CyberSecurity Engineer, DevSecOps

About the Team

Join the Digital Office at Wakam and help transform the insurance industry through innovation and technology.

We are a center of expertise where cutting-edge tools meet strategic thinking. Our teams design, develop, and optimize robust digital solutions that improve efficiency, resilience, security, and user experience — all within an Agile, collaborative, and fast-paced environment .

Your Mission

As a DevSecOps expert , your mission will be to strengthen Wakam’s security posture by embedding security into our development, infrastructure, and operations practices.

You will work closely with development, operations, architecture, workplace, and security teams to define a clear DevSecOps roadmap, implement the right tools and practices, and help teams build and operate secure systems at scale.

✏️ Your Responsibilities

DevSecOps Strategy & Roadmap

You will:

• Assess the current DevSecOps maturity and define a clear roadmap in coordination with the Architecture Committee.
• Prioritize actions using a global risk-based approach — not only security risk — adapted to Wakam’s context.
• Define performance and reliability metrics for security processes.

Team Support & Enablement

You will:

• Support development and operations teams on day-to-day security topics.
• Put business and technical risks into perspective to help teams make informed decisions.
• Train and raise awareness among teams on security best practices, including secure coding , threat modeling , and related practices.
• Help build a sustainable DevSecOps culture across the organization.

Shift-Left Security

You will:

• Integrate SAST, DAST, and SCA tests directly into CI/CD pipelines with optimized response times.
• Design and deploy fast, reliable, parallelized security test suites with immediate feedback for developers.
• Document data flows and model attack surfaces from the design phase.

Automation & Tooling

You will:

• Deploy and configure static and dynamic analysis tools such as SonarQube, Trivy, Snyk, OWASP ZAP , and similar solutions.
• Orchestrate secure deployments through CI/CD pipelines, including automatic rollback mechanisms and multi-level validation.
• Develop custom automation tools when market solutions do not fully meet Wakam’s needs.

Versioning & Configuration Management

You will:

• Implement Infrastructure as Code (IaC)with embedded security controls using tools such as Terraform and Ansible .
• Ensure full versioning of code, infrastructure, configurations, and security policies.
• Manage secrets and certificates through dedicated solutions such as HashiCorp Vault or equivalent tools.

Monitoring & Incident Management

You will:

• Deploy and maintain security monitoring tools, including SIEM , alerting, and monitoring solutions.
• Automate anomaly detection and incident response through SOAR and automated runbooks.
• Actively contribute to the management and resolution of security incidents.

Workplace Environment Security Support

You will:

• Provide technical support to the team managing the workplace environment, including Microsoft 365, Exchange Online, and SharePoint , on security and monitoring topics.
• Contribute to integrating collaborative tools into global security policies, including authentication, conditional access, DLP, and SIEM alerts.
• Help automate recurring administration tasks and implement alerts for abnormal behaviours.

Technology Watch & Continuous Improvement

You will:

• Maintain active monitoring of DevSecOps trends, new threats, and emerging practices.
• Evaluate and integrate relevant technologies for Wakam’s environment.
• Share best practices and lessons learned internally and within the DevSecOps community.

✨ Who You Are

You bring:

• 7+ years of experience in software engineering and/or operations.
• A solid development background, either as a Developer or DevOps profile.
• Strong hands-on experience in application security and infrastructure security .
• A good understanding of cloud-based production environments .
• Experience with Security Operations / SOC is a plus.

Technical Skills

You are comfortable with:

• DevOps & Automation : CI/CD, Azure DevOps, GitHub Actions
• Containers : Docker, Kubernetes
• Infrastructure as Code : Terraform, Ansible
• Cloud Platforms : Azure, AWS
• Scripting : Python, Bash, PowerShell
• Application Security : OWASP, secure coding practices
• Security Tools : SAST, DAST, SCA, vulnerability scanning

Security Expertise

You have:

• Knowledge of security protocols and cryptography.
• Familiarity with compliance frameworks and standards.
• Experience using vulnerability scanning and mitigation tools.
• Strong infrastructure security practices.

What You Bring

Beyond your technical skills, you bring:

• Strong mentoring, influence, and support skills.
• Excellent communication skills, with the ability to explain technical risks and concepts clearly.
• Proven technical leadership and change management capabilities.
• High autonomy and a proactive, solution-focused mindset.
• A 360° vision, with the ability to balance security, business, and technology needs.
• Adaptability and comfort working in a transforming environment.

Why Join Wakam?

At Wakam, we’re on a mission to reinvent insurance with technology, transparency, and purpose. You’ll join a bold, international company where experimentation is encouraged, ideas are valued, and personal growth is supported.

Joining Wakam means:

• Being at the heart of tech-led transformation .
• Collaborating with passionate experts across disciplines.
• Joining a culture that promotes ownership, agility, and innovation .
• Benefiting from flexible working arrangements — hybrid or fully remote within the UK .

Hiring Process

We aim to keep the process transparent, engaging, and efficient . Here’s what to expect:

1. Interview with our Talent Acquisition Partner
2. Manager interview with our Head of Information Security
3. Case study with the Digital Team
4. HRBP interview

More About Us

Check out our website to learn about the 11 cultural markers that make Wakam truly special! If you're adventurous, impact-driven, and ready to shape the future of insurance, we'd love to meet you!

What Makes Us Unique:

• True remote work flexibility with our Wakam From Anywhere (WFA) program - yes, we even have a teammate working from a sailboat! ⛵

• Flat hierarchical system promoting direct impact and autonomy

• Monthly Free.day: dedicated time for personal growth and skills development

• Lunch voucher with Swile card

• A meaningful company : we became a Mission-driven company in March 2021

• Work alongside passionate experts: who will share their knowledge and help you develop and grow in your career.

At Wakam, our "Free to Impact" culture is built on four essential pillars that shape everything we do :

️ Communication & Knowledge Management

• Foster transparent collaboration across our flat organizational structure

• Share knowledge freely in our highly collaborative environment

• Contribute to our collective intelligence through open dialogue

Curiosity

• Embrace our monthly Free.day for learning and skills sponsorship

• Think big and challenge conventional insurance norms

• Stay eager to learn and explore new possibilities

Continuous Improvement

• Take initiative to transform the insurance industry

• Turn challenges into opportunities for innovation

• Constantly evolve our ways of working

Outcome Oriented

• Focus on impact rather than hierarchy

• Drive results through clear objectives and autonomy

• Transform bold ideas into concrete solutions

At Wakam, we are committed to fostering an inclusive environment where diversity is celebrated. If you require any reasonable adjustments during the recruitment process, please feel free to reach out to your recruiter.