Job Description
Role Title: DevX Build Pipeline Engineer
Duration: contract to run until 30/11/2026
Location: Sheffield. Hybrid, 3 days per week onsite
Rate: up to £529 p/d Umbrella inside IR35
Role purpose / summary
Own and evolve our Jenkins Shared Library powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.
Core Responsibilities:
Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container).
Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modelling).
Refactor legacy scripts (remove globa...
Duration: contract to run until 30/11/2026
Location: Sheffield. Hybrid, 3 days per week onsite
Rate: up to £529 p/d Umbrella inside IR35
Role purpose / summary
Own and evolve our Jenkins Shared Library powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.
Core Responsibilities:
Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container).
Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modelling).
Refactor legacy scripts (remove globa...
Apply for This Position
Ready to take the next step? Click the button below to submit your application.
Submit Application