Job
- Level
- Experienced
- Job Field
- IT, DevOps, Security
- Employment Type
- Full Time
- Contract Type
- Permanent employment
- Location
- Berlin
- Working Model
- Hybrid, Onsite
Job Summary
In this role, you will develop security solutions for AWS infrastructure, automate compliance checks, and integrate security measures into CI/CD pipelines while promoting developments in cloud security.
Job Technologies
Your role in the team
- At Caspar Health, we run a digital rehabilitation clinic where medical expertise meets high-end engineering. We don't just ship code; we provide patients with personal care from real therapists, powered by our platform. This means your work directly enables medical professionals to deliver life-changing therapy to people who otherwise wouldn't have access to it.
- We are looking for a DevSecOps/DevOps Engineer (all identities) with strong application and infrastructure security skills. We welcome experienced DevOps Engineers who bring solid security knowledge - understanding of common vulnerabilities, application security issues, and infrastructure hardening - and are ready to grow into a full DevSecOps role.
- You live and breathe Cloud Security: You have a solid foundation in AWS and believe that infrastructure is only as good as its security-first design.
- You are an automation enthusiast: You prefer writing Terraform or Python scripts over manual configurations any day of the week.
- You are a bridge-builder: You enjoy working at the intersection of Development and Operations, helping teams 'shift-left' without slowing them down.
- Master the Alert Lifecycle: Take the lead on triaging security alerts and vulnerabilities. You won't just 'fix bugs'; you will coordinate smart remediations and build the systems that prevent them from reappearing.
- Champion 'Shift-Left': Integrate automated security testing, vulnerability scanning, and compliance checks directly into our CI/CD pipelines.
- Fortify the Cloud: Use Terraform and Terragrunt to evolve our AWS infrastructure into a gold standard of 'Security as Code'.
- Automate Compliance: Work within an empowered Platform Squad to turn regulatory requirements into automated guardrails, ensuring compliance is a byproduct of our engineering rather than a manual chore.
- Secure the Core: Manage and harden our data layers (PostgreSQL, Redis) and orchestrate our K8s environment with a zero-trust mindset including applications.
- Be the Security Mentor: Collaborate with development squads to identify and remediate vulnerabilities early in the software lifecycle.
This text has been machine translated. Show original
Our expectations of you
Qualifications
- A strong knowledge of application security: common vulnerabilities (OWASP Top 10), secure coding practices, dependency scanning, and remediation.
- The solid understanding of infrastructure security: secure configurations, network segmentation, encryption at rest and in transit, access controls.
- The DevOps Foundation: You have a proven track record in AWS environments, managing Infrastructure as Code (Terraform) and containers (Docker/K8s).
- The Security Mindset: You don't just build pipelines; you wonder how someone might break them. You're familiar with encryption, network segmentation, and secure access protocols.
- The Problem Solver: You enjoy Linux administration and can automate tasks using Python, Go, or Node.js.
- The Communicator: You can explain complex security risks to a developer in a way that inspires them to fix it. (English is our working language).
This text has been machine translated. Show original
What we offer
- Remote-first with flexible working hours - office optional in Berlin-Mitte or up to 90 days a year outside of Germany.
- To match this, we support you with a monthly home office allowance and an additional meal subsidy.
- Viel Zeit zum Auftanken – mit 30 Urlaubstagen pro Jahr.
- Budget for learning & development, conferences, and coaching - tailored to your potential and growth opportunities.
- High level of ownership and decision-making freedom - no micromanagement. We hire experts who know what they're doing.
- Genuine collaboration - no silos, no egos. After all, we're all working toward the same vision.
- Access to all Caspar offerings for mental and physical well-being.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
Topics that you deal with on the job
Job Locations
This is your employer
Caspar Health
Caspar Health, based in Berlin, offers an innovative digital platform for rehabilitation and aftercare, enabling clinics to conduct therapy measures online. The company is recognized as a digital aftercare center by the German Pension Insurance.
Description
- Company Type
- Startup
- Working Model
- Full Remote, Hybrid, Onsite
- Industry
- Healthcare, Social Sector