Summary: The DevOps Engineer role focuses on enhancing a Jenkins Shared Library to support multi-language builds and ensure secure, efficient CI/CD pipelines. The position involves designing Groovy pipeline steps, optimizing performance, and mentoring engineers on secure development practices. The engineer will also be responsible for maintaining artifact integrity and troubleshooting pipeline incidents. This role requires extensive experience in engineering, particularly in CI/CD platforms and DevSecOps.
Key Responsibilities:
- Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
- Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation.
- Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
- Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).
- Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
- Document ci-config.yaml standards and usage patterns.
- Mentor engineers on secure pipeline development and supply-chain practices.
- Troubleshoot and prevent pipeline incidents.
Key Skills:
- 7+ years engineering; 3+ in CI/CD platform or DevSecOps.
- Strong Jenkins + Groovy shared library expertise.
- Advanced Python automation (JSON/YAML processing, tooling scripts).
- Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.
- Supply-chain security (SLSA, CycloneDX SBOM, digests).
- Experience with SonarQube, Sonatype IQ, container and SAST scanning.
- Proven performance tuning (caching, parallelization, dependency pruning).
- Compliance Awareness.
Salary (Rate): undetermined
City: Sheffield
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
The Role Own and evolve our Jenkins Shared Library powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams. Your responsibilities:-
- 1. Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
- 2. Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, 3. SAST/Container).
- 4. Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
- 5. Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).
- 6. Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
- 7. Document ci-config.yaml standards and usage patterns.
- 8. Mentor engineers on secure pipeline development and supply-chain practices.
- 9. Troubleshoot and prevent pipeline incidents.
Essential skills/knowledge/experience:-
- 1. 7+ years engineering; 3+ in CI/CD platform or DevSecOps.
- 2. Strong Jenkins + Groovy shared library expertise.
- 3. Advanced Python automation (JSON/YAML processing, tooling scripts).
- 4. Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.
- 5. Supply-chain security (SLSA, CycloneDX SBOM, digests).
- 6. Experience with SonarQube, Sonatype IQ, container and SAST scanning.
- 7. Proven performance tuning (caching, parallelization, dependency pruning).
- 8. Compliance Awareness.
Desirable skills/knowledge/experience:-
- 1. Artifact signing / attestations (cosign, OCI).
- 2. Terraform module and Helm chart publishing patterns.
- 3. GitOps or release automation experience.
- 4. GCP/AWS cloud experience.
