DevX Build Pipeline Engineer DevOps Engineer CGEMJP

Role

Title:

DevX Build Pipeline Engineer

Duration: contract to run until 30/11/2026

Location: Sheffield. Hybrid, 3 days per week onsite

Rate: up to £529 p/d Umbrella inside IR35

Own and evolve our Jenkins Shared Library powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.

• Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).
• Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (Sonar Qube, Sonatype IQ, SAST/Container).
• Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).
• Ensure artifact integrity (correct SHA1/SHA
  256 mapping, reproducible inputs, evidence modelling).
• Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).
• Document ci-config.yaml standards and usage patterns.
• Mentor engineers on secure pipeline development and supply-chain practices. Troubleshoot and prevent pipeline incidents.

• 7+ years engineering; 3+ in CI/CD platform or Dev Sec Ops .
• Strong Jenkins + Groovy shared library expertise.
• Advanced Python automation (JSON/YAML processing, tooling scripts).
• Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.
• Supply-chain security (SLSA, Cyclone
  
  DX SBOM, digests).
• Experience with Sonar Qube, Sonatype IQ, container and SAST scanning.
• Proven performance tuning (caching, parallelization, dependency pruning). Compliance Awareness.

• Artifact signing / attestations (cosign, OCI).
• Terraform module and Helm chart publishing patterns.
• Git Ops or release automation experience.
• GCP/AWS cloud experience

• Precise communicator documentation discipline.
• Ownership mindset, able to operate with minimal supervision.