and 200+ payment methods across cards, bank transfer and mobile money, our single API payment platform, Tingg, simplifies collections, disbursements, and reconciliations. It processes over 1 million transactions daily for market leaders in various sectors, such as Airlines, Telecoms, E-commerce, Ride-Hailing, Retail, and Remittances. By simplifying how people pay and get paid, we drive trust, commerce and scale – and connect companies to their ambitions.
Our Story:
Across Africa, payments are more than transactions. They are gateways to prosperity, connecting people, businesses and communities to opportunities and growth.
From enabling a logistics company in Lusaka to pay suppliers across borders, to enabling a hospitality brand in Lagos to scale effortlessly, to supporting an airline in Nairobi to reconcile payments from multiple platforms, Cellulant is the bridge that makes it all possible.
Through trusted technology and customer-centric innovation, we build connections that inspire progress, strengthen economies and transform payments into a tool for progress.
Since our founding in 2003, we've continuously adapted and grown, leveraging our experiences to simplify payments for businesses. We are driven by an unshakable belief that seamless people-centred payments are the key to unlocking prosperity.
Today, Cellulant powers online and offline payment processing, allowing businesses to collect payments, send payouts, and accelerate business growth.
Our Mission:
To deliver seamless, secure and innovative payment solutions for businesses.
Our Vision:
To create a connected world where businesses move money as easily as they share ideas.
Role Overview:
We are seeking an experienced Cloud Security & Application Security Engineer to strengthen our security posture across cloud-native platforms, applications, APIs, and distributed services.
As a leading Payment Service Provider (PSP) in Africa, security is mission-critical. The ideal candidate will have deep technical expertise in securing large-scale cloud environments, Linux-based workloads, APIs, microservices, and high-availability financial platforms.
This role is hands-on, highly technical, and responsible for building, implementing, and continuously improving our cloud and application security architecture, working closely with Engineering (Platforms and Software), DevOps, and Product teams.
Location: You can be based anywhere in Africa- Zambia, Uganda,Tanzania.
What You’ll Do:
Cloud Security Engineering
- Architect, deploy, and maintain cloud-native security controls across AWS environments.
- Implement and optimize CSPM, CIEM, CWPP, CDP, and container security tools.
- Define/Enhance secure cloud patterns for compute, network, storage, IAM, secrets management, and multi-account strategies.
- Build/enhance and enforce least-privilege IAM policies, service roles, and credential lifecycle management.
- Support cloud hardening (OS-level and service-level), encryption, key management (KMS), and network segmentation.
Application & API Security
- Perform threat modeling, secure code reviews, architecture reviews, and security assessments across multiple codebases.
- Partner with engineering teams to continually embed security into SDLC, CI/CD pipelines, and DevSecOps workflows.
- Secure APIs, microservices, backend services, and distributed systems using best practices and industry frameworks.
- Enhance secure coding standards, patterns, and reusable security modules.
- Support API security design, testing, and governance across internal and external integrations.
- Perform security reviews for REST, event-driven, and payment-processing APIs.
- Ensure strong authentication (OAuth2, OIDC, mTLS) and secure token design.
Runtime Security
- Harden and secure workloads, containers, and orchestration platforms (Docker, Kubernetes).
- Review/enhance runtime detection & response (EDR/XDR) for cloud-native environments.
- Ensure secure configurations, kernel-level protections, logging, and monitoring.
Security Automation
- Automate cloud and application security tasks using Python, Bash, Terraform, CloudFormation and/or CI/CD workflows.
- Develop automated guardrails, policy-as-code, and security-as-code pipelines.
Incident Response & Threat Detection
- Support the SOC team to develop and maintain security detection rules, alerts, and response playbooks.
- Perform deep technical investigation of cloud, application, and API security incidents.
- Collaborate with the SOC team to improve signals, automate responses, and reduce MTTD and MTTR.
Payment Security & Industry Compliance
- Ensure alignment with PSP security requirements including PCI DSS and BFSI-grade controls.
- Support security testing, continuous monitoring, and continuous assurance for payment platforms.
- Partner with the Infosec GRC team during audits, pentests, and regulatory assessments.
Collaboration & Advisory
- Advise product, engineering, and DevOps teams on secure architectures and design choices.
- Provide training and champion a “secure-by-default” engineering culture.
- Operate as a senior technical security expert without direct managerial responsibilities.
What We’re Looking For
- 6+ years experience in information security, with at least 4+ years focused on cloud and application security.
- Strong hands-on expertise with AWS (preferred)
- Deep experience securing Linux-based cloud workloads.
- Strong understanding of:
- API security architectures
- Microservices and container ecosystems
- CI/CD pipelines, DevSecOps principles
- Infrastructure as code (Terraform, CloudFormation)
- Security as code
- Practical experience remediating vulnerabilities identified through SAST/SCA/DAST/container scanning tools.
- Strong programming or scripting skills (Python, Bash, or Go preferred).
- Experience with Kubernetes, container hardening, and runtime security solutions.
- Prior work in fintech, PSPs, BFSI, or other high-compliance environments is highly desirable, but not mandatory.
Preferred Certifications
(Not mandatory but advantageous)
- Cloud Security: CCSP, AWS Security Specialty
- Application Security: OSWE, OSCP, OSWA, CSSLP
- DevSecOps / Cloud: CKA/CKS, HashiCorp Terraform Associate
- Payments Compliance: PCI Internal Security Assessor (ISA)
Key Competencies
- Strong problem-solving and analytical skills.
- Ability to operate independently as a senior IC.
- Excellent communication and technical documentation ability.
- Deep curiosity, proactive mindset, and passion for secure engineering.
- Strong collaboration skills across engineering, DevOps, and product teams.
Why Work for Us?
At Cellulant, we are more than a payments company: we are bridge-builders. We believe that by simplifying the way people pay and get paid, we are connecting companies to their ambitions, people to opportunities, and Africa to the global economy. Our work goes beyond payments—it’s about what people, businesses, and communities can do when the movement of money becomes more dependable, seamless, and secure.
Some exciting things about us...
- We have an extensive footprint: We have an office presence in 10 countries, and our products serve 24 countries across Africa, with a global workforce of about 300 employees.
- We believe innovation is at the heart of Fintech: Thousands of market leaders and top enterprises trust our technology to power their payments. Our customers are in various sectors, including financial services, travel and hospitality, telecom, e-commerce, remittance companies, SaaS, and the gig economy.
- We support a diverse and inclusive workforce: We focus on the growth and development of our employees through well-developed, individualised career paths, ensuring you reach your full potential in a supportive and delivery-oriented environment.
- We put our employees first: At Cellulant, your contribution is rewarded competitively. We use clear career levels and role titles, and benchmark our base pay against data and a well-established internal process. Your actual salary will reflect your experience, skills, impact and the scope of the role, as well as our business needs and prevailing market conditions. We also offer generous personal time off, and medical and life insurance benefits (markets permitting).
- We seek collaborative builders: At Cellulant, we believe that great ideas happen when we come together. Therefore, we nurture a collaborative work environment that challenges, engages, and empowers each person to contribute to the growth and success of the business.
- We solve Africa's digital economy: We’re solving payment challenges on the continent to create opportunities and accelerate economic growth for all of Africa.
