Your responsibilities:
1.Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
2.Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,
3.SAST/Container).
4.Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
5.Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).
6.Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
7.Document ci-config.yaml standards and usage patterns.
8.Mentor engineers on secure pipeline development and supply-chain practices.
9.Troubleshoot and prevent pipeline incidents.
Your Profile
Essential skills/knowledge/experience:
1.7+ years engineering; 3+ in CI/CD platform or DevSecOps.
2.Strong Jenkins + Groovy shared library expertise.
3.Advanced Python automation (JSON/YAML processing, tooling scripts).
4.Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.
5.Supply-chain security (SLSA, CycloneDX SBOM, digests).
6.Experience with SonarQube, Sonatype IQ, container and SAST scanning.
7.Proven performance tuning (caching, parallelization, dependency pruning).
8.Compliance Awareness.
Desirable skills/knowledge/experience:
1.Artifact signing / attestations (cosign, OCI).
2.Terraform module and Helm chart publishing patterns.
3.GitOps or release automation experience.
4.GCP/AWS cloud experience