DevSecOps

🧰Who are we?

Wakam is a B2B2C insurance company that creates white-label insurance solutions via its Play&Plug® technology platform for more than 80 partners. We provide most of our insurance products through API, and hosts white label insurance solutions via our Play&Plug technology platform.

With a footprint spanning 32 countries and revenue of more than €900 million in 2023, mostly generated outside France, Wakam is the European leader in digital and embedded insurance.

Strongly committed to social responsibility, Wakam is a mission-driven company dedicated to “enabling transparent and impactful insurance".

🚀 About the Team

Join the Digital Office at Wakam and help revolutionize the insurance industry through innovation and technology.

We are a center of expertise where cutting-edge tools meet strategic thinking. Our teams design, develop, and optimize robust digital solutions that improve efficiency and user experience — all within an Agile, collaborative, and fast-paced environment.

Stratégie & Roadmap DevSecOps

• Réaliser un assessment de la situation actuelle et définir une roadmap DevSecOps claire, en coordination avec le comité d'architecture

• Prioriser les actions selon une approche risque globale — pas uniquement sécurité — adaptée au contexte de Wakam

• Définir les métriques de performance et de fiabilité des processus de sécurité

Support & Accompagnement des Équipes

• Accompagner et supporter les équipes de développement et d'opérations sur les sujets sécurité au quotidien

• Mettre en perspective les risques business et techniques pour faciliter la prise de décision

• Former et sensibiliser les équipes aux bonnes pratiques de sécurité (secure coding, threat modeling, etc.)

• Développer une culture DevSecOps durable au sein de l'organisation

Shift-Left Security

• Intégrer les tests SAST, DAST, SCA directement dans les pipelines CI/CD avec des temps de réponse optimisés

• Concevoir et déployer des suites de tests de sécurité rapides, fiables et en parallèle, avec feedback immédiat pour les développeurs

• Documenter les flux de données et modéliser les surfaces d'attaque dès la phase de conception

Automatisation & Outillage

• Déployer et configurer les outils d'analyse statique et dynamique (SonarQube, Trivy, Snyk, OWASP ZAP, etc.)

• Orchestrer les déploiements sécurisés via les pipelines CI/CD, avec mécanismes de rollback automatique et validation multi-niveaux

• Développer des outils d'automatisation sur mesure lorsque les solutions du marché ne couvrent pas les besoins

Gestion de Version & Configuration

• Implémenter l'Infrastructure as Code (IaC) avec contrôles de sécurité intégrés (Terraform, Ansible)

• Assurer le versioning intégral : code, infrastructure, configurations et politiques de sécurité

• Gérer les secrets et certificats via des solutions dédiées (HashiCorp Vault ou équivalent)

Supervision & Gestion des Incidents

• Déployer et maintenir les outils de supervision de la sécurité (SIEM, alerting, monitoring)

• Automatiser la détection d'anomalies et la réponse aux incidents (SOAR, runbooks automatisés)

• Participer activement à la gestion et à la résolution des incidents de sécurité

Support à l'Administration de l'Environnement de Travail

• Apporter un support technique à l'équipe en charge de l'environnement bureautique (Microsoft 365, Exchange Online, SharePoint) sur les sujets de sécurité et de monitoring

• Contribuer à l'intégration des outils collaboratifs dans les politiques de sécurité globales (authentification, accès conditionnels, DLP, alertes SIEM)

• Faciliter l'automatisation des tâches d'administration récurrentes et la mise en place d'alertes sur les comportements anormaux

Veille & Amélioration Continue

• Animer une veille active sur les évolutions DevSecOps, les nouvelles menaces et les pratiques émergentes

• Évaluer et intégrer les nouvelles technologies pertinentes pour l'environnement Wakam

• Partager les bonnes pratiques et retours d'expérience en interne et au sein de la communauté DevSecOps

✨ Who You Are

• 7+ years in software engineering and/or operations

• Solid development background (Dev or DevOps profile)

• Strong hands-on experience in application and infrastructure security

• Understanding of Cloud-based production environments

• Experience with Security Operations (SOC) is a plus

Technical Skills:

• DevOps & Automation: CI/CD (Azure DevOps, GitHub Actions)

• Containers: Docker, Kubernetes

• Infrastructure as Code: Terraform, Ansible

• Cloud Platforms: Azure, AWS

• Scripting: Python, Bash, PowerShell

• Application Security: OWASP, secure coding practices

• Security Tools: SAST, DAST, SCA, vulnerability scanning

Security Expertise:

• Knowledge of security protocols and cryptography

• Familiarity with compliance frameworks and standards

• Experience using vulnerability scanning and mitigation tools

• Strong infrastructure security practices

🧠 What You Bring

• Strong mentoring, influence, and support skills

• Excellent communicator — able to explain technical risks and concepts clearly

• Proven technical leadership and change management skills

• High autonomy and a proactive, solutions-focused mindset

• 360° vision — ability to balance security, business, and tech needs

• Adaptable and comfortable in a transforming environment

🌟 Why Join Wakam?

At Wakam, we’re on a mission to reinvent insurance with tech, transparency, and purpose. You’ll join a bold, international company where experimentation is encouraged, ideas are valued, and personal growth is supported.

• Be at the heart of tech-led transformation

• Collaborate with passionate experts across disciplines

• Enjoy a culture that promotes ownership, agility, and innovation

• Benefit from flexible working arrangements — hybrid or fully remote within the UK

🏆 Hiring Process

We aim to keep the process transparent, engaging, and efficient. Here’s what to expect:

• Interview with Tallent Acquisition Partner

• Manager Interview with our Head Of Information Security

• Case Study with the Digital Team

• Chief interview with our Chief Technology Officer

• HR BP Interview

• Final Interview with VP

AI-Assisted Interview Process Policy | Notion

More About Us

Check out our website to learn about the 11 cultural markers that make Wakam truly special! If you're adventurous, impact-driven, and ready to shape the future of insurance, we'd love to meet you!

💫 What Makes Us Unique:

• True remote work flexibility with our Wakam From Anywhere (WFA) program - yes, we even have a teammate working from a sailboat! ⛵

• Flat hierarchical system promoting direct impact and autonomy 🚀

• Monthly Free.day: dedicated time for personal growth and skills development 📚

• Lunch voucher with Swile card

• A meaningful company: we became a Mission-driven company in March 2021

• Work alongside passionate experts: who will share their knowledge and help you develop and grow in your career.

At Wakam, our "Free to Impact" culture is built on four essential pillars that shape everything we do :

🗣️ Communication & Knowledge Management

• Foster transparent collaboration across our flat organizational structure

• Share knowledge freely in our highly collaborative environment

• Contribute to our collective intelligence through open dialogue

🔍 Curiosity

• Embrace our monthly Free.day for learning and skills sponsorship

• Think big and challenge conventional insurance norms

• Stay eager to learn and explore new possibilities

🔄 Continuous Improvement

• Take initiative to transform the insurance industry

• Turn challenges into opportunities for innovation

• Constantly evolve our ways of working

🎯 Outcome Oriented

• Focus on impact rather than hierarchy

• Drive results through clear objectives and autonomy

• Transform bold ideas into concrete solutions

At Wakam, we are committed to fostering an inclusive environment where diversity is celebrated. If you require any reasonable adjustments during the recruitment process, please feel free to reach out to your recruiter.