🧰Who are we?

Wakam is a B2B2C insurance company that creates white-label insurance solutions via its Play&Plug® technology platform for more than 80 partners. We provide most of our insurance products through API, and hosts white label insurance solutions via our Play&Plug technology platform.

With a footprint spanning 32 countries and revenue of more than €900 million in 2023, mostly generated outside France, Wakam is the European leader in digital and embedded insurance.

Strongly committed to social responsibility, Wakam is a mission-driven company dedicated to “enabling transparent and impactful insurance".

🚀 About the Team

Join the Digital Office at Wakam and help revolutionize the insurance industry through innovation and technology.

We are a center of expertise where cutting-edge tools meet strategic thinking. Our teams design, develop, and optimize robust digital solutions that improve efficiency and user experience — all within an Agile, collaborative, and fast-paced environment.

Stratégie & Roadmap DevSecOps

Réaliser un assessment de la situation actuelle et définir une roadmap DevSecOps claire, en coordination avec le comité d'architecture
Prioriser les actions selon une approche risque globale — pas uniquement sécurité — adaptée au contexte de Wakam
Définir les métriques de performance et de fiabilité des processus de sécurité

Support & Accompagnement des Équipes

Accompagner et supporter les équipes de développement et d'opérations sur les sujets sécurité au quotidien
Mettre en perspective les risques business et techniques pour faciliter la prise de décision
Former et sensibiliser les équipes aux bonnes pratiques de sécurité (secure coding, threat modeling, etc.)
Développer une culture DevSecOps durable au sein de l'organisation

Shift-Left Security

Intégrer les tests SAST, DAST, SCA directement dans les pipelines CI/CD avec des temps de réponse optimisés
Concevoir et déployer des suites de tests de sécurité rapides, fiables et en parallèle, avec feedback immédiat pour les développeurs
Documenter les flux de données et modéliser les surfaces d'attaque dès la phase de conception

Automatisation & Outillage

Déployer et configurer les outils d'analyse statique et dynamique (SonarQube, Trivy, Snyk, OWASP ZAP, etc.)
Orchestrer les déploiements sécurisés via les pipelines CI/CD, avec mécanismes de rollback automatique et validation multi-niveaux
Développer des outils d'automatisation sur mesure lorsque les solutions du marché ne couvrent pas les besoins

Gestion de Version & Configuration

Implémenter l'Infrastructure as Code (IaC) avec contrôles de sécurité intégrés (Terraform, Ansible)
Assurer le versioning intégral : code, infrastructure, configurations et politiques de sécurité
Gérer les secrets et certificats via des solutions dédiées (HashiCorp Vault ou équivalent)

Supervision & Gestion des Incidents

Déployer et maintenir les outils de supervision de la sécurité (SIEM, alerting, monitoring)
Automatiser la détection d'anomalies et la réponse aux incidents (SOAR, runbooks automatisés)
Participer activement à la gestion et à la résolution des incidents de sécurité

Support à l'Administration de l'Environnement de Travail

Apporter un support technique à l'équipe en charge de l'environnement bureautique (Microsoft 365, Exchange Online, SharePoint) sur les sujets de sécurité et de monitoring
Contribuer à l'intégration des outils collaboratifs dans les politiques de sécurité globales (authentification, accès conditionnels, DLP, alertes SIEM)
Faciliter l'automatisation des tâches d'administration récurrentes et la mise en place d'alertes sur les comportements anormaux

Veille & Amélioration Continue

Animer une veille active sur les évolutions DevSecOps, les nouvelles menaces et les pratiques émergentes
Évaluer et intégrer les nouvelles technologies pertinentes pour l'environnement Wakam
Partager les bonnes pratiques et retours d'expérience en interne et au sein de la communauté DevSecOps

✨ Who You Are

7+ years in software engineering and/or operations
Solid development background (Dev or DevOps profile)
Strong hands-on experience in application and infrastructure security
Understanding of Cloud-based production environments
Experience with Security Operations (SOC) is a plus

Technical Skills:

DevOps & Automation: CI/CD (Azure DevOps, GitHub Actions)
Containers: Docker, Kubernetes
Infrastructure as Code: Terraform, Ansible
Cloud Platforms: Azure, AWS
Scripting: Python, Bash, PowerShell
Application Security: OWASP, secure coding practices
Security Tools: SAST, DAST, SCA, vulnerability scanning

Security Expertise:

Knowledge of security protocols and cryptography
Familiarity with compliance frameworks and standards
Experience using vulnerability scanning and mitigation tools
Strong infrastructure security practices

🧠 What You Bring

Strong mentoring, influence, and support skills
Excellent communicator — able to explain technical risks and concepts clearly
Proven technical leadership and change management skills
High autonomy and a proactive, solutions-focused mindset
360° vision — ability to balance security, business, and tech needs
Adaptable and comfortable in a transforming environment

🌟 Why Join Wakam?

At Wakam, we’re on a mission to reinvent insurance with tech, transparency, and purpose. You’ll join a bold, international company where experimentation is encouraged, ideas are valued, and personal growth is supported.

Be at the heart of tech-led transformation
Collaborate with passionate experts across disciplines
Enjoy a culture that promotes ownership, agility, and innovation
Benefit from flexible working arrangements — hybrid or fully remote within the UK

🏆 Hiring Process

We aim to keep the process transparent, engaging, and efficient. Here’s what to expect:

Interview with Tallent Acquisition Partner
Manager Interview with our Head Of Information Security
Case Study with the Digital Team
Chief interview with our Chief Technology Officer
HR BP Interview
Final Interview with VP

AI-Assisted Interview Process Policy | Notion

More About Us

Check out our website to learn about the 11 cultural markers that make Wakam truly special! If you're adventurous, impact-driven, and ready to shape the future of insurance, we'd love to meet you!

💫 What Makes Us Unique:

• True remote work flexibility with our Wakam From Anywhere (WFA) program - yes, we even have a teammate working from a sailboat! ⛵

• Flat hierarchical system promoting direct impact and autonomy 🚀

• Monthly Free.day: dedicated time for personal growth and skills development 📚

• Lunch voucher with Swile card

• A meaningful company: we became a Mission-driven company in March 2021

• Work alongside passionate experts: who will share their knowledge and help you develop and grow in your career.

At Wakam, our "Free to Impact" culture is built on four essential pillars that shape everything we do :

🗣️ Communication & Knowledge Management

• Foster transparent collaboration across our flat organizational structure

• Share knowledge freely in our highly collaborative environment

• Contribute to our collective intelligence through open dialogue

🔍 Curiosity

• Embrace our monthly Free.day for learning and skills sponsorship

• Think big and challenge conventional insurance norms

• Stay eager to learn and explore new possibilities

🔄 Continuous Improvement

• Take initiative to transform the insurance industry

• Turn challenges into opportunities for innovation

• Constantly evolve our ways of working

🎯 Outcome Oriented

• Focus on impact rather than hierarchy

• Drive results through clear objectives and autonomy

• Transform bold ideas into concrete solutions

At Wakam, we are committed to fostering an inclusive environment where diversity is celebrated. If you require any reasonable adjustments during the recruitment process, please feel free to reach out to your recruiter.

DevSecOps

Le poste