Experience with relevant Kubernetes, GCP, Python, and Jenkins/Tekton
Responsibilities:
* Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
* Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,
* Optimize performance.
* Ensure artifact integrity.
* Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
* Document ci-config.yaml standards and usage patterns.
* Mentor engineers on secure pipeline development and supply-chain practices.
* Troubleshoot and prevent pipeline incidents.
Essential Skills: -
* 5+ years of engineering.
* Strong Jenkins + Groovy shared library expertise.
* Advanced Python automation (JSON/YAML processing, tooling scripts).
* Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.
* Supply-chain security (SLSA, CycloneDX SBOM, digests).
* Experience with SonarQube, Sonatype IQ, containers, and SAST scanning.
* Proven performance tuning (caching, parallelization, dependency pruning).