Latest Jobs at Cowrywise

We need a backend engineer who can own features end-to-end, from database schema to production. You’ll work on our core financial platform: portfolios, transactions, third-party integrations, and the systems that keep everything running reliably.

This role is highly collaborative. You’ll work closely with product and design to figure out what we’re building, then take ownership of how it gets built and shipped.

Your code handles real money, so correctness matters. We also ship frequently, so speed matters too. The best candidates know how to balance both.

What you’ll do

Features

• Build backend features for savings products, portfolios, stock investments
• Own the whole thing: database design, business logic, APIs, tests, deployment, monitoring
• Write code that someone else can read and maintain a year from now
• Work with frontend/mobile to define API contracts

Systems

• Build integrations with payment gateways (Paystack, Monnify, etc), fund managers, and KYC providers
• Design systems that handle money correctly. Idempotency, consistency, audit trails. Non-negotiable.
• Debug production issues and be on call for systems you build

Performance

• Optimize database queries, design schemas, and make things fast
• PostgreSQL and Redis for the data layer
• Celery for background jobs

Code quality

• Review code and get your code reviewed
• Write tests that actually catch bugs
• Help onboard new engineers

What we’re looking for

Required

• 5+ years building production backend systems
• Our primary language is Python (Django/FastAPI), but proficiency in Golang and JavaScript (and TypeScript) is also important
• PostgreSQL, MYSQL: schema design, query optimization, transactions
• Event-driven architectures, message queues (SQS, RabbitMQ, Kafka)
• REST APIs: clean contracts, versioning, error handling
• AWS basics (EC2, RDS, S3, SQS, Lambda)
• Background job processing (Celery or similar)
• Can debug through logs, metrics, and code
• Git, CI/CD, modern workflows
• Can explain technical concepts to non-technical people

Nice to have

• Fintech, payments, or financial services experience
• Docker Swarm, Kubernetes, ECS
• Monitoring tools (New Relic, Sentry, CloudWatch)
• Typescript and Golang Experience

The people who succeed on this team

• Take ownership without being asked
• Know when to optimize and when to ship
• Write code for humans
• Adapt when requirements change
• Give and receive feedback well
• Care about users, not just code
• Make the people around them better

go to method of application »

We’re looking for a Site Reliability Engineer (SRE) to help build, maintain, and scale the infrastructure powering Cowrywise.You’ll work closely with our engineering team to improve reliability, observability, security, and deployment processes across our systems.
Our infrastructure team specializes across four areas: Cloud, Databases, Platform, and Observability. We run primarily on AWS with some workloads on GCP. For this role, we're particularly interested in someone who can raise the bar on observability, helping us detect issues faster and resolve them with confidence.

What you’ll do

Generally, members of the infrastructure team are able to do the following

• Design, maintain, and improve cloud infrastructure and internal platforms
• Improve system reliability, scalability, and performance across services
• Build and maintain CI/CD pipelines and deployment workflows
• Implement monitoring, logging, alerting, and observability systems
• Respond to incidents, troubleshoot production issues, and lead root cause analysis
• Automate operational tasks and infrastructure provisioning
• Work with engineering teams to improve service architecture and operational readiness
• Improve security posture, access controls, and infrastructure best practices
• Manage containerized workloads and orchestration platforms
• Maintain disaster recovery, backup, and high availability strategies

What we’re looking for

Required

• 4+ years of experience in an SRE, DevOps, or Platform Engineering role running production systems
• Strong hands-on experience with AWS (compute, networking, IAM, storage, managed services)
• Deep expertise in observability designing meaningful metrics, dashboards, alerts, and SLOs that actually catch problems before users do
• Hands-on experience with New Relic, Grafana, and Prometheus (or equivalent tooling)
• A track record of reducing MTTD and MTTR through better instrumentation, alerting, and incident response practices
• Proficiency with Docker and containerized workflows
• Solid scripting and automation skills (Python, Bash, Go, or similar)
• Experience with infrastructure-as-code (Terraform, Pulumi, or CloudFormation)
• Strong Linux fundamentals and networking knowledge
• Experience building and maintaining CI/CD pipelines
• Comfort leading incident response and writing clear post-mortems

