DevX Build_Pipeline Engineer

New Yesterday

DevX Build Pipeline Engineer +11 month + +Hybrid working with Birmingham / Sheffield / Edinburgh +Inside IR35 +£525 - £548 a day Skills: +CI / CD pipeline +Python +Jenkins We are seeking an experienced

DevX Build Pipeline Engineer

to own and evolve a critical Jenkins Shared Library that powers multi-language build pipelines across the organisation. You will play a key role in delivering fast, secure, and provenance-rich CI/CD pipelines, strengthening software supply-chain integrity and enabling engineering teams to ship with confidence. This role sits at the intersection of

DevOps, DevSecOps, and Developer Experience , with a strong emphasis on Python automation, Jenkins/Groovy pipelines, and modern supply-chain security standards.

Key Responsibilities

Design, build, and maintain

Jenkins Shared Library

pipeline steps (build, test, package, scan, deploy).

Develop and extend

Python tooling

for: SLSA provenance

SBOM generation (CycloneDX)

Hash/digest accuracy (SHA1/SHA256)

Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning)

Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction.

Ensure

artifact integrity and reproducibility , including evidence modelling and digest validation.

Refactor and modernise legacy pipeline scripts (remove global state, standardise templates, consolidate hashing logic).

Define and document

ci-config.yaml

standards and usage patterns.

Mentor engineers on secure pipeline development and software supply-chain best practices.

Proactively troubleshoot and prevent CI/CD pipeline incidents.

Essential Skills & Experience

7+ years' engineering experience, with

3+ years in CI/CD platform or DevSecOps roles .

Expert knowledge of

Jenkins and Groovy Shared Libraries .

Strong

Python automation

skills (JSON/YAML processing, tooling scripts).

Deep understanding of

Maven, NPM, and Python packaging .

Exposure to

Helm, Terraform, and container image metadata .

Solid experience with

software supply-chain security

(SLSA, CycloneDX SBOMs, digests).

Hands-on use of

SonarQube, Sonatype IQ, SAST, and container scanning tools .

Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning).

Awareness of compliance and secure-by-design engineering practices.

If you'd like to discuss this DevX Build Pipeline Engineer role in more detail, please send your updated CV to

and I will get in touch.

TPBN1_UKTJ
Apply
Location:
United Kingdom
Job Type:
FullTime
Category:
Construction;IT