Redcare Pharmacy
Redcare Pharmacy

Senior, DevSecOps Engineering (m/f/d)

TLDR

Secure, scalable DevSecOps leadership on a cloud-native Data & AI platform, embedding guardrails, IaC security, and robust CI/CD across Azure and Kubernetes.

About your tasks:

  • Build and maintain secure CI/CD pipelines (Azure DevOps or GitHub Actions): secrets hygiene, signed artifacts/SBOMs, SAST/DAST/container scanning, least-privilege service connections, and supply-chain hardening.
  • Automate security in infrastructure with Terraform: enforce guardrails using policy-as-code (Azure Policy, OPA/Conftest) and continuous IaC scanning (Checkov/tfsec).
  • Harden Kubernetes: implement RBAC, NetworkPolicies, Pod Security Standards, secret management, image signing/scanning, and admission policies (Gatekeeper/Kyverno).
  • Protect cloud identities & data: manage Entra ID roles/Managed Identities, Key Vault, Private Link/NSGs, encryption at rest/in transit, and just-in-time/least-privilege access.
  • Secure ML/MLOps: lock down Databricks (Unity Catalog permissions, secret scopes), MLflow/model registry, feature stores; add model artifact signing, provenance, and runtime isolation for training/serving.
  • Monitoring, logging & response: wire platform and security telemetry to Microsoft Sentinel/Defender, define alerts/runbooks, and support incident response and tabletop exercises.
  • CVE & vulnerability management: maintain and publish SBOMs; continuously scan for vulnerabilities; triage CVEs (e.g., CVSS scoring + exploitability context), coordinate mitigations/patches, track exposure windows and SLAs, verify remediation, and report metrics to SecOps/GRC.
  • Concepts & architecture: draft and maintain reference architectures, trust-boundary diagrams, data-classification schemes, environment isolation patterns, secure secret/key management patterns, and network segmentation for AI services.
  • Compliance & assurance: contribute to risk assessments and threat modeling (incl. AI-specific risks: prompt injection, data exfiltration, model theft), support DPIAs, vendor/third-party risk reviews, penetration tests, control testing, evidence collection, and audit readiness for ISO 27001GDPR, and EU AI Act/NIS2 where applicable.
  • Governance: maintain security baselines and exceptions, own platform security KPIs, ensure retention policies, access reviews, and end-to-end audit trails (code → data → model → deployment).

About you:

  • Experience as a DevSecOps / Cloud Security Engineer (or DevOps with strong security focus) in Azure and Kubernetes environments.
  • Hands-on with Azure DevOps/GitHub Actions; comfortable automating guardrails and checks in pipelines.
  • Working knowledge of Azure security (Entra ID, Key Vault, Azure Policy, Defender for Cloud, Sentinel) and Kubernetes security.
  • Familiar with vulnerability management & CVEs (SBOM creation, dependency/container/IaC scanning, triage/prioritization, remediation workflows, SLA tracking).
  • Understanding of Data & AI/ML security: Databricks (Unity Catalog, SCIM/AAD), MLflow/model registry, secrets, data governance, and privacy-by-design.
  • Comfortable interfacing with central Security and compliance teams, contributing to audits and group standards, and translating requirements into practical controls.
  • shift-left mindset: you collaborate across teams, codify controls, and enjoy solving real-world security challenges in cloud-based Data & AI platform.

About your benefits:

In order to provide our employees with the best possible support for their individual needs, we offer a wide range of benefits:

  • Work from Home: If your job does not require you to be present in the office, we can arrange the place you work from individually - even for up to 20 days a year anywhere in the EU.
  • Redcare events: We promote teambuilding through creative team events, and celebrate our successes together at regularly scheduled parties.
  • Kindergarten Grant: We offer our employees who pay for childcare in kindergarten 100,00 € (total) per month.
  • Mental Health: Get quick and professional help from psychologists if you feel overwhelmed in private or professional life. Anonymous and free of charge.
  • Personal Development: We are all constantly learning. That's why we support and foster your career development through internal & external training and help you grow.
  • Mobility: Your commute matters to us. We provide our employees with a fully costed Deutschland Ticket which can be used at any time.
  • Sports & Health: Your well-being is our top priority. Therefore, we offer you a range of opportunities to improve your health. Profit from a membership (M) package at Urban Sports Club, providing a variety of sports offers tailored to your interests.

Benefits

Learning Budget

Personal Development: We are all constantly learning. That's why we support and foster your career development through internal & external training and help you grow.

Sports & health membership

Sports & Health: Your well-being is our top priority. Therefore, we offer you a range of opportunities to improve your health. Profit from a membership (M) package at Urban Sports Club, providing a variety of sports offers tailored to your interests.

Remote-Friendly

Work from Home: If your job does not require you to be present in the office, we can arrange the place you work from individually - even for up to 20 days a year anywhere in the EU.

Wellness Stipend

Mental Health: Get quick and professional help from psychologists if you feel overwhelmed in private or professional life. Anonymous and free of charge.

Redcare Pharmacy is Europe’s leading online pharmacy, providing innovative healthcare solutions directly to consumers. We focus on making healthcare accessible and convenient for everyone, driven by a strong mission to ensure that every human has their health.

View company profile
Apply for this job

Pro members saw this job first

New jobs unlock for everyone after 24 hours. Startup Jobs Pro shows them right away, with instant alerts and salary filters. From $7/month.

Get Pro