Do you want to own the infrastructure under a health-tech operation that touches hundreds of thousands of lives? This is a dedicated infrastructure, security, and platform role, and there's a lot of ground to claim. Right now a handful of engineers keep the whole stack running between them. Your job is to turn that into something that runs and scales on purpose, and to make it more secure while you do. The more reliable we are, the more people we help lead healthier, happier lives.
About Wellis
Wellis is a fast-growing healthtech scale-up reinventing healthcare. We are building the first truly integrated health platform in the Netherlands, offering on-demand care for everyday health needs such as weight loss, hair loss, sexual health, and more. Our platform covers the full journey: from diagnosis and medical assessment to prescription and delivery at home. By combining medical expertise, technology, and data, we make healthcare smarter, more accessible, more personal, and easier to use. We are growing quickly, which means we are building the structures, teams, products, and processes that will help us scale responsibly. You will join an ambitious, international team where ownership is encouraged, collaboration is key, and impact is visible from day one.
The Role
You won't inherit a mature platform team here. You'll help build one. Our services already run across more than one cloud, most provisioning still happens by hand, and we have very little visibility into what's actually going on in production. Fixing that is the job: bringing order, portability, and security to all of it, and doing it the way our engineering team already works, which is agent-first.
The role covers three areas, and we mean all three. On infrastructure, you'll own how and where we run. We want managed services that stay portable, so we can pick up a workload and move it between GCP, AWS, or anywhere else without rewriting it. On security, you'll own access provisioning, database security, secrets, and the controls a company handling patient data has to get right. On IT and platform admin, you'll own onboarding, offboarding, team access, and tooling: the unglamorous plumbing that keeps a growing team moving.
What ties the three together is automation. We're not looking for someone to click through consoles all day. We're looking for someone who builds the systems and agents that make provisioning, deployment, and access self-serve.
We're an AI-native engineering team. Agentic coding tools are how we work, and infrastructure is no exception. Think Terraform written and reviewed with an agent, runbooks that are actually scripts, an access request that a workflow fulfills on its own. You'll bring that habit to a corner of the company that usually gets it last.
What You'll Own
Provider-agnostic infrastructure. Define our infra as code so it's reproducible and portable. Containerize workloads, standardize how services get deployed, and keep us free to move between clouds instead of locked into one. Today we run across more than one provider mostly by accident. You'll make it a choice.
CI/CD and release engineering. Build the pipelines that take code from merge to production safely: automated, repeatable, with the guardrails that let a small team ship often without breaking things.
Observability and reliability. We have almost no monitoring, alerting, or error tracking today. You'll build the visibility layer from scratch, from metrics and logs through tracing, uptime, and the basics of on-call, so we catch problems before customers do.
Security and access. Own IAM and least-privilege access across our systems, plus database hardening, secrets management, and the audit trails a regulated healthcare business needs. Access for people and services should be controlled and reviewable, never handed out ad hoc.
Team provisioning and IT admin, automated. Onboarding, offboarding, accounts, and tooling access, built as workflows and agents rather than a ticket queue. When someone joins or leaves, the right things should happen without a person doing them by hand.
Infrastructure agents and tooling. Build the skills, scripts, and agent workflows that let the whole team self-serve infra and access. This is the leverage that lets a small team run like a bigger one.
What we offer
Salary range €5,500 – €8,000 gross per month, depending on experience, plus 8% holiday allowance
Pension plan
Learning budget
Monthly personal budget (Alleo)
Hybrid working: partly from our new office in central Rotterdam (2 days)
20 days of remote working per year
Working from home allowance (2 days a week)
25 holidays
A culture of short lines, speed, and continuous improvement, where pragmatism and impact matter
The chance to build a healthtech scale-up's entire infrastructure and security foundation from the ground up
Requirements
Essential
3+ years of professional DevOps, platform, SRE, or infrastructure engineering. You've owned production infrastructure, not just touched it. Fundamentals matter more than years here: what happens on deploy, how to recover, how to keep it running.
Infrastructure as code, done properly. Terraform, Pulumi, OpenTofu, or equivalent. You provision through version control, not a console, and you know why that discipline matters.
Cloud, with an eye on portability. Real experience with at least one major cloud (GCP, AWS, or Azure) and the container tooling (Docker, plus Kubernetes or a managed equivalent) that keeps workloads movable. You've thought about lock-in and how to avoid it.
CI/CD ownership. You've built and maintained pipelines that other engineers depend on, with the automated checks and rollbacks that make frequent deploys safe.
Security fundamentals. IAM and access control, secrets management, network basics, and database security. You know how to give people and services exactly the access they need and nothing more.
Agentic AI development is how you work. You spend a real part of your day in tools like Claude Code, Cursor, Pi, or opencode, and you point them at infrastructure and ops, not just app code. Given a repetitive task, your instinct is to automate it.
You've felt the pain. A migration that locked a table, a deploy that took down an endpoint, an access mistake you had to clean up at 2am. You owned it, fixed it, and built the guardrail so it couldn't happen twice.
Nice to Have
Building agents and agentic workflows, not just using them: plugins, skills, or custom automations that made infra or ops better for a team.
Experience with regulated or sensitive data (healthcare, financial services, government). You know why 'move fast and break things' has no place near patient data.
Observability tooling stood up from scratch: Sentry, Prometheus and Grafana, Datadog, OpenTelemetry, or similar.
IT administration at a growing company: SSO and identity providers, device and access lifecycle, automated on and offboarding.
Audit logging and compliance in regulated environments (NEN 7513, GDPR, ISO 27001, SOC 2, or similar).
Running Supabase, Postgres, or serverless and edge platforms (Cloud Run, edge functions) in production.
Multi-cloud or cloud-migration experience, meaning you've moved real workloads between providers.
Dutch and/or German (business English is the working language).
Who You Are
You take ownership from provisioning through deployment through monitoring, right up to the 2am page.
You automate by instinct. Do something twice by hand and you're already writing the thing that does it for you.
You're comfortable being the first and only person in your domain, making decisions that carry weight, with no team to hide behind yet.
You treat security as the default. You handle access and data like someone's health depends on it, because it does.
You work fast and stay careful.
With Your Application
Alongside your CV, share a transcript or a detailed walkthrough of the most interesting agentic session you've had recently, one where the agent did real infrastructure, ops, or automation work. Provisioning, a pipeline, a migration, an access workflow, whatever it was. Tell us what you were building, how you steered the agent, and what you'd do differently. We'd rather read that than a cover letter.
Hiring Process
We want the application process at Wellis to be fast, transparent, and personal.
Introductory chat with Georgios (Senior Recruiter)
Introductory interview with the CTO. Come ready to talk about a production incident you
owned: what broke, what you did, what changed afterwards.
Technical assessment with the CTO
Final conversation with founders
By continuing you agree to our Terms & Privacy Policy.