Synechron
Synechron
New

DevSecOps Engineer

Brak informacji o wynagrodzeniu
MidFull-time
#389018·Dodano 2 dni temu·5
Źródło: nofluffjobs.com
Aplikuj teraz

Tech Stack / Keywords

PythonJenkinsGroovyCI/CDMavenSonarQubeCosingOCITerraformHelmGitOpsGCPAWS

Firma i stanowisko

At Synechron, the company operates as a global consulting firm combining creativity and innovative technology to deliver industry-leading digital solutions. They specialize in Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, serving financial services and technology firms. Synechron has over 14,000 employees across 55 offices in 20 countries and has active research and development in areas including Artificial Intelligence, Blockchain, Data Science models, and mobile-first applications.

Wymagania

  • 7+ years of engineering experience including 3+ years in CI/CD platform or DevSecOps.
  • Strong expertise in Jenkins and Groovy shared libraries.
  • Advanced Python automation skills including JSON/YAML processing and tooling scripts.
  • Deep knowledge of Maven, NPM, and Python packaging; experience with Helm, Terraform, and container image metadata.
  • Understanding of supply-chain security concepts like SLSA, CycloneDX SBOM, and digests.
  • Experience with SonarQube, Sonatype IQ, container and SAST scanning.
  • Proven performance tuning skills including caching, parallelization, and dependency pruning.
  • Awareness of compliance requirements.

Obowiązki

  • Design and maintain Groovy pipeline steps for build, test, package, scan, and deploy.
  • Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation using tools like SonarQube, Sonatype IQ, and SAST/Container scanning.
  • Optimize performance with parallel builds, caching, scope-reduced BOMs, and dependency prefetch.
  • Ensure artifact integrity including correct SHA1/SHA256 mapping, reproducible inputs, and evidence modeling.
  • Refactor legacy scripts by removing global state, consolidating hashing, and standardizing templates.
  • Document ci-config.yaml standards and usage patterns.
  • Mentor engineers on secure pipeline development and supply-chain practices.
  • Troubleshoot and prevent pipeline incidents.
Synechron

Synechron

4 aktywne oferty

Zobacz wszystkie oferty
Aplikuj teraz