SHOP APOTHEKE EUROPE logo
SHOP APOTHEKE EUROPE

We are now Redcare Pharmacy - follow our new channel under @redcarepharmacy to stay up-to-date.

Senior DevSecOps Engineer

DevOps EngineerDevOps EngineerFull TimeRemoteSeniorTeam 1,001-5,000H1B No SponsorCompany SiteLinkedIn

Location

Germany

Posted

4 days ago

Salary

0

Seniority

Senior

Job Description

Senior DevSecOps Engineer

SHOP APOTHEKE EUROPE

• Build and maintain secure CI/CD pipelines (Azure DevOps or GitHub Actions): secrets hygiene, signed artifacts/SBOMs, SAST/DAST/container scanning, least-privilege service connections, and supply-chain hardening. • Automate security in infrastructure with Terraform: enforce guardrails using policy-as-code (Azure Policy, OPA/Conftest) and continuous IaC scanning (Checkov/tfsec). • Harden Kubernetes : implement RBAC, NetworkPolicies, Pod Security Standards, secret management, image signing/scanning, and admission policies (Gatekeeper/Kyverno). • Protect cloud identities & data : manage Entra ID roles/Managed Identities, Key Vault, Private Link/NSGs, encryption at rest/in transit, and just-in-time/least-privilege access. • Secure ML/MLOps : lock down Databricks (Unity Catalog permissions, secret scopes), MLflow/model registry, feature stores; add model artifact signing, provenance, and runtime isolation for training/serving. • Monitoring, logging & response : wire platform and security telemetry to Microsoft Sentinel/Defender, define alerts/runbooks, and support incident response and tabletop exercises. • CVE & vulnerability management : maintain and publish SBOMs; continuously scan for vulnerabilities; triage CVEs (e.g., CVSS scoring + exploitability context), coordinate mitigations/patches, track exposure windows and SLAs, verify remediation, and report metrics to SecOps/GRC. • Concepts & architecture : draft and maintain reference architectures, trust-boundary diagrams, data-classification schemes, environment isolation patterns, secure secret/key management patterns, and network segmentation for AI services. • Compliance & assurance : contribute to risk assessments and threat modeling (incl. AI-specific risks: prompt injection, data exfiltration, model theft), support DPIAs, vendor/third-party risk reviews, penetration tests, control testing, evidence collection, and audit readiness for ISO 27001 , GDPR , and EU AI Act/NIS2 where applicable. • Governance : maintain security baselines and exceptions, own platform security KPIs, ensure retention policies, access reviews, and end-to-end audit trails (code → data → model → deployment).

Job Requirements

  • Experience as a DevSecOps / Cloud Security Engineer (or DevOps with strong security focus) in Azure and Kubernetes environments.
  • Hands-on with Azure DevOps/GitHub Actions ; comfortable automating guardrails and checks in pipelines.
  • Working knowledge of Azure security (Entra ID, Key Vault, Azure Policy, Defender for Cloud, Sentinel) and Kubernetes security.
  • Familiar with vulnerability management & CVEs (SBOM creation, dependency/container/IaC scanning, triage/prioritization, remediation workflows, SLA tracking).
  • Understanding of Data & AI/ML security : Databricks (Unity Catalog, SCIM/AAD), MLflow/model registry, secrets, data governance, and privacy-by-design.
  • Comfortable interfacing with central Security and compliance teams, contributing to audits and group standards , and translating requirements into practical controls.
  • A shift-left mindset: you collaborate across teams, codify controls, and enjoy solving real-world security challenges in cloud-based Data & AI platform.

Benefits

  • Work from Home : If your job does not require you to be present in the office, we can arrange the place you work from individually - even for up to 20 days a year anywhere in the EU.
  • Redcare events : We promote teambuilding through creative team events, and celebrate our successes together at regularly scheduled parties.
  • Kindergarten Grant : We offer our employees who pay for childcare in kindergarten 100,00 € (total) per month.
  • Mental Health : Get quick and professional help from psychologists if you feel overwhelmed in private or professional life. Anonymous and free of charge.
  • Personal Development : We are all constantly learning. That's why we support and foster your career development through internal & external training and help you grow.
  • Mobility : Your commute matters to us. We provide our employees with a fully costed Deutschland Ticket which can be used at any time.
  • Sports & Health : Your well-being is our top priority. Therefore, we offer you a range of opportunities to improve your health. Profit from a membership (M) package at Urban Sports Club, providing a variety of sports offers tailored to your interests.

