Salary: £60,000 - 90,000 per year Requirements: We require 7 years of engineering experience, including at least 3 years in a CI/CD platform or DevSecOps role. We require strong Jenkins and Groovy shared library expertise. We require advanced Python automation skills, including JSON and YAML processing and scripting. We require deep knowledge of Maven, NPM, and Python packaging, with exposure to Helm, Terraform, and container image metadata. We require experience with supply-chain security concepts such as SLSA, CycloneDX SBOM, and digests. We require experience with SonarQube, Sonatype IQ, and container and SAST scanning. We require proven performance tuning experience, including caching, parallelization, and dependency pruning. We require compliance awareness. We would value experience with artifact signing and attestations such as cosign and OCI. We would value experience publishing Terraform modules and Helm charts. We would value GitOps or release automation experience. We would value cloud experience with GCP or AWS. We require precise communication, strong documentation discipline, and an ownership mindset with the ability to work with minimal supervision. Responsibilities: We will expect you to own and evolve our Jenkins Shared Library supporting multi-language builds across Java/Maven, Node/NPM, Python, Helm, Terraform, and containers. We will expect you to design and maintain Groovy pipeline steps for build, test, package, scan, and deploy. We will expect you to extend Python tooling for SLSA provenance, SBOM generation, hash and digest accuracy, and security scan aggregation. We will expect you to optimize pipeline performance through parallel builds, caching, scope-reduced BOMs, and dependency prefetch. We will expect you to ensure artifact integrity through correct SHA1 and SHA256 mapping, reproducible inputs, and evidence modelling. We will expect you to refactor legacy scripts by removing global state, consolidating hashing, and standardizing templates. We will expect you to document ci-config.yaml standards and usage patterns. We will expect you to mentor engineers on secure pipeline development and supply-chain practices. We will expect you to troubleshoot and help prevent pipeline incidents. Technologies: AWS CI/CD Cloud DevSecOps GCP GitOps Groovy Helm JSON Java Jenkins Maven NPM Python Security Terraform NodeJS DevOps More: We are offering a contract role running until 30/11/2026 in Sheffield, with a hybrid working pattern of 3 days per week onsite. This role sits inside IR35 with a rate of up to £529 per day via umbrella. We are looking for someone to strengthen our build and deployment capability, improve supply-chain integrity, and help deliver fast, secure, provenance-rich pipelines across our teams. All profiles will be reviewed against the required skills and experience, and due to the high volume of applications we will only be able to respond to successful applicants in the first instance. last updated 22 week of 2026