DevSecOps - Remote

Wakam is a B2B2C insurance company that creates white-label insurance solutions via its Play&Plug technology platform for more than 80 partners. We provide most of our insurance products through API, and hosts white label insurance solutions via our Play&Plug technology platform.

With a footprint spanning 32 countries and revenue of more than €900 million in 2023, mostly generated outside France, Wakam is the European leader in digital and embedded insurance.

Strongly committed to social responsibility, Wakam is a mission-driven company dedicated to "enabling transparent and impactful insurance".

About the Team

Join the Digital Office at Wakam and help revolutionize the insurance industry through innovation and technology.

We are a center of expertise where cutting-edge tools meet strategic thinking. Our teams design, develop, and optimize robust digital solutions that improve efficiency and user experience - all within an Agile, collaborative, and fast-paced environment.

Your Mission

As DevSecOps , you'll be responsible for leading and implementing a DevSecOps approach across all teams involved in building and maintaining Wakam's digital assets. Your mission will be to raise security maturity levels across the organisation, prioritising initiatives based on risk.

Key Responsibilities

• Conduct a full assessment of Wakam's current security posture
• Define a clear target state and DevSecOps roadmap with the architecture committee and lead its implementation
• Prioritise initiatives using a risk-based approach tailored to our business context
• Evaluate and optimise current architectures using secure, modular design principles
• Define performance and reliability metrics for security testing

2. Team Enablement

• Support and guide development and operations teams
• Align technical risks with business impacts
• Train and raise awareness on secure development best practices
• Help embed a strong DevSecOps culture across the organisation

3. Shift-Left Security

• Champion and implement early-stage security (shift-left)
• Evolve and govern early security practices
• Maximise automation of security controls and tests
• Design and deploy fast, reliable security test suites
• Integrate SAST, DAST, and SCA into CI / CD pipelines with optimised response times
• Enable parallel testing strategies and real-time feedback loops

4. End-to-End Security Involvement

• Cover the full value chain : development, deployment, production, monitoring
• Ensure consistency of DevSecOps practices across teams
• Maintain a holistic view of risks and opportunities
• Design resilient systems with clear separation of duties and isolation of critical components
• Document data flows and model attack surfaces

5. Automation & Tooling

• Automate security testing and code analysis
• Deploy and configure static / dynamic analysis tools
• Implement automated rollback mechanisms and multi-level validations
• Build custom automation tools as needed
• Ensure version control across code, infrastructure, security configs, and policies
• Implement Infrastructure as Code (IaC) with built-in security checks
• Manage secrets and certificates via dedicated tools (e.g. Vault)

7. Governance & Compliance

• Conduct regular security audits
• Ensure adherence to relevant standards and compliance frameworks
• Maintain an up-to-date application and risk mapping
• Help define and implement security policies
• Deploy and manage security monitoring tools
• Actively participate in security incident response
• Automate anomaly detection and incident response
• Implement real-time dashboards and smart alerting / escalation mechanisms
• Stay current with DevSecOps trends and technologies
• Evaluate and adopt emerging practices
• Promote controlled experimentation and innovation
• Share best practices and lessons learned across the community
• Who You Are
• 7+ years in software engineering and / or operations
• Solid development background (Dev or DevOps profile)
• Strong hands-on experience in application and infrastructure security
• Understanding of Cloud-based production environments
• Experience with Security Operations (SOC) is a plus

Technical Skills :

• Infrastructure as Code : Terraform, Ansible
• Scripting : Python, Bash, PowerShell
• Application Security : OWASP, secure coding practices
• Security Tools : SAST, DAST, SCA, vulnerability scanning

Security Expertise :

• Knowledge of security protocols and cryptography
• Familiarity with compliance frameworks and standards
• Experience using vulnerability scanning and mitigation tools
• Strong infrastructure security practices

What You Bring

• Strong mentoring, influence, and support skills
• Excellent communicator - able to explain technical risks and concepts clearly
• Proven technical leadership and change management skills
• High autonomy and a proactive, solutions-focused mindset
• 360° vision - ability to balance security, business, and tech needs
• Adaptable and comfortable in a transforming environment

Why Join Wakam?

At Wakam, we're on a mission to reinvent insurance with tech, transparency, and purpose. You'll join a bold, international company where experimentation is encouraged, ideas are valued, and personal growth is supported.

• Be at the heart of tech-led transformation
• Collaborate with passionate experts across disciplines
• Enjoy a culture that promotes ownership, agility, and innovation
• Benefit from flexible working arrangements - hybrid or fully remote within the UK

Hiring Process

We aim to keep the process transparent, engaging, and efficient. Here's what to expect :

• Interview with Tallent Acquisition Partner
• Technical interview with Hiring Manager
• Team interview Case study
• Final Interview with VP & HR Business Partner

Recruitment Agencies :

Wakam has an in-house recruitment team , which focuses on sourcing great candidates directly. Wakam does not accept unsolicited resumes from agency or search firm recruiters .

Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired. When we do use agencies, we have a PSL in place, so please do not contact our managers directly .

More About Us

Check out our website to learn about the 11 cultural markers that make Wakam truly special! If you're adventurous, impact-driven, and ready to shape the future of insurance, we'd love to meet you!

What Makes Us Unique :

• True remote work flexibility with our Wakam From Anywhere (WFA) program - yes, we even have a teammate working from a sailboat!
• Flat hierarchical system promoting direct impact and autonomy
• Monthly Free.day : dedicated time for personal growth and skills development
• Lunch voucher with Swile card
• A meaningful company : we became a Mission-driven company in March 2021
• Work alongside passionate experts : who will share their knowledge and help you develop and grow in your career.

At Wakam, our "Free to Impact" culture is built on four essential pillars that shape everything we do :

Communication & Knowledge Management

• Foster transparent collaboration across our flat organizational structure
• Share knowledge freely in our highly collaborative environment
• Contribute to our collective intelligence through open dialogue
• Embrace our monthly Free.day for learning and skills sponsorship
• Think big and challenge conventional insurance norms
• Stay eager to learn and explore new possibilities
• Take initiative to transform the insurance industry
• Turn challenges into opportunities for innovation
• Constantly evolve our ways of working

Outcome Oriented

• Focus on impact rather than hierarchy
• Drive results through clear objectives and autonomy
• Transform bold ideas into concrete solutions

At Wakam, we are committed to fostering an inclusive environment where diversity is celebrated. If you require any reasonable adjustments during the recruitment process, please feel free to reach out to your recruiter.