Senior DevSecOps Engineer – CI/CD and Cloud Security

• 5+ years of engineering experience with CI/CD platforms and DevSecOps.
• Strong expertise in Jenkins and Groovy shared libraries.
• Advanced Python automation skills (JSON/YAML processing, scripting).
• Deep knowledge of Maven, NPM, Python packaging, with exposure to Helm, Terraform, and container image metadata.
• Solid understanding of supply-chain security (SLSA, CycloneDX SBOM, digests).
• Experience with SonarQube, Sonatype IQ, container and SAST scanning.
• Proven track record in performance tuning (caching, parallelization, dependency pruning).
• Awareness of compliance standards in security and software supply chain.

Nice to have:

• Experience with artifact signing and attestations (cosign, OCI).
• Patterns for publishing Terraform modules and Helm charts.
• GitOps or release automation expertise.
• Cloud experience with GCP or AWS.

• Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
• Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container).
• Optimize pipeline performance through parallel builds, caching, scope-reduced BOMs, and dependency prefetch.
• Ensure artifact integrity with correct SHA1/SHA256 mapping, reproducible inputs, and evidence modeling.
• Refactor legacy scripts to improve reliability and standardization.
• Document ci-config.yaml standards and usage patterns.
• Mentor engineers on secure pipeline development and supply-chain security practices.
• Troubleshoot and prevent pipeline incidents to maintain smooth delivery.

Only candidates with an existing legal right to work in the European Union will be considered for this role.