AWS Cloud & DevOps Engineer for Cryptography

DVT is one of the top software development companies on the continent. Our software engineers consult on cutting edge applications at top companies in South Africa and globally. You will have the opportunity to work alongside some of the most established developers in the country with the latest technologies. DVT is committed to continuously training our staff and we are very proud of our culture of learning, internal speaking and training at a variety of sponsored technical events across the AWS ecosystem.

We are looking for an AWS Cloud & DevOps Engineer to join our cloud team, embedded within BANKING CLIENT. As the Cloud & DevOps Engineer, you will play a crucial role in building and maintaining the AWS infrastructure required for post quantum cryptography services, implementing hybrid TLS termination, and establishing CI/CD pipelines for secure deployment of cryptographic workloads.

This is a client embedded consulting role where you will work directly with BANKING CLIENT's team to build the cloud infrastructure underpinning their PQC readiness program. The engagement supports BANKING CLIENT's strategic priority to transition to quantum resistant cryptography across critical financial infrastructure by 2027. The ideal candidate is a strong AWS engineer with security first thinking and experience delivering infrastructure for security critical applications.

The AWS Cloud & DevOps Engineer's responsibilities include design and implementation of AWS infrastructure for PQC services, with a focus on security, automation, performance, and compliance.

• Design and implement AWS infrastructure for PQC services (EKS, VPC, ALB/NLB)

• Develop and maintain Infrastructure as Code using Terraform and CloudFormation, including modular templates and multi environment deployments

• Deploy and configure OQS HAProxy for hybrid TLS termination with post quantum algorithms

• Implement post quantum key exchange protocols (ML KEM 768, p384_mldsa65)

• Design and implement AWS networking solutions including VPC architecture, security groups, and connectivity patterns

• Automate environment provisioning and configuration management across development, staging, and production environments

• Establish CI/CD pipelines (GitLab CI, AWS CodePipeline) with integrated security scanning

• Implement deployment strategies ensuring safe and traceable rollouts with automated rollback capabilities

• Establish conventions for container image tagging, versioning strategies, and reusable CI/CD components

• Manage production deployments, change windows, and release coordination across environments

• Integrate cryptographic testing and validation into the deployment pipeline

• Implement comprehensive monitoring, logging, and alerting using CloudWatch, Prometheus, and Grafana

• Configure AWS KMS integration for key management operations

• Implement and maintain security best practices including secrets management (AWS Secrets Manager, Parameter Store), IAM policies, and security scanning

• Conduct performance benchmarking and optimisation of PQ algorithms and cryptographic operations

• Support security audits and compliance documentation for banking regulatory requirements

• Monitor and optimise cloud costs, resource utilisation, and deployment efficiency

• 5+ years of AWS cloud engineering experience with a strong focus on security infrastructure

• AWS certifications (Solutions Architect, Security Speciality) - AWS Certification is a must

• Kubernetes expertise (EKS deployment, Helm charts, operators)

• Strong Terraform and Infrastructure as Code skills (CloudFormation also required)

• Experience with TLS configuration, certificate management, and network security

• Understanding of post quantum cryptography concepts and NIST PQC standards

• CI/CD pipeline development (GitLab CI, Jenkins, AWS CodePipeline)

• Security hardening and compliance framework experience in regulated environments

• Scripting skills in Python, Bash, or PowerShell for automation and tooling

• Experience with monitoring tools including CloudWatch, Prometheus, and Grafana

• Strong analytical and troubleshooting skills with a proactive approach to problem solving

• Excellent communication and collaboration skills

• AWS Security Speciality certification - highly advantageous

• Experience in financial services or banking sector environments

• Experience with HAProxy, Nginx, or similar reverse proxy/load balancer configuration

• Knowledge of post quantum TLS and hybrid key exchange implementations

• Experience with performance benchmarking of cryptographic operations

• Familiarity with FinOps practices and cloud cost optimisation

• Experience with HSM cloud integration (AWS CloudHSM)

• Matric (Grade 12) certificate

• Bachelor's degree in Computer Science, Information Technology, Engineering, or a related field (or equivalent practical experience)

• At least one AWS certification (AWS Certified Solutions Architect, AWS Certified DevOps Engineer, AWS Security Specialty, or equivalent) - Required

Who we are: