Key skills
AWSCloudDockerJavaScriptKubernetesLinuxNode.jsPostgresPythonRedisTerraformGoK8sTerragruntPostgreSQLCI/CDOWASP
About this role
Role Overview
- Master the Alert Lifecycle : Take the lead on triaging security alerts and vulnerabilities. You won't just "fix bugs"; you will coordinate smart remediations and build the systems that prevent them from reappearing
- Champion "Shift-Left": Integrate automated security testing, vulnerability scanning, and compliance checks directly into our CI/CD pipelines
- Fortify the Cloud: Use Terraform and Terragrunt to evolve our AWS infrastructure into a gold standard of "Security as Code”
- Automate Compliance: Work within an empowered Platform Squad to turn regulatory requirements into automated guardrails, ensuring compliance is a byproduct of our engineering rather than a manual chore
- Secure the Core: Manage and harden our data layers (PostgreSQL, Redis) and orchestrate our K8s environment with a zero-trust mindset including applications
- Be the Security Mentor: Collaborate with development squads to identify and remediate vulnerabilities early in the software lifecycle
Requirements
- A strong knowledge of application security: common vulnerabilities (OWASP Top 10), secure coding practices, dependency scanning, and remediation
- The solid understanding of infrastructure security: secure configurations, network segmentation, encryption at rest and in transit, access controls
- The DevOps Foundation: You have a proven track record in AWS environments, managing Infrastructure as Code (Terraform) and containers (Docker/K8s)
- The Security Mindset: You don’t just build pipelines; you wonder how someone might break them. You’re familiar with encryption, network segmentation, and secure access protocols
- The Problem Solver: You enjoy Linux administration and can automate tasks using Python, Go, or Node.js
- The Communicator: You can explain complex security risks to a developer in a way that inspires them to fix it. (English is our working language)
Tech Stack
- AWS
- Cloud
- Docker
- JavaScript
- Kubernetes
- Linux
- Node.js
- Postgres
- Python
- Redis
- Terraform
- Go
Benefits
- Flexibility & Balance : We live the health-tech mission. Expect flexible working hours, a remote-friendly setup within Germany, and a culture that respects your "deep work" time
- Budget for learning & development, conferences, and coaching – tailored to your potential and growth opportunities.
- High level of ownership and decision-making freedom – no micromanagement. We hire experts who know what they’re doing.
- Access to all Caspar offerings for mental and physical well-being
- Plenty of time to recharge – with 30 vacation days per year
- And yes – all the snacks your heart desires, group sports sessions, a never-empty drinks fridge, and a healthy dose of humor are included too.