Infrastructure Security Lead

Role Title

Infrastructure Security Lead 

Department

Information Security

ReportingTo

Head of Information Security

About Fincra

Founded in 2021, Fincra is a payment infrastructure provider on a mission to build the rails for an integrated Africa. We provide cross-border payment infrastructure to banks, fintechs, platforms, and global businesses — enabling them to accept payments securely, make payouts, and access FX and other vital financial services. We bridge the gap between the continent and the global economy, empowering local enterprises to transact with the world and enabling global players to operate effortlessly within Africa.

We aren't just moving money. We are building the seamless, secure, and efficient financial ecosystem that connects Africa to the globe and beyond.

About the role

To secure the organization’s infrastructure end-to-end by enforcing strong security controls, institutionalizing monitoring discipline, and driving clear operational ownership across cloud and on-prem environments.

This role ensures that security is built into infrastructure by design, controls are enforced, not assumed, monitoring is proactive and actionable.

What you will be doing every day

• Network Security strategy and  Architecture: Lead the design and evolution of secure network architecture (on-prem, hybrid, cloud), define and enforce network segmentation, zero trust, and least privilege models, establish secure design standards for all infrastructure and application connectivity partner with engineering and cloud teams to embed security-by-design

• Firewall & Perimeter Security Management: Configure, manage, and optimize firewalls, WAF, and network security appliances.

• VPN & Remote Access Security: Implement and maintain secure VPN connectivity for internal infrastructure access.
• Network Monitoring & Threat Detection: Monitor network traffic for suspicious activities and anomalies.
• Security Policy Implementation: Implement and enforce network segmentation, access control lists, and security policies.

• Incident Response Support: Investigate network security incidents and assist with containment and remediation
• Vulnerability Management: Identify and remediate network infrastructure vulnerabilities, own network-level vulnerability management lifecycle, prioritize remediation based on risk and business impact, ensure timely closure of critical exposures, provide risk visibility to the leadership

• Cloud Network Security: Secure cloud networking environments including VPC architecture and security groups.
• Security Hardening: Ensure network devices and infrastructure follow security hardening standards.
• Documentation & Architecture Diagrams: Maintain documentation of network architecture, configurations, and security policies.

What we look for in you

Must have on day one

• Advanced knowledge of TCP/IP, routing, switching, DNS, and network protocols
• Deep hands-on experience with firewalls (e.g., Palo Alto Networks, Fortinet)
• Strong understanding of IDS/IPS, WAF, VPN, and DDoS protection
• Experience with SIEM, EDR, and network analytics tools
• Solid cloud networking security experience (AWS VPC, Azure VNet)
• Network protocols (TCP/IP, DNS, HTTP, SSL/TLS)
• Intrusion Detection and Prevention Systems (IDS/IPS)
• Network traffic analysis and packet inspection
• Cloud networking security (AWS VPC, security groups, load balancers)
• Network segmentation and zero-trust architecture
• DDoS mitigation techniques
• SIEM integration with network security tools
• Infrastructure monitoring and logging

Preferred certifications

• CCNA, CCNP Security
• CCIE Security
• AWS Security Specialty

Behavioral Competencies

• Strong analytical and troubleshooting skills
• Strong understanding of attack vectors (lateral movement, privilege escalation, spoofing, etc.)
• Ability to anticipate threats and design preventive controls
• Experience handling real-world security incidents
• Attention to detail in network configuration and security policy enforcement
• Strong communication and documentation skills
• Ability to collaborate effectively with engineering, DevOps, and other stakeholders
• Continuous learning mindset in cybersecurity and infrastructure technologies

Experience Requirements

• 5-6+ years in network security in a high-scale, fintech, or regulated environments
• Proven track record of building and maturing security controls

Our values — Fincra's non-negotiables

Five values we hire to. We call this HHELD.

• Humility. A growth mindset; active listening; valuing every team member's contribution regardless of role or level.
• Honesty. Transparency in interactions, communications, and decisions.
• Excellence. The highest standards in execution, innovation, and service delivery.
• Love. Empathy, care, connection, and belonging. The VP Engineering is the leader the engineering team trusts in their hardest professional moments.
• Discipline. Doing what you said you would do, when you said you would do it, at the standard you committed to — without being reminded. This seat enforces discipline by being it first.