DevSecOps/DevOps Engineer

Role overview

Join Caspar Health as a DevSecOps/DevOps Engineer to help medical teams deliver life-changing therapy. You’ll bridge development and operations while making security a first-class priority through automation, secure pipelines, and hardened cloud infrastructure.

Key missions

• Triaging security alerts & vulnerabilities: lead triage and coordinate smart remediations; build systems to prevent recurrence.
• Shift-left security in CI/CD: integrate automated security testing, vulnerability scanning, and compliance checks directly into pipelines.
• Evolve and harden AWS infrastructure: manage Infrastructure as Code and improve security-first design.
• Automate compliance and manage data layers.
• Secure Kubernetes operations (zero-trust mindset): orchestrate and harden the K8s environment.
• Collaborate with development squads to identify and remediate vulnerabilities.

Requirements

• Strong application and infrastructure security skills.
• Experience as a DevOps Engineer with solid security knowledge (common vulnerabilities, application security, infrastructure hardening) and a desire to grow into full DevSecOps.
• Automation mindset: prefer Terraform or Python scripting over manual configuration.
• AWS foundation and security-first infrastructure approach.
• Security concepts: encryption (at rest/in transit), network segmentation, secure access protocols, and access controls.
• Application security knowledge: OWASP Top 10, secure coding practices, dependency scanning, and remediation.
• Linux administration experience and ability to automate with Python, Go, or Node.js.
• Ability to communicate risks clearly to developers (English working language).

Nice-to-haves

• Strong familiarity with PostgreSQL and Redis for data layer hardening.
• Demonstrated experience with Docker/Kubernetes.
• Experience integrating security checks into CI/CD pipelines beyond basic scanning.