DevSecOps/DevOps Engineer (all identities)

What to Expect

At Caspar Health, we run a digital rehabilitation clinic where medical expertise meets high-end engineering. We don't just ship code; we provide patients with personal care from real therapists, powered by our platform. This means your work directly enables medical professionals to deliver life-changing therapy to people who otherwise wouldn't have access to it.

We are looking for a DevSecOps/DevOps Engineer (all identities) with strong application and infrastructure security skills. We welcome experienced DevOps Engineers who bring solid security knowledge — understanding of common vulnerabilities, application security issues, and infrastructure hardening — and are ready to grow into a full DevSecOps role.

You are a fit for this role if...

• You live and breathe Cloud Security: You have a solid foundation in AWS and believe that infrastructure is only as good as its security-first design
• You are an automation enthusiast: You prefer writing Terraform or Python scripts over manual configurations any day of the week
• You are a bridge-builder: You enjoy working at the intersection of Development and Operations, helping teams "shift-left" without slowing them down

We know you have choices. Here’s why you should choose us:

• Growth over Stagnation: We don't expect you to be a finished DevSecOps guru on day one. If you are a solid DevOps Engineer with a security-focused mindset, we will provide the environment and support for you to become a true specialist
• Modern Stack & Real Ownership: Work with AWS, Kubernetes, and Terraform/Terragrunt. You won't just follow tickets; you’ll help define our security architecture
• Purpose-Driven Tech: Every line of code and every IAM policy you write directly contributes to someone’s recovery and health
• Flexibility & Balance: We live the health-tech mission. Expect flexible working hours, a remote-friendly setup within Germany, and a culture that respects your "deep work" time

Your Challenges

• Master the Alert Lifecycle: Take the lead on triaging security alerts and vulnerabilities. You won't just "fix bugs"; you will coordinate smart remediations and build the systems that prevent them from reappearing
• Champion "Shift-Left": Integrate automated security testing, vulnerability scanning, and compliance checks directly into our CI/CD pipelines
• Fortify the Cloud: Use Terraform and Terragrunt to evolve our AWS infrastructure into a gold standard of "Security as Code”
• Automate Compliance: Work within an empowered Platform Squad to turn regulatory requirements into automated guardrails, ensuring compliance is a byproduct of our engineering rather than a manual chore
• Secure the Core: Manage and harden our data layers (PostgreSQL, Redis) and orchestrate our K8s environment with a zero-trust mindset including applications
• Be the Security Mentor: Collaborate with development squads to identify and remediate vulnerabilities early in the software lifecycle

Your Profile

• A strong knowledge of application security: common vulnerabilities (OWASP Top 10), secure coding practices, dependency scanning, and remediation
• The solid understanding of infrastructure security: secure configurations, network segmentation, encryption at rest and in transit, access controls
• The DevOps Foundation: You have a proven track record in AWS environments, managing Infrastructure as Code (Terraform) and containers (Docker/K8s)
• The Security Mindset: You don’t just build pipelines; you wonder how someone might break them. You’re familiar with encryption, network segmentation, and secure access protocols
• The Problem Solver: You enjoy Linux administration and can automate tasks using Python, Go, or Node.js
• The Communicator: You can explain complex security risks to a developer in a way that inspires them to fix it. (English is our working language)

Note to DevOps Engineers: If your background is primarily in infrastructure but you have a strong desire to deepen your application security skills, we encourage you to apply. We value your curiosity and will support your growth into a full DevSecOps role.

Why Caspar Health?

• Remote-first with flexible working hours – office optional in Berlin-Mitte or up to 90 days a year outside of Germany
• To match this, we support you with a monthly home office allowance and an additional meal subsidy
• Plenty of time to recharge – with 30 vacation days per year
• Budget for learning & development, conferences, and coaching – tailored to your potential and growth opportunities.
• High level of ownership and decision-making freedom – no micromanagement. We hire experts who know what they’re doing. #MakeAnImpact!
• Genuine collaboration – no silos, no egos. After all, we’re all working toward the same vision. #ValueFocus!
• Access to all Caspar offerings for mental and physical well-being #HealthyTogether!
• And yes – all the snacks your heart desires, group sports sessions, a never-empty drinks fridge, and a healthy dose of humor are included too.

What Defines Us as a Team

• We live diversity – it's not a marketing slogan, it's part of our everyday reality
• Feedback isn’t a tool – it’s part of our culture
• We believe that technology only makes sense when it truly helps people
• Our drive is purpose – but our standard is professionalism

At Caspar Health, we strive to provide a friendly, safe and welcoming environment for all Casparians* regardless of ethnic origin, gender, gender identity and expression, sexual orientation, limitations of any kind, physical appearance, social background, age or religion (or lack thereof).

When you apply, we purely focus on your experience and motivation. You decide what additional information you want to disclose (picture, marital status, religion, gender, nationality, etc). We value and treat all applications equally.

We are looking forward to getting to know you!

Your Contact

Dana Kussatz, Talent Acquisition Expert and HR Tech Business Partner.

Please use our Career Page to apply to this position, we will not consider applications via email.
We are looking forward to receive your CV, salary expectation and your earliest starting date.

Diversity and Inclusion:
At Caspar Health, we strive to provide a friendly, safe, and welcoming environment for all Casparians – regardless of gender, gender identity and expression, sexual orientation, disabilities of any kind, physical appearance, social background, age, or religion (or lack thereof).
In your application, we focus on your experience and motivation. It’s entirely up to you which additional personal information you'd like to share (photo, marital status, religion, gender, nationality, etc.). We value and treat all applications equally.

Our product CASPAR Health is used in the environment of medical institutions, patients, doctors and therapists. Working with (sensitive) personal data (e.g. health data) is part of our daily work. Therefore, we require a high level of commitment to the protection of personal data from our employees in order to protect the rights of the data subjects as best as possible.

Note on data protection:

Please apply exclusively via our career site, as this is the only way we can guarantee the protection of your data. You can find our privacy policy .

Find more English Speaking Jobs in Germany on Arbeitnow