Nice to have

• Experience operating Kubernetes in production
• Exposure to GCP or multi-cloud environments
• Background in one of our specialization areas: Databases (Postgres, MySQL, Redis), Platform engineering, or Cloud architecture
• Security-focused experience (IAM hardening, secrets management, compliance frameworks)
• Experience in fintech or other regulated, high-availability environments

The people who succeed on this team

• People who are proactive and take ownership
• Engineers who automate before repeating manual work
• People who stay calm and methodical during incidents
• Engineers who care about clean systems and operational excellence
• Strong collaborators who work well across teams
• Curious builders who enjoy learning and improving systems continuously

go to method of application »

The role

We need a generalist security engineer. Someone who can write a risk assessment in the morning, run a pen test after lunch, review code for vulnerabilities, and help prepare for an audit the next day. Not a narrow specialist. Someone who’s good across board and energized by variety.

You’ll work with our engineering, product, risk, and legal teams. Some days you’re deep in code. Other days you’re drafting a policy or reviewing a vendor’s security posture. This role is the kind that existed before security had its own department.

What you’ll do

AppSec

• Security code reviews and pen testing on web, mobile, and API
• Find, triage, and track vulnerabilities through to remediation. Own the full lifecycle
• SAST, DAST, SCA tooling in CI/CD
• Threat modelling for new features and architecture changes
• Review auth flows for weaknesses

Secure development

• Champion security practices across engineering. Be a partner, not a gatekeeper
• Maintain secure coding standards for our stack
• Run security awareness sessions. Practical, not preachy
• Review security-sensitive PRs

Infrastructure & APIs

• Assess and harden REST and third-party API integrations (payment gateways, partner APIs)
• Review cloud configs (AWS/GCP) for misconfigurations
• Security requirements for new infrastructure and vendor decisions
• Periodic cloud and network security assessments

Fraud detection

• Build, tune, and maintain our internal fraud detection: rules, signals, detection logic
• Analyze transaction patterns and behavioural signals to spot anomalies
• Build automation that reduces manual triage work
• Work with product to embed fraud controls before features ship
• Investigate fraud incidents end-to-end
• Track fraud trends in African fintech and feed that back into detection

GRC

• Maintain security policies, standards, and procedures
• Support audits: evidence gathering, gap remediation, ISO 27001, PCI DSS, SOC 2, CBN guidelines
• Vendor security risk assessments
• Own the risk register
• Security awareness training across the org, not just engineering
• Incident response: investigation, containment, root cause, post mortems
• Triage bug bounty and external vulnerability reports

What we’re looking for

Required

• 3+ years in security engineering or infosec with exposure across multiple domains
• Application security fundamentals: OWASP Top 10, common vulnerabilities, how to find and fix them
• Pen testing or vulnerability assessments (web, API, or mobile)
• GRC basics: risk assessments, policies, audit evidence, compliance frameworks (ISO 27001, PCI DSS, or similar)
• Vulnerability management: tracking, prioritizing, driving remediation
• Fraud detection, transaction monitoring, or trust & safety experience
• Clear writing. Vulnerability reports and policy documents with equal confidence.
• Able to collaborate across teams and drive alignment.

Nice to have

• Fintech, payments, or regulated financial services
• Cloud security: AWS or GCP config reviews, IAM auditing, storage misconfigs
• Mobile app security (iOS/Android, OWASP MASVS)
• Scripting (Python, Bash)
• Certs: CEH, OSCP, CompTIA Security+, CompTIA CySA+, ISO 27001 Lead Implementer
• Fraud rules engines, anomaly detection, behavioral analytics
• CBN cybersecurity frameworks and Nigerian fintech regulations

The people who succeed on this team:

• Genuinely curious across all of security
• Don’t need a narrow lane. Variety is energizing, not overwhelming
• Builders. Want to fix and improve, not just document and report
• Comfortable with ambiguity. We’re still defining what good looks like and you’ll help shape it
• Earn trust by being clear, practical, and genuinely helpful
• Care about the mission. Protecting people’s money isn’t abstract.