FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Senior DevSecOps Engineer
SHOP APOTHEKE EUROPESenior DevSecOps Engineer securing Azure and Kubernetes Data & AI platform with a focus on CI/CD security. Join Redcare Pharmacy, Europe's leading online pharmacy.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates expertise in building and maintaining secure CI/CD pipelines, automating security in infrastructure with Terraform, and hardening Kubernetes environments. Proficient in vulnerability management, compliance, and governance within cloud-based Data & AI platforms.
Highest-signal resume keywords
CI/CD Pipeline SecurityTerraform AutomationKubernetes HardeningVulnerability ManagementAzure Security
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
CI/CD Pipeline SecurityTerraformKubernetesVulnerability ManagementCVE TriageData GovernancePolicy-as-CodeIaC ScanningSecrets ManagementAudit Readiness
Soft Skills
CollaborationProblem-SolvingCommunication
Tools & Technologies
Azure DevOpsGitHub ActionsMicrosoft SentinelDefender for CloudDatabricksMLflow
Certifications & Qualifications
ISO 27001GDPR Compliance
Industry Keywords
DevSecOpsCloud SecurityAI/ML SecurityRisk AssessmentThreat Modeling
Tech Stack
Tools & technologiesAzureCloudKubernetesTerraformUnityVault
About the role
Key responsibilities & impact- Build and maintain secure CI/CD pipelines (Azure DevOps or GitHub Actions): secrets hygiene, signed artifacts/SBOMs, SAST/DAST/container scanning, least-privilege service connections, and supply-chain hardening.
- Automate security in infrastructure with Terraform: enforce guardrails using policy-as-code (Azure Policy, OPA/Conftest) and continuous IaC scanning (Checkov/tfsec).
- Harden Kubernetes : implement RBAC, NetworkPolicies, Pod Security Standards, secret management, image signing/scanning, and admission policies (Gatekeeper/Kyverno).
- Protect cloud identities & data : manage Entra ID roles/Managed Identities, Key Vault, Private Link/NSGs, encryption at rest/in transit, and just-in-time/least-privilege access.
- Secure ML/MLOps : lock down Databricks (Unity Catalog permissions, secret scopes), MLflow/model registry, feature stores; add model artifact signing, provenance, and runtime isolation for training/serving.
- Monitoring, logging & response : wire platform and security telemetry to Microsoft Sentinel/Defender, define alerts/runbooks, and support incident response and tabletop exercises.
- CVE & vulnerability management : maintain and publish SBOMs; continuously scan for vulnerabilities; triage CVEs (e.g., CVSS scoring + exploitability context), coordinate mitigations/patches, track exposure windows and SLAs, verify remediation, and report metrics to SecOps/GRC.
- Concepts & architecture : draft and maintain reference architectures, trust-boundary diagrams, data-classification schemes, environment isolation patterns, secure secret/key management patterns, and network segmentation for AI services.
- Compliance & assurance : contribute to risk assessments and threat modeling (incl. AI-specific risks: prompt injection, data exfiltration, model theft), support DPIAs, vendor/third-party risk reviews, penetration tests, control testing, evidence collection, and audit readiness for ISO 27001 , GDPR , and EU AI Act/NIS2 where applicable.
- Governance : maintain security baselines and exceptions, own platform security KPIs, ensure retention policies, access reviews, and end-to-end audit trails (code → data → model → deployment).
Requirements
What you’ll need- Experience as a DevSecOps / Cloud Security Engineer (or DevOps with strong security focus) in Azure and Kubernetes environments.
- Hands-on with Azure DevOps/GitHub Actions ; comfortable automating guardrails and checks in pipelines.
- Working knowledge of Azure security (Entra ID, Key Vault, Azure Policy, Defender for Cloud, Sentinel) and Kubernetes security.
- Familiar with vulnerability management & CVEs (SBOM creation, dependency/container/IaC scanning, triage/prioritization, remediation workflows, SLA tracking).
- Understanding of Data & AI/ML security : Databricks (Unity Catalog, SCIM/AAD), MLflow/model registry, secrets, data governance, and privacy-by-design.
- Comfortable interfacing with central Security and compliance teams, contributing to audits and group standards , and translating requirements into practical controls.
- A shift-left mindset: you collaborate across teams, codify controls, and enjoy solving real-world security challenges in cloud-based Data & AI platform.
Benefits
Comp & perks- Work from Home : If your job does not require you to be present in the office, we can arrange the place you work from individually - even for up to 20 days a year anywhere in the EU.
- Redcare events : We promote teambuilding through creative team events, and celebrate our successes together at regularly scheduled parties.
- Kindergarten Grant : We offer our employees who pay for childcare in kindergarten 100,00 € (total) per month.
- Mental Health : Get quick and professional help from psychologists if you feel overwhelmed in private or professional life. Anonymous and free of charge.
- Personal Development : We are all constantly learning. That's why we support and foster your career development through internal & external training and help you grow.
- Mobility : Your commute matters to us. We provide our employees with a fully costed Deutschland Ticket which can be used at any time.
- Sports & Health : Your well-being is our top priority. Therefore, we offer you a range of opportunities to improve your health. Profit from a membership (M) package at Urban Sports Club, providing a variety of sports offers tailored to your interests.