DevSecOps/DevOps Engineer (all identities)
Caspar-Health
Description
What to Expect
At Caspar Health, we run a digital rehabilitation clinic where medical expertise meets high-end engineering. We don't just ship code; we provide patients with personal care from real therapists, powered by our platform. This means your work directly enables medical professionals to deliver life-changing therapy to people who otherwise wouldn't have access to it.
We are looking for a DevSecOps/DevOps Engineer (all identities) with strong application and infrastructure security skills. We welcome experienced DevOps Engineers who bring solid security knowledge — understanding of common vulnerabilities, application security issues, and infrastructure hardening — and are ready to grow into a full DevSecOps role.
You are a fit for this role if...* You live and breathe Cloud Security: You have a solid foundation in AWS and believe that infrastructure is only as good as its security-first design
- You are an automation enthusiast: You prefer writing Terraform or Python scripts over manual configurations any day of the week
- You are a bridge-builder: You enjoy working at the intersection of Development and Operations, helping teams "shift-left" without slowing them down
We know you have choices. Here’s why you should choose us:
- Growth over Stagnation: We don't expect you to be a finished DevSecOps guru on day one. If you are a solid DevOps Engineer with a security-focused mindset, we will provide the environment and support for you to become a true specialist
- Modern Stack & Real Ownership: Work with AWS, Kubernetes, and Terraform/Terragrunt. You won't just follow tickets; you’ll help define our security architecture
- Purpose-Driven Tech: Every line of code and every IAM policy you write directly contributes to someone’s recovery and health
- Flexibility & Balance: We live the health-tech mission. Expect flexible working hours, a remote-friendly setup within Germany, and a culture that respects your "deep work" time
Your Challenges
- Master the Alert Lifecycle: Take the lead on triaging security alerts and vulnerabilities. You won't just "fix bugs"; you will coordinate smart remediations and build the systems that prevent them from reappearing
- Champion "Shift-Left": Integrate automated security testing, vulnerability scanning, and compliance checks directly into our CI/CD pipelines
- Fortify the Cloud: Use Terraform and Terragrunt to evolve our AWS infrastructure into a gold standard of "Security as Code”
- Automate Compliance: Work within an empowered Platform Squad to turn regulatory requirements into automated guardrails, ensuring compliance is a byproduct of our engineering rather than a manual chore
- Secure the Core: Manage and harden our data layers (PostgreSQL, Redis) and orchestrate our K8s environment with a zero-trust mindset including applications
- Be the Security Mentor: Collaborate with development squads to identify and remediate vulnerabilities early in the software lifecycle
Your Profile
- A strong knowledge of application security: common vulnerabilities (OWASP Top 10), secure coding practices, dependency scanning, and remediation
- The solid understanding of infrastructure security: secure configurations, network segmentation, encryption at rest and in transit, access controls
- The DevOps Foundation: You have a proven track record in AWS environments, managing Infrastructure as Code (Terraform) and containers (Docker/K8s)
- The Security Mindset: You don’t just build pipelines; you wonder how someone might break them. You’re familiar with encryption, network segmentation, and secure access protocols
- The Problem Solver: You enjoy Linux administration and can automate tasks using Python, Go, or Node.js
- The Communicator: You can explain complex security risks to a developer in a way that inspires them to fix it. (English is our working language)
Note to