6 of 6 SLSA Jobs in the UK

development Experience in vulnerability and exposure management and network security concepts (segmentation, logging, scanning) Familiarity with industry frameworks (OWASP SAMM/ASVS, NIST SSDF, SLSA, CSA) Ability to communicate complex security concepts to both technical and non-technical stakeholders Experience working in large, complex IT transformation programmes Tools & technologies AppSec ...

standards. Key Responsibilities Design, build, and maintain Jenkins Shared Library pipeline steps (build, test, package, scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation … understanding of Maven, NPM, and Python packaging . Exposure to Helm, Terraform, and container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance ...

standards. Key Responsibilities Design, build, and maintain Jenkins Shared Library pipeline steps (build, test, package, scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation … understanding of Maven, NPM, and Python packaging . Exposure to Helm, Terraform, and container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance ...

Kubernetes, GCP, Python, and Jenkins/Tekton Responsibilities: Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, Optimize performance. Ensure artifact integrity. Refactor legacy scripts (remove global state … processing, tooling scripts). Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, containers, and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). ...

Kubernetes, GCP, Python, and Jenkins/Tekton Responsibilities: Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, Optimize performance. Ensure artifact integrity. Refactor legacy scripts (remove global state … processing, tooling scripts). Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, containers, and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). ...

Devops Engineer- Contract inside ir35- Hybrid Core Responsibilities: Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container). Optimize performance (parallel builds, caching, scope-reduced … processing, tooling scripts). Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, container and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). Compliance Awareness. ...