×
Register Here to Apply for Jobs or Post Jobs. X

DevSecOps & Supply Chain Security Consultant

Job in Tewksbury, Middlesex County, Massachusetts, 01876, USA
Listing for: Cloudious LLC
Full Time position
Listed on 2026-07-04
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, Security Management & Operations
Salary/Wage Range or Industry Benchmark: 110000 - 140000 USD Yearly USD 110000.00 140000.00 YEAR
Job Description & How to Apply Below

Role

Dev Sec Ops  & Supply Chain Security Consultant

Work Location

Tewksbury, MA 01876 (Hybrid)

Type

C2C

Role Summary

Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability.

Key Responsibilities
  • Review SDLC processes, tooling, and secure development practices
  • Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk
  • Evaluate CI/CD pipeline security, artifact integrity, and secure release controls
  • Review secrets management across development, build, deployment, and operational environments
  • Assess logging, auditability, and security event traceability controls
  • Evaluate vulnerability management, remediation tracking, and patch governance processes
  • Support lifecycle security assessment, compliance evidence mapping, and traceability
  • Contribute to assessment reporting, remediation guidance, and release governance reviews
Required Skills & Experience Mandatory
  • Strong understanding of Dev Sec Ops  and secure software delivery practices
  • Experience with SBOM frameworks (CycloneDX, SPDX) and SCA tooling
  • Familiarity with CI/CD security controls and artifact integrity validation
  • Experience with vulnerability management and dependency governance programs
  • Understanding of lifecycle security, auditability, and compliance evidence requirements
  • Experience with secrets management and secure release governance
Good to have
  • Experience participating in CRA or regulated product security, or compliance-driven cybersecurity assessments
  • Experience participating in engagement related to export-controlled environments
  • Strong documentation skills
Preferred Certifications
  • Kubernetes / Cloud Security certifications preferred
  • Dev Sec Ops  or secure software supply chain experience preferred
  • Familiarity with SLSA or modern software supply chain security practices
  • Clearance / Compliance Requirements
Years of Required Experience
  • 7-10 years in setting up, maintaining and controls validation of Secure CI/CD pipelines across different type of tech stack.
  • 2+ Years experience with SBOM analysis
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary