CyberSecurity Engineer, DevSecOps

Join the Digital Office at Wakam and help transform the insurance industry through innovation and technology.

We are a center of expertise where cutting-edge tools meet strategic thinking. Our teams design, develop, and optimize robust digital solutions that improve efficiency, resilience, security, and user experience — all within an Agile, collaborative, and fast-paced environment .

As a DevSecOps expert , your mission will be to strengthen Wakam’s security posture by embedding security into our development, infrastructure, and operations practices.

You will work closely with development, operations, architecture, workplace, and security teams to define a clear DevSecOps roadmap, implement the right tools and practices, and help teams build and operate secure systems at scale.

You will:

• Assess the current DevSecOps maturity and define a clear roadmap in coordination with the Architecture Committee.
• Prioritize actions using a global risk-based approach — not only security risk — adapted to Wakam’s context.
• Define performance and reliability metrics for security processes.

Team Support & Enablement

You will:

• Support development and operations teams on day-to-day security topics.
• Put business and technical risks into perspective to help teams make informed decisions.
• Train and raise awareness among teams on security best practices, including secure coding , threat modeling , and related practices.
• Help build a sustainable DevSecOps culture across the organization.

Shift-Left Security

You will:

• Integrate SAST, DAST, and SCA tests directly into CI/CD pipelines with optimized response times.
• Design and deploy fast, reliable, parallelized security test suites with immediate feedback for developers.
• Document data flows and model attack surfaces from the design phase.

Automation & Tooling

You will:

• Deploy and configure static and dynamic analysis tools such as SonarQube, Trivy, Snyk, OWASP ZAP , and similar solutions.
• Orchestrate secure deployments through CI/CD pipelines, including automatic rollback mechanisms and multi-level validation.
• Develop custom automation tools when market solutions do not fully meet Wakam’s needs.

You will:

• Implement Infrastructure as Code (IaC) with embedded security controls using tools such as Terraform and Ansible .
• Ensure full versioning of code, infrastructure, configurations, and security policies.
• Manage secrets and certificates through dedicated solutions such as HashiCorp Vault or equivalent tools.

You will:

• Deploy and maintain security monitoring tools, including SIEM , alerting, and monitoring solutions.
• Automate anomaly detection and incident response through SOAR and automated runbooks.
• Actively contribute to the management and resolution of security incidents.

Workplace Environment Security Support

You will:

• Provide technical support to the team managing the workplace environment, including Microsoft 365, Exchange Online, and SharePoint , on security and monitoring topics.
• Contribute to integrating collaborative tools into global security policies, including authentication, conditional access, DLP, and SIEM alerts.
• Help automate recurring administration tasks and implement alerts for abnormal behaviours.

Technology Watch & Continuous Improvement

You will:

• Maintain active monitoring of DevSecOps trends, new threats, and emerging practices.
• Evaluate and integrate relevant technologies for Wakam’s environment.
• Share best practices and lessons learned internally and within the DevSecOps community.

You bring

• 7+ years of experience in software engineering and/or operations.
• A solid development background, either as a Developer or DevOps profile.
• Strong hands-on experience in application security and infrastructure security .
• A good understanding of cloud-based production environments .
• Experience with Security Operations / SOC is a plus.

Technical Skills

You are comfortable with:

• Infrastructure as Code : Terraform, Ansible
• Scripting : Python, Bash, PowerShell
• Application Security : OWASP, secure coding practices
• Security Tools : SAST, DAST, SCA, vulnerability scanning

Security Expertise

You have:

• Knowledge of security protocols and cryptography.
• Familiarity with compliance frameworks and standards.
• Experience using vulnerability scanning and mitigation tools.
• Strong infrastructure security practices.

What You Bring

Beyond your technical skills, you bring:

• Strong mentoring, influence, and support skills.
• Excellent communication skills, with the ability to explain technical risks and concepts clearly.

At Wakam, we’re on a mission to reinvent insurance with technology, transparency, and purpose. You’ll join a bold, international company where experimentation is encouraged, ideas are valued, and personal growth is supported.

Joining Wakam means:

• Being at the heart of tech-led transformation .
• Collaborating with passionate experts across disciplines.
• Joining a culture that promotes ownership, agility, and innovation .
• Benefiting from flexible working arrangements — hybrid or fully remote within the UK .

We aim to keep the process transparent, engaging, and efficient . Here’s what to expect:

• Interview with our Talent Acquisition Partner
• Manager interview with our Head of Information Security

At Wakam, we are committed to fostering an inclusive environment where diversity is celebrated. If you require any reasonable adjustments during the recruitment process, please feel free to reach out to your recruiter.