Summary: Join a distributed international DevOps team as a DevSecOps engineer to develop and maintain builds and deploys for cloud-hosted web applications, ensuring secure SDLC and compliance with security standards. Highlights: 1. Work in a distributed international DevOps team 2. Develop and operate multi-region AWS environments 3. Maintain SecOps via performing SAST/DAST/SCA&SBOM scans and analysis Operating Company: Location: Madrid,Madrid,ES Date Posted: March 31, 2026 Req Number: R5025900 **Job Description:** Development and Operations Engineer works in distributed international DevOps team a DevSecOps engineer will help development teams with creating and maintaining builds and deploys for web applications hosted in the cloud used by orthodontists to submit and track orders for Spark Aligners. The engineer will also help the organisation to maintain secure SDLS and meet requirements of security standards our software should be complaint with. **Responsibilities:** * Deploy and operate multi\-region AWS environments * Create and manage CI/CD pipelines for build, deployment and testing processes * Support CI/CD tool and development team operations (AWS, Git, IT, Database troubleshooting, Builds and Deployments troubleshooting) * Maintain SecOps via performing SAST/DAST/SCA\&SBOM scans and analysis * Project tools ownership and maintenance: Jira, Confluence, Bitbucket, Bamboo, Jfrog, Teams, SonarCloud **Job Requirements:** Overall, 3\+ years' experience of working as DevOps engineer supporting production web application hosted in the cloud with multiple environments using IAAC methodology. **Must experience:** * Experience with AWS; * Experience with CloudFormation; * Experience with Git and multi\-developer git workflow * Experience with Docker and Docker orchestration (AWS ECS) * Experience with CI/CD: Bamboo/Gitlab/Github actions * Scripting: Python, Bash * English skills: writing and verbal communication (Upper Intermediate\+) **Would be a plus:** * Experience with SecOps * Secure Software Development Life Cycle (SSDLC) * SAST/DAST/SCA\&SBOM * Principle of least privilege and its implementation in software development and infrastructure * Audit logs management and monitoring * Secrets management * Experience with security tools for scan, detect, and analyse security issues, vulnerabilities, CVE, environment configuration * Experience with AWS SOC, HIIPA, PHI * Knowledge of OWASP projects like: OWASP Top ten, OWASP DevSecOps Guideline, OWASP Application Security Verification Standard, OWASP Web Security Testing Guide etc * Experience with migration of complex systems, data migration and data transformation (AWS DMS preferred) * Experience with SQL queries and Database administration (MySQL preferred) * Database planning skills * Coding experience with Java, JS, Python * Experience with automation tools like Terraform, Ansible * Experience Kubernetes * Strong analytical skills \#LI\-PG1 **Operating Company:** Envista is a global family of more than 30 trusted dental brands, united by a shared purpose: to partner with professionals to improve lives. Envista helps its partners deliver the best possible patient care through industry\-leading products, solutions, and technology. Our comprehensive portfolio, including dental implants and treatment options, orthodontics, and digital imaging technologies, covers an estimated 90% of dentists’ clinical needs for diagnosing, treating, and preventing dental conditions as well as improving the aesthetics of the human smile. Envista and all Envista Companies are equal opportunity employers that evaluate qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender identity, or other characteristics protected by law. The “EEO is the Law” poster is available at: http://www.dol.gov/ofccp/regs/ compliance/posters/pdf/eeopost.pdf. Envista and its family of companies (Envista) will not accept unsolicited resumes from any source other than directly from a candidate. Envista will consider unsolicited referrals and/or resumes submitted by vendors such as search firms, staffing agencies, professional recruiters, fee\-based referral services and recruiting agencies (Agency) to have been referred by the Agency free of charge and Envista will not pay a fee for any placement resulting from the receipt such unsolicited resumes. An Agency must obtain advance written approval from Envista's internal Talent Acquisition or Human Resources team to submit resumes, and then only in conjunction with a valid fully\-executed contract approved by the Global Talent Acquisition leader and in response to a specific job opening. Envista will not pay a fee to any Agency that does not have such agreement and written approval in place.