Job Description
Devops Engineer- Contract inside ir35- Hybrid
Core Responsibilities:
* Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
* Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container).
* Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
* Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).
* Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
* Document ci-config.yaml standards and usage patterns.
* Mentor engineers on secure pipeline developme
Essential Skills: -
* 7+ years engineering; 3+ in CI/CD platform or DevSecOps.
* Strong Jenkins + Groovy shared library expertise.
* Advanced Python automation (JSON/YAML processing, tooling scripts).
Core Responsibilities:
* Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
* Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container).
* Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
* Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).
* Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
* Document ci-config.yaml standards and usage patterns.
* Mentor engineers on secure pipeline developme
Essential Skills: -
* 7+ years engineering; 3+ in CI/CD platform or DevSecOps.
* Strong Jenkins + Groovy shared library expertise.
* Advanced Python automation (JSON/YAML processing, tooling scripts).
Apply for this Position
Ready to join Vallum Associates ? Click the button below to submit your application.
Submit Application