Developer-SecOps

Wakam Logo

Wakam

πŸ“Remote - France

Summary

Join Wakam's Digital Office and help revolutionize the insurance industry. As a DevSecOps, you will lead and implement a DevSecOps approach across all teams, raising security maturity levels. Key responsibilities include conducting security assessments, defining a DevSecOps roadmap, enabling development teams, implementing shift-left security, ensuring end-to-end security involvement, automating security testing, managing version control, ensuring compliance, monitoring and responding to incidents, and driving continuous improvement. The ideal candidate possesses 7+ years of experience in software engineering or operations, a strong development background, and extensive hands-on experience in application and infrastructure security. Technical skills in DevOps, containers, IaC, cloud platforms, scripting, and application security are essential. Wakam offers a unique work environment with flexible working arrangements, a flat hierarchical system, monthly Free.day for personal growth, and a focus on a meaningful mission.

Requirements

  • 7+ years in software engineering and/or operations
  • Solid development background (Dev or DevOps profile)
  • Strong hands-on experience in application and infrastructure security
  • Understanding of Cloud-based production environments
  • DevOps & Automation : CI/CD (Azure DevOps, GitHub Actions)
  • Containers : Docker, Kubernetes
  • Infrastructure as Code : Terraform, Ansible
  • Cloud Platforms : Azure, AWS
  • Scripting : Python, Bash, PowerShell
  • Application Security : OWASP, secure coding practices
  • Security Tools : SAST, DAST, SCA, vulnerability scanning
  • Knowledge of security protocols and cryptography
  • Familiarity with compliance frameworks and standards
  • Experience using vulnerability scanning and mitigation tools
  • Strong infrastructure security practices

Responsibilities

  • Conduct a full assessment of Wakam's current security posture
  • Define a clear target state and DevSecOps roadmap with the architecture committee and lead its implementation
  • Prioritise initiatives using a risk-based approach tailored to our business context
  • Evaluate and optimise current architectures using secure, modular design principles
  • Define performance and reliability metrics for security testing
  • Support and guide development and operations teams
  • Align technical risks with business impacts
  • Train and raise awareness on secure development best practices
  • Help embed a strong DevSecOps culture across the organisation
  • Champion and implement early-stage security (shift-left)
  • Evolve and govern early security practices
  • Maximise automation of security controls and tests
  • Design and deploy fast, reliable security test suites
  • Integrate SAST, DAST, and SCA into CI/CD pipelines with optimised response times
  • Enable parallel testing strategies and real-time feedback loops
  • Cover the full value chain: development, deployment, production, monitoring
  • Ensure consistency of DevSecOps practices across teams
  • Maintain a holistic view of risks and opportunities
  • Promote modular, secure architectures (e.g. API Gateway, Zero Trust)
  • Design resilient systems with clear separation of duties and isolation of critical components
  • Document data flows and model attack surfaces
  • Automate security testing and code analysis
  • Deploy and configure static/dynamic analysis tools
  • Implement automated rollback mechanisms and multi-level validations
  • Orchestrate secure deployments
  • Build custom automation tools as needed
  • Ensure version control across code, infrastructure, security configs, and policies
  • Implement Infrastructure as Code (IaC) with built-in security checks
  • Manage secrets and certificates via dedicated tools (e.g. Vault)
  • Conduct regular security audits
  • Ensure adherence to relevant standards and compliance frameworks
  • Maintain an up-to-date application and risk mapping
  • Help define and implement security policies
  • Deploy and manage security monitoring tools
  • Actively participate in security incident response
  • Automate anomaly detection and incident response
  • Implement real-time dashboards and smart alerting/escalation mechanisms
  • Stay current with DevSecOps trends and technologies
  • Evaluate and adopt emerging practices
  • Promote controlled experimentation and innovation
  • Share best practices and lessons learned across the community

Preferred Qualifications

  • Experience with Security Operations (SOC)
  • Strong mentoring, influence, and support skills
  • Excellent communicator β€” able to explain technical risks and concepts clearly
  • Proven technical leadership and change management skills
  • High autonomy and a proactive, solutions-focused mindset
  • 360Β° vision β€” ability to balance security, business, and tech needs
  • Adaptable and comfortable in a transforming environment

Benefits

  • Flexible working arrangements β€” hybrid or fully remote within the UK
  • True remote work flexibility with our Wakam From Anywhere (WFA) program
  • Flat hierarchical system promoting direct impact and autonomy
  • Monthly Free.day: dedicated time for personal growth and skills development
  • Lunch voucher with Swile card

Remote

DevOps

Mid-level

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.