Let's Write Africa's Story Together!

Old Mutual is a firm believer in the African opportunity and our diverse talent reflects this.

Job Description

Job Description

This is a hands-on technical role. The split is approximately 60% individual technical contribution (active development, coding, architecture implementation) and 40% technical leadership (mentoring, planning, governance, and stakeholder engagement).

Technical Leadership

• Lead the end-to-end design, architecture, and delivery of AI products including chatbots, LLM integrations, and analytics platforms.

• Define and uphold technical standards, coding practices, and architectural patterns across the team.

• Provide hands-on technical guidance and mentorship to a cross-functional team of engineers and data practitioners.

• Drive technical discovery, proof-of-concept initiatives, and technology evaluations for emerging AI capabilities.

• Collaborate closely with Product Owners, Data Architects, and AI Personalisation leads to align delivery with business objectives.

AI & Data Engineering

• Architect and deliver LLM-based products — including RAG pipelines, prompt engineering, knowledge-base retrieval, and dynamic conversational agents.

• Design and implement ETL/ELT pipelines for ingesting, transforming, and serving structured and unstructured data.

• Develop and maintain Python-based data processing scripts, ML model wrappers, and AI orchestration layers.

• Ensure data quality, observability, and governance across all analytics and AI data flows.

• Work with SQL and data warehousing solutions to support reporting, analytics, and model feature engineering.

Backend Engineering

• Design and build scalable Java Spring Boot microservices to support AI product APIs and backend business logic.

• Manage API lifecycle and integration patterns using Gravitee API Gateway, including rate limiting, security policies, and developer portal management.

• Implement secure, performant RESTful APIs for consumption by frontend teams, chatbot engines, and third-party integrations.

API Security Architecture

• Design and enforce API security architecture standards across all services, including:

  • Authentication & Authorisation: OAuth 2.0, OpenID Connect (OIDC), JWT token validation, and API key management.

  • Session Management: Secure token lifecycle management, refresh token rotation, session expiry policies, and stateless session design patterns.

  • Zero Trust Principles: Enforce least-privilege access, mutual TLS (mTLS), and service-to-service authentication across microservices.

  • Threat Mitigation: Implement protections against OWASP API Top 10 vulnerabilities including injection attacks, broken object-level authorisation (BOLA), and excessive data exposure.

  • Rate Limiting & Throttling : Define and enforce API usage policies through Gravitee and AWS API Gateway to prevent abuse and ensure fair usage.

  • Transport Security: Mandate TLS 1.2+ across all API surfaces, manage certificates via AWS Certificate Manager (ACM), and enforce HTTPS-only policies.

  • Secrets Management: Enforce the use of AWS Secrets Manager and AWS Parameter Store for all credentials, API keys, and sensitive configuration — no hardcoded secrets.

Cloud & Infrastructure

• Architect and manage cloud infrastructure on AWS, ensuring scalability, security, and cost efficiency.

• Oversee containerised workload deployment using Amazon ECS with AWS Fargate.

• Design and manage network topology including VPCs, subnets, security groups, NACLs, and VPC peering/transit gateways.

• Configure and manage Application Load Balancers (ALBs) for traffic routing, health checks, path-based and host-based routing rules, and SSL termination.

• Manage Amazon API Gateway for RESTful, HTTP, and WebSocket APIs — including usage plans, throttling, authorisers, and stage management.

• Configure Amazon Route 53 for DNS management, health-check-based failover, weighted routing, and latency-based routing policies.

• Contribute to infrastructure-as-code (IaC) practices using AWS CloudFormation or Terraform.

Observability & Monitoring

• Lead observability strategy using Dynatrace : including full-stack monitoring, distributed tracing, synthetic monitoring, alerting, and dashboards.

• Integrate Dynatrace agents into containerised ECS workloads and Spring Boot services for real-time application performance monitoring (APM).

• Define SLOs, SLIs, and error budgets in alignment with platform reliability standards.

• Complement Dynatrace with AWS CloudWatch for infrastructure-level metrics, log aggregation, and operational alarms.

DevOps & CI/CD

• Own and evolve Azure DevOps (ADO) pipelines for continuous integration and continuous delivery across all team services.

• Design multi-stage ADO pipelines covering build, test, security scanning (SAST/DAST), containerisation, and deployment to AWS ECS.

• Enforce branch strategies, pull request policies, and pipeline gate approvals in Azure DevOps.

• Manage ADO Boards for sprint tracking, backlog refinement, and release planning.

• Integrate security tooling (e.g. SonarQube, OWASP Dependency Check, Snyk) into CI/CD pipelines to enforce shift-left security practices.

Delivery & Governance

• Actively participate in Agile PI Planning, sprint ceremonies, and cross-team syncs.

• Produce and maintain technical documentation, architecture decision records (ADRs), and runbooks.

• Support security remediation, penetration testing responses, and compliance requirements

Qualifications & Experience:

• Degree in Computer Science, Software Engineering, Information Technology, or equivalent.

• 8+ years of software engineering experience, with at least 2 years in a technical lead or senior engineering role.

• Proven experience building and deploying AI/ML products in a production environment.

• Strong background in Java Spring Boot backend development and microservices architecture.

• Hands-on experience with Python for data engineering, scripting, and AI integration.

• Demonstrable expertise in API security architecture OAuth 2.0, OIDC, JWT, session management, and OWASP API Top 10.

• Experience with Gravitee API Gateway or equivalent API management platforms.

• Hands-on experience with Amazon API Gateway, ALB, Route 53, and AWS networking.

• Proficiency in Dynatrace for APM, distributed tracing, and observability.

• Hands-on experience with Azure DevOps for CI/CD pipeline design and sprint management.

• Deep understanding of AWS cloud services and cloud-native design patterns.

• Experience working in Agile/SAFe delivery frameworks (PI Planning, Scrum, Kanban).

Behavioral Competencies

• Technical Visionary: Translates business goals into sound, secure technical architecture while remaining grounded in hands-on delivery.

• Security-First Mindset: Proactively embeds security into every layer of design, from API contracts to infrastructure topology.

• Collaborative Leader: Builds strong relationships across engineering, data, product, and business teams.

• Detail-Oriented: High standards for code quality, documentation, and technical rigour.

• Adaptable & Innovative: Comfortable in fast-moving AI product spaces with evolving requirements.

• Communicator: Articulates complex technical and security concepts clearly to executive and non-technical stakeholders.

Skills

Action Planning, Action Planning, Adaptive Thinking, Agile Project Management, Budget Management, Change Management, Current State Assessment, Data Compilation, Evaluating Information, Executing Plans, Futures Thinking, Gap Analysis, IT Implementation, Learning and Development (L&D), Managing Stakeholder Expectations, Oral Communications, Policies & Procedures, Project Life Cycle Management, Project Performance Management (PM), Project Quality Assurance, Project Reporting, Project Risk Management, Project Schedule Management, Project Scope Management, Project Strategy {+ 1 more}

Competencies

Business Insight

Collaborates

Communicates Effectively

Courage

Cultivates Innovation

Customer Focus

Decision Quality

Develops Talent

Education

NQF Level 9 – Masters

Closing Date

02 July 2026 , 23:59

The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question.

The Old Mutual Story!