Meet Ozow

Ozow is a leading fintech company redefining digital payments in South Africa and beyond. We’re dedicated to making payments more accessible, secure, and convenient for businesses and consumers alike. As a fast-growing player in the financial technology sector, Ozow fosters a culture of innovation, diversity, and inclusivity. We believe in pushing the boundaries of what’s possible and are committed to making a positive impact on the world through cutting-edge payment solutions.

More about this fantastic position

The Technical Risk & Operations Manager is a critical leadership role within Ozow’s technology organisation, responsible for driving our technical risk posture, coordinating incident response, and serving as a key interface with merchants, banks, and partners on security and operational matters.

This role sits at the intersection of engineering, security, risk, compliance, and operations. You will own the end-to-end lifecycle of technical risk — from identification and prioritisation to mitigation and reporting — and lead the organisation’s incident management processes to ensure rapid, effective resolution and continuous improvement.

As Ozow scales, this role will also become the external technical voice of trust — providing assurance to our clients and partners about the safety, resilience, and reliability of our systems.

Your role and responsibilities

Incident Management & Response

• Lead the full lifecycle of incident management across Ozow’s platforms — from detection to resolution.
• Coordinate cross-functional teams during Sev-1 and Sev-2 incidents, ensuring timely communication, mitigation, and recovery.
• Drive post-incident reviews (RCA) and ensure that corrective actions are identified, prioritised, and delivered.
• Maintain a comprehensive incident knowledge base to capture lessons learned and drive proactive improvements.

Technical Risk Management

• Own the technology risk register in collaboration with Security, Infrastructure, Engineering, and Compliance teams.
• Continuously assess and prioritise risks across the technology estate — including vulnerabilities, misconfigurations, architectural risks, and third-party dependencies.
• Track risk treatment plans, monitor remediation progress, and report on status and trends to senior leadership and the Risk Committee.
• Align risk treatment plans with Ozow’s risk appetite and ensure traceability to controls and frameworks.

Security Posture & External Engagement

• Act as a technical liaison for merchants, banks, and partners on security, compliance, and risk matters.
• Develop and maintain customer- and partner-facing documentation on Ozow’s security posture, incident management practices, and resilience capabilities.
• Support the sales and partnerships teams during due diligence and procurement processes, representing Ozow’s security and risk maturity.
• Collaborate with the Security Specialist and CTO to ensure Ozow’s external messaging on security and risk is consistent, credible, and audit-ready.

Governance & Reporting

• Produce regular reports on incidents, vulnerabilities, and risk metrics for executive leadership, the Risk Committee, and auditors.
• Ensure the organisation’s readiness for audits and certifications (e.g., PCI DSS, ISO 27001, SARB directives) by coordinating evidence gathering and remediation activities.
• Define and track key SLAs and KPIs for incident response, vulnerability closure, and risk mitigation.
• Contribute to governance forums and committees, bringing a data-driven view of risk and operational performance.

Continuous Improvement & Prevention

• Work with engineering and infrastructure teams to address systemic causes of incidents and risk.
• Identify opportunities for automation and tooling to improve detection, response, and risk visibility.
• Contribute to disaster recovery, business continuity, and resilience planning initiatives.
• Proactively recommend changes to processes, systems, and architectures to reduce future risk exposure.

You are an ideal candidate if you have

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 7+ years of experience in technology operations, incident management, or risk/security management roles.
• Proven experience managing large-scale technical incidents and coordinating cross-functional response teams.
• Strong background in risk management frameworks (ISO 27001, NIST, PCI DSS, or similar).
• Experience working in regulated industries (e.g., fintech, banking, payments) preferred.
• Familiarity with cloud-native environments, distributed systems, and modern infrastructure practices.