CyberSecurity Engineer, DevSecOps

About the Team

Join the Digital Office at Wakam and help transform the insurance industry through innovation and technology.

We are a center of expertise where cutting-edge tools meet strategic thinking. Our teams design, develop, and optimize robust digital solutions that improve efficiency, resilience, security, and user experience - all within an Agile, collaborative, and fast-paced environment.

Your Mission

As a DevSecOps expert, your mission will be to strengthen Wakam's security posture by embedding security into our development, infrastructure, and operations practices.

You will work closely with development, operations, architecture, workplace, and security teams to define a clear DevSecOps roadmap, implement the right tools and practices, and help teams build and operate secure systems at scale.

Your Responsibilities

DevSecOps Strategy & Roadmap

• Assess the current DevSecOps maturity and define a clear roadmap in coordination with the Architecture Committee.
• Prioritize actions using a global risk-based approach - not only security risk - adapted to Wakam's context.
• Define performance and reliability metrics for security processes.

Team Support & Enablement

• Support development and operations teams on day-to-day security topics.
• Put business and technical risks into perspective to help teams make informed decisions.
• Train and raise awareness among teams on security best practices, including bsecure codingb, bthreat modelingb, and related practices.
• Help build a sustainable DevSecOps culture across the organization.

Shift-Left Security

• Integrate bsSAST, DAST, and SCAb tests directly into CI/CD pipelines with optimized response times.
• Design and deploy fast, reliable, parallelized security test suites with immediate feedback for developers.
• Document data flows and model attack surfaces from the design phase.

Automation & Tooling

• Deploy and configure static and dynamic analysis tools such as bSonarQube, Trivy, Snyk, OWASP ZAPb, and similar solutions.
• Orchestrate secure deployments through CI/CD pipelines, including automatic rollback mechanisms and multi-level validation.
• Develop custom automation tools when market solutions do not fully meet Wakam's needs.

Versioning & Configuration Management

• Implement bInfrastructure as Code (IaC)b with embedded security controls using tools such as bTerraformb and bAnsibleb.
• Ensure full versioning of code, infrastructure, configurations, and security policies.
• Manage secrets and certificates through dedicated solutions such as bHashiCorp Vaultb or equivalent tools.

Monitoring & Incident Management

• Deploy and maintain security monitoring tools, including bSIEMb, alerting, and monitoring solutions.
• Automate anomaly detection and incident response through bSOARb and automated runbooks.
• Actively contribute to the management and resolution of security incidents.

Workplace Environment Security Support

• Provide technical support to the team managing the workplace environment, including bMicrosoft 365, Exchange Online, and SharePointb, on security and monitoring topics.
• Contribute to integrating collaborative tools into global security policies, including authentication, conditional access, DLP, and SIEM alerts.
• Help automate recurring administration tasks and implement alerts for abnormal behaviours.

Technology Watch & Continuous Improvement

• Maintain active monitoring of DevSecOps trends, new threats, and emerging practices.
• Evaluate and integrate relevant technologies for Wakam's environment.
• Share best practices and lessons learned internally and within the DevSecOps community.

Who You Are

• b7+ years of experienceb in software engineering and/or operations.
• A solid development background, either as a bDeveloperb or bDevOpsb profile.
• Strong hands‑on experience in bapplication securityb and binfra­structure securityb.
• A good understanding of bcloud-based production environmentsb.
• Experience with bSecurity Operations / SOCb is a plus.

Technical Skills

• bDevOps & Automationb: CI/CD, Azure DevOps, GitHub Actions
• bContainersb: Docker, Kubernetes
• bInfrastructure as Codeb: Terraform, Ansible
• bCloud Platformsb: Azure, AWS
• bScriptingb: Python, Bash, PowerShell
• bApplication Securityb: OWASP, secure coding practices
• bSecurity Toolsb: SAST, DAST, SCA, vulnerability scanning

Security Expertise

• Knowledge of security protocols and cryptography.
• Familiarity with compliance frameworks and standards.
• Experience using vulnerability scanning and mitigation tools.
• Strong infrastructure security practices.

What You Bring

• Strong mentoring, influence, and support skills.
• Excellent communication skills, with the ability to explain technical risks and concepts clearly.
• Proven technical leadership and change management capabilities.
• High autonomy and a proactive, solution‑focused mindset.
• A 360° vision, with the ability to balance security, business, and technology needs.
• Adaptability and comfort working in a transforming environment.

Benefits

• Being at the heart of tech‑led transformation.
• Collaborating with passionate experts across disciplines.
• Joining a culture that promotes ownership, agility, and innovation.
• Benefiting from flexible working arrangements – hybrid or fully remote within the UK.

At Wakam, we are committed to fostering an inclusive environment where diversity is celebrated. If you require any reasonable adjustments during the recruitment process, please feel free to reach out to your recruiter.