Job Specifications
Who We Are
Wakam is a B2B2C insurance company that creates white-label insurance solutions via its Play&Plug® technology platform for more than 80 partners. We provide most of our insurance products through APIs, and host white-label insurance solutions via our Play&Plug technology platform.
With a footprint spanning 32 countries, Wakam is the European leader in digital and embedded insurance.
Strongly committed to social responsibility, Wakam is a mission-driven company dedicated to "enabling transparent and impactful insurance."
About the Team
You will join the Digital Office team, at the crossroads of development, security, and operations.
The Digital Office is responsible for building and improving the platform, tools, and practices that enable Wakam's product and tech teams to deliver secure, reliable and scalable digital insurance services.
Within this team, the DevSecOps function focuses on:
Embedding security by design into our development and delivery practices.
Implementing security automation in CI/CD pipelines.
Providing visibility, metrics and tooling so that developers can build and operate secure applications efficiently.
You will work closely with developers, SRE/DevOps engineers, and security stakeholders across the organisation.
Your Mission
As a DevSecOps Intern for 6 months, you will help strengthen Wakam's security posture by bringing security earlier into the software development lifecycle (shift-left) and by automating security controls in our delivery pipelines.
Security Pipeline Development
You will contribute to:
Designing and implementing security features in CI/CD pipelines to enable early security testing and feedback.
Integrating automated security scanning tools (SAST, DAST, SCA, etc.) into development workflows.
Building automated security gates and quality checks to prevent vulnerabilities from reaching production environments.
Shift-Left Security Implementation
Working closely with development teams, you will:
Help introduce and promote security practices early in the development process.
Contribute to developer-friendly security tooling and documentation to support secure coding practices.
Participate in the creation of dashboards and reports for security metrics and application scores, enabling teams to monitor and improve their security posture.
Security Visibility & Monitoring
You will also support:
Implementation of security monitoring and alerting solutions for Wakam's digital applications.
Development of visibility tools for tracking security breaches, vulnerabilities, and remediation progress.
Creation of global dashboards for assessing and comparing security posture across applications.
Collaboration
Throughout your internship, you will:
Collaborate with development, operations, security and platform teams to understand their needs, constraints and pain points.
Contribute to continuous improvement initiatives around developer experience and application security.
What You Bring
You are currently pursuing a degree in Computer Science, Cybersecurity, Engineering, or a related field.
You have basic knowledge of security concepts, such as:
OWASP Top 10
Vulnerability management
Secure coding principles
You are familiar with at least one programming or scripting language (e.g. Python, Bash, Go, or similar).
You demonstrate strong problem-solving skills and can learn new technologies quickly.
You have good communication skills and a collaborative, team-oriented mindset.
Nice to Have
It is a plus if you also have:
Understanding of CI/CD concepts and tools (GitLab CI, GitHub Actions, Azure DevOps, etc.).
Hands-on exposure to security scanning tools (SonarQube, Trivy, Snyk, OWASP ZAP, etc.).
Experience with Git-based workflows and collaborative development (pull/merge requests, code review).
Knowledge of containerization and orchestration (Docker, Kubernetes).
Familiarity with Infrastructure as Code (Terraform, Ansible).
Understanding of cloud platforms (AWS, Azure, GCP) and their security services.
Exposure to monitoring and observability tools (Prometheus, Grafana).
Knowledge of secure coding practices and application security testing.
Previous DevOps, security or automation project experience (personal, academic, or professional).
Who You Are
You will thrive in this role if you:
Are curious and passionate about the intersection of development, security and operations.
Enjoy automating things and improving how teams work, rather than doing repetitive manual tasks.
Are rigorous and detail-oriented, especially when dealing with security-related topics.
Feel comfortable working in an international, fast-paced environment, where priorities can evolve.
Are proactive and resourceful, able to search for solutions, experiment, and share your learnings.
Enjoy collaboration and knowledge-sharing, and can explain technical topics in a clear, structured way.
AI & Digital Mindset
At Wakam, we are digital-native and strongly oriented towards automa