Related Categories

Related Job Pages

More DevOps Engineer Jobs

NBCUniversal logo

Principal DevOps Engineer

NBCUniversal

Here you can create the extraordinary. Join us.

DevOps Engineer4 days ago
Full TimeRemoteTeam 10,001+Since 2004H1B Sponsor

• Architect a Kubernetes-native platform that models broadcast infrastructure as custom resources. • Lead the technical strategy leveraging Crossplane compositions and custom Go functions to automate provisioning across multi-account AWS environments and on-prem control rooms. • Design, build, and maintain production-grade Kubernetes operators, controllers, and internal platform APIs in Go. • Actively develop custom Crossplane providers to deeply integrate external enterprise platforms (such as NRCS, Venafi, and Infoblox) into our control plane, managing resource lifecycles and approval workflows. • Lead the design of cloud networking, DNS strategies, and cross-account connectivity across hybrid environments, automating VPC topology and dynamic network routing. • Partner closely with broadcast systems engineers, system integrators, and external vendors to bridge the gap between broadcast hardware and automated infrastructure. • Write RFCs, drive architectural decisions, mentor engineers, and establish high-confidence CI/CD pipelines, testing strategies, and GitHub Actions automation. • Own the platform's authorization model, designing hierarchical RBAC systems, resource identifier schemes, and identity integrations that enforce fine-grained access control. • Drive GitOps-based continuous delivery (Flux, Kustomize, Helm) and manage configuration-as-code for compute fleets using Puppet. • Ensure deep operational visibility by designing comprehensive observability and alerting stacks. • Oversee the integration of remote desktop/VDI connectivity solutions, focusing on session authentication, credential management, and gateway routing.

New York
$180K - $230K / year
Lifted, an Upwork Company logo

Senior DevOps – Platform Engineer

Lifted, an Upwork Company

One solution built for enterprise companies to source, contract, manage, and pay any type of contingent talent.

DevOps Engineer4 days ago
Full TimeRemoteTeam 201-500Since 2025H1B No Sponsor

• Shape the DX and infrastructure of our platform • Collaborate with cross-functional teams • Optimize infrastructure and developer experience • Validate the technical feasibility of PRD documents • Diagnose, troubleshoot, and resolve application issues • Manage deployments and maintain robust CI/CD pipelines • Mentor junior developers.

Latin America
Job Closed
Gcore logo

DevOps Engineer – AI Inference

Gcore

Powerful edge and cloud solutions for media business and the entertainment industry

DevOps Engineer4 days ago
Full TimeRemoteTeam 201-500H1B No Sponsor

• Design, develop, and maintain infrastructure for AI inference workloads, including GPU scheduling, model deployment pipelines, and data access patterns in on-prem environments • Build and manage monitoring and observability tools for AI inference platforms, including dashboards, alerts, and runbooks for model health and system performance • Collaborate with ML engineers and platform teams to design system architecture for AI workloads, integrate inference runtimes, and test performance at scale

Poland

Senior DevSecOps Engineer

Direct Meds LLC

To learn more about Direct Meds, please visit https://directmeds.com Important! To apply and be considered as a candidate for this position, you must apply and complete the form using the application link on Zoho below: Application Link

DevOps Engineer4 days ago

Role Description This DevSecOps role is foundational to our engineering department. We aren't looking for just another DevOps hand—we need a Security Guardian who understands that reliable software must first be secure, especially when handling Protected Health Information (PHI). You will own the full security lifecycle of our platform, turning complex regulatory requirements (like HIPAA) into simple, automated, and ironclad engineering solutions. This is where technical mastery meets legal compliance. If you thrive on bridging the gap between rapid development cycles and critical healthcare regulations, this role is for you. What You Will Own: - Define and enforce our approach to handling PHI, making HIPAA adherence a non-negotiable part of every system we build or update. - Build robust CI/CD pipelines that aren't just deploy code; they automatically inject security checks—from vulnerable scanning to compliance verification and ensuring least-privilege access at every single step. - Lead design and code reviews, proactively identifying architectural weak points or compliance risks before they become problems in production. - Keep our core platforms running smoothly by continually hardening them, establishing security baselines, and maintaining thorough documentation to ensure we are always audit-ready. Company Description To learn more about Direct Meds, please visit https://directmeds.com . Important! To apply and be considered as a candidate for this position, you must apply and complete the form using the application link on Zoho below: Application Link

United States
$50K - $250K / year