About 4G Capital

4G Capital (4th Generation Capital) is Africa's fastest fintech providing ethical credit services to those who require it most. We provide rapidly accessible and affordable unsecured loans with strict affordability criteria to prevent unmanageable debt. Our customers are mainly small businesses and entrepreneurs who use our credit to grow their businesses ...

What You’ll Do

• Own and continuously improve the cloud security posture across our GCP organisation.
• Design and enforce least-privilege IAM/RBAC models at organisation level
• Secure VPC networking, firewall policies, private connectivity, and perimeter protections including Cloud Armor.
• Strengthen API gateway security (Apigee or equivalent) and service-to-service authentication patterns.
• Operationalise Security Command Center and drive structured remediation of high-risk findings.
• Embed security controls into CI/CD pipelines, integrating SAST, DAST, dependency, container, and secret scanning.
• Define and enforce secure Infrastructure as Code standards using Terraform and policy-as-code guardrails.
• Prevent configuration drift and enforce secure deployment patterns across environments.
• Support audit readiness, governance initiatives, and regulatory compliance requirements.
• Participate in incident response and drive post-incident security improvements.

What We’re Looking For

• 5+ years of experience in Cloud Security, Platform Security, or DevSecOps within production environments.
• Deep, hands-on experience securing multi-project environments on Google Cloud Platform.
• Strong expertise in IAM design, access governance, and role inheritance modeling.
• Advanced understanding of VPC networking, firewall rules, private connectivity, and Zero Trust architecture.
• Experience with cloud security posture management tools such as Security Command Center, Cloud Armor.
• Experience securing API gateways (Apigee preferred) and modern cloud-native architectures.
• Strong Terraform and Infrastructure as Code experience with embedded security controls.
• Proven ability to integrate security controls into CI/CD pipelines and engineering workflows.
• Experience securing containerized and/or serverless workloads (Docker, Kubernetes, Cloud Run).
• Solid understanding of application security principles (OWASP Top 10, secure coding practices).
• Strong scripting and automation skills (Bash, Python).
• Experience operating within regulated or compliance-driven environments is advantageous.

• Own and continuously improve the cloud security posture across our GCP organisation.
• Design and enforce least-privilege IAM/RBAC models at organisation level
• Secure VPC networking, firewall policies, private connectivity, and perimeter protections including Cloud Armor.
• Strengthen API gateway security (Apigee or equivalent) and service-to-service authentication patterns.
• Operationalise Security Command Center and drive structured remediation of high-risk findings.
• Embed security controls into CI/CD pipelines, integrating SAST, DAST, dependency, container, and secret scanning.
• Define and enforce secure Infrastructure as Code standards using Terraform and policy-as-code guardrails.
• Prevent configuration drift and enforce secure deployment patterns across environments.
• Support audit readiness, governance initiatives, and regulatory compliance requirements.
• Participate in incident response and drive post-incident security improvements.

• IAM design
• Access governance
• Role inheritance modeling
• VPC networking
• Firewall rules
• Private connectivity
• Zero Trust architecture
• Security Command Center
• Cloud Armor
• API gateways (Apigee preferred)
• Terraform
• Infrastructure as Code
• CI/CD pipelines
• SAST
• DAST
• Dependency scanning
• Container scanning
• Secret scanning
• Docker
• Kubernetes
• Cloud Run
• Application security principles (OWASP Top 10, secure coding practices)
• Bash scripting
• Python scripting

• 5+ years of experience in Cloud Security, Platform Security, or DevSecOps within production environments.
• Deep, hands-on experience securing multi-project environments on Google Cloud Platform.
• Strong expertise in IAM design, access governance, and role inheritance modeling.
• Advanced understanding of VPC networking, firewall rules, private connectivity, and Zero Trust architecture.
• Experience with cloud security posture management tools such as Security Command Center, Cloud Armor.
• Experience securing API gateways (Apigee preferred) and modern cloud-native architectures.
• Strong Terraform and Infrastructure as Code experience with embedded security controls.
• Proven ability to integrate security controls into CI/CD pipelines and engineering workflows.
• Experience securing containerized and/or serverless workloads (Docker, Kubernetes, Cloud Run).
• Solid understanding of application security principles (OWASP Top 10, secure coding practices).
• Strong scripting and automation skills (Bash, Python).
• Experience operating within regulated or compliance-driven environments is advantageous.