×
Register Here to Apply for Jobs or Post Jobs. X

DevSecOps & Supply Chain Security Consultant

Job in Tewksbury, Middlesex County, Massachusetts, 01876, USA
Listing for: Lorven technologies
Full Time position
Listed on 2026-06-30
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 120000 - 150000 USD Yearly USD 120000.00 150000.00 YEAR
Job Description & How to Apply Below

Hi ,

Job Title:

Dev Sec Ops  & Supply Chain Security Consultant

Location:

Tewksbury, MA 01876 Qualifications & Experience
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, Software Engineering, or a related field with over all 13-14+ years of experience and 7-10 years in Dev Sec Ops , Secure SDLC, CI/CD security, or software supply chain security.
  • Strong experience implementing and assessing Dev Sec Ops  practices
    , secure software delivery pipelines, and secure SDLC methodologies.
  • Hands‑on experience with Software Bill of Materials (SBOM) frameworks such as CycloneDX and SPDX
    , including 2+ years of SBOM analysis and governance.
  • Experience with Software Composition Analysis (SCA) tools such as Snyk, Black Duck, Mend (White Source), Sonatype Nexus IQ
    , or similar.
  • Strong knowledge of CI/CD pipeline security
    , artifact integrity, secure build processes, release governance, and pipeline hardening using tools such as Jenkins, Git Lab CI, Git Hub Actions, or Azure Dev Ops
    .
  • Experience with vulnerability management
    , dependency governance, remediation tracking, and patch management processes.
  • Hands‑on experience implementing and managing secrets management solutions such as Hashi Corp Vault, AWS Secrets Manager, Azure Key Vault
    , or similar.
  • Strong understanding of logging, auditability, security event traceability
    , and compliance evidence management.
  • Familiarity with Kubernetes, container security, cloud security
    , and modern software supply chain security frameworks such as SLSA is preferred.
  • Experience working in regulated environments
    , cybersecurity assessments, or compliance-driven security programs is highly desirable.
  • Excellent analytical, documentation, communication, stakeholder management, and problem‑solving skills.
Key Responsibilities
  • Assess and review Secure SDLC processes, Dev Sec Ops  practices, and software development lifecycle controls.
  • Evaluate software supply chain security
    , including SBOM generation, validation, dependency governance, third‑party component risk, and Software Composition Analysis (SCA).
  • Review and assess CI/CD pipeline security
    , artifact integrity, build security, release governance, and secure deployment practices.
  • Evaluate secrets management across development, build, deployment, and production environments to ensure secure credential handling.
  • Assess logging, auditability, security monitoring, and traceability controls to support compliance and forensic investigations.
  • Review vulnerability management processes, remediation tracking, patch governance, and dependency risk management.
  • Support lifecycle security assessments
    , compliance evidence mapping, audit readiness, and security control validation.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary