About the job

Duties

• Design, develop, maintain, and enhance custom and internal enterprise applications in line with approved architectures and standards.

• Provide technical governance over application codebases, ensuring adherence to coding standards, version control, and secure development practices.

• Define and enforce application lifecycle controls, including design approval, development, testing, deployment, and retirement.

• Lead application change and release management, ensuring controlled and traceable deployments.

• Perform code reviews, quality assurance checks, and technical risk assessments for internally developed or vendor-delivered applications.

• Support system integrations, APIs, and data exchanges between enterprise applications.

• Ensure applications comply with data protection, security, and internal control requirements through embedded technical controls.

• Lead application-level incident and problem management, including debugging, root-cause analysis, and corrective engineering actions.

• Maintain comprehensive technical and governance documentation, including architecture diagrams, code repositories, and control evidence.

• Act as the technical interface between developers, infrastructure teams, security, vendors, and auditors

Technical Skills

• Application Lifecycle Management – Strong capability in overseeing the end-to-end lifecycle of enterprise applications, including design assurance, development oversight, deployment, maintenance, enhancement, and retirement of locally managed applications, while translating business and technical requirements into structured inputs for HQ-managed systems.

• Programming & Software Engineering – Strong programming and application development capability using enterprise-grade languages and frameworks, with experience across multiple programming paradigms (object-oriented, scripting, and API-driven development). Familiarity with modern development practices, including version control systems, CI/CD pipelines, and secure coding standards, to ensure application quality, maintainability, and control.

• System Integration & Interoperability – Proven experience ensuring seamless interoperability between applications, infrastructure platforms, identity services, and data sources through APIs, middleware, and structured integration patterns.

• IT Governance Frameworks – Strong working knowledge of IT governance frameworks and standards, with the ability to implement, operate, and sustain application-level controls, policies, and technical standards across the application landscape.

• Compliance & Risk Management – Demonstrated capability in embedding compliance and risk controls within applications to meet regulatory, corporate, and internal control requirements (e.g. data protection, SOX-relevant controls, and audit obligations), including evidence generation and remediation tracking.

• Change & Configuration Management – Hands-on experience managing application versions, configurations, releases, and environments through controlled change and configuration management processes, ensuring traceability, stability, and reduced operational risk.

• Monitoring & Performance Optimization – Strong ability to monitor application performance, availability, and service quality, analyze trends against agreed SLAs, and implement optimization or corrective actions to improve reliability and user experience.

• Application Security & Control – Practical understanding of application security principles, including authentication, authorization, access controls, secure data handling, and vulnerability mitigation at the application layer.

Leadership & Management Skills

• Access Control & Identity Governance – Provide leadership and oversight for application-level access control and identity management, ensuring roles, permissions, and segregation-of-duties are appropriately defined, reviewed, and enforced in line with governance and risk requirements.

• Governance, Audit & Reporting Leadership – Own the preparation, maintenance, and presentation of application governance documentation, control evidence, and management reports, and lead engagements with internal and external auditors to demonstrate control effectiveness and compliance.

• Service Management & Business Alignment – Lead the alignment of application services with business objectives, operational priorities, and compliance obligations, ensuring services are delivered in line with agreed service models and performance expectations.

• Risk Assessment & Decision-Making – Lead the identification, evaluation, and mitigation of technology-related risks at the application level, including risk acceptance decisions, remediation prioritization, and escalation to management where required.

• Change & Configuration Governance – Provide authoritative oversight of application change and configuration management, ensuring that releases, enhancements, and fixes are controlled, traceable, and approved in line with governance standards.

• Stakeholder & Vendor Management – Act as the primary governance interface between business units, IT operations, security teams, HQ counterparts, and external vendors, ensuring clear accountability and effective collaboration.

• Operational & Service Performance Oversight – Drive accountability for application service performance, monitoring service quality against agreed SLAs and initiating corrective or improvement actions where service standards are not met.

• Standards Enforcement & Continuous Improvement – Establish, enforce, and continuously improve application governance standards, controls, and management practices to strengthen resilience, reduce risk, and improve service maturity over time.

Soft Skills

• Analytical Thinking – Strong ability to evaluate complex technical architectures, governance requirements, and compliance obligations, and translate them into practical, enforceable controls and solutions.

• Communication – Excellent written and verbal communication skills, with the ability to translate governance, risk, and compliance requirements into clear, actionable technical steps for developers, operations teams, and business stakeholders.

• Collaboration – Proven ability to work effectively with cross-functional teams, including HQ IT functions, business units, security teams, auditors, and external vendors, within matrixed and governed environments.

• Attention to Detail – High level of precision and accuracy in maintaining governance documentation, configuration records, access controls, and audit evidence, ensuring consistency and traceability.

• Problem-Solving – Strong capability in managing application-related incidents, leading root-cause analysis, and driving corrective and preventive actions to improve system stability and process maturity.

• Professional Judgment & Accountability – Ability to exercise sound judgment in risk decisions, change approvals, and control enforcement, while maintaining accountability for outcomes.

Qualification Required & Experience

a) Academic & Professional Qualifications

• Bachelor’s degree in computer science, Software Engineering, Information Technology, Information Systems, or a closely related technical discipline from a recognized institution.

• A Master’s degree in software engineering, IT, Information Systems, Cybersecurity, or Technology Governance is a strong advantage and will be highly regarded.

• Professional certifications demonstrating depth in application engineering, governance, or service management, such as:

o Application development or platform certifications (e.g. Microsoft, Java, Oracle, cloud application platforms)

o IT service and governance certifications (e.g. ITIL, CISA, CGEIT, CRISC, or equivalent)

• Formal training or certification in secure coding practices, application security, DevSecOps, or SDLC governance is highly desirable.

• Evidence of continuous professional development in programming, application architecture, governance, risk, and compliance is required.

b) Experience

• Minimum of 7–10 years progressive experience in enterprise application development, support, and management, with sustained hands-on involvement in programming and system design.

• At least 3 years in a coordinator role or 4–6 years in a senior or lead role with direct responsibility for application lifecycle governance, technical decision-making, and control enforcement.

• Proven experience designing, developing, enhancing, and supporting business-critical enterprise applications in production environments.

• Strong hands-on experience in SAP 4/Hana, Microsoft 365 and Power Apps.

• Strong hands-on experience across multiple programming paradigms (object-oriented, scripting, and API-driven development) and exposure to modern development practices, including version control, CI/CD pipelines, and secure coding standards.

• Demonstrated experience governing application lifecycle processes, including design assurance, development oversight, controlled deployment, change management, and retirement.

• Solid experience integrating applications with enterprise infrastructure, identity platforms, databases, and external systems.

• Proven capability in application-level risk assessment, control design, and remediation, including embedding compliance and security controls within application architectures.

• Demonstrated experience preparing audit-ready documentation, supporting internal and external audits, and responding to audit findings related to applications and data processing.

• Experience working within HQ-governed or matrix IT environments, collaborating with central teams, business units, and external vendors.

• Track record of improving application stability, reducing operational risk, and enhancing governance and service maturity over time.