Senior DevSecOps Engineer

Senior DevSecOps Engineer (CI/CD & Supply Chain Security) £500 - £525 pd, Inside IR35 12 month contract UK, ASAP start A leading consultancy is seeking a Senior DevSecOps Engineer to join their platform engineering team for a 12 month engagement. This role offers the chance to own a critical CI/CD platform, shape modern supply chain security practices and tackle high-impact performance and security challenges at scale. The Role You will own and evolve the Jenkins Shared Library powering multi-language pipelines (Java, Node, Python, Terraform, Helm, containers). You will design high-performance, secure pipelines and embed best-in-class software supply chain practices (SLSA, SBOMs, provenance) across teams. Key Responsibilities • Develop and maintain Jenkins pipeline steps in Groovy • Build pipelines for build, test, security scanning, packaging and deployment • Extend Python tooling for SBOMs, provenance and scan aggregation • Optimise pipelines with caching, parallel execution and dependency prefetching • Ensure artifact integrity with digests, reproducibility and traceability • Refactor legacy scripts and enforce standard CI patterns • Support teams on secure pipelines and troubleshoot failures Essential Skills & Experience • 7+ years software engineering (3+ in CI/CD / DevSecOps) • Jenkins Shared Library + Groovy pipelines • Python automation (JSON/YAML, tooling scripts) • Build ecosystems: Maven, NPM, Python; Helm/Terraform familiarity • Supply chain security: SLSA, SBOMs, artifact digests • Security tooling: SonarQube, Sonatype IQ, SAST, container scans • CI/CD performance tuning and troubleshooting • Security and compliance best practices Desirable Skills Artifact signing (Cosign/OCI), GitOps/release automation, AWS/GCP experience