4 of 4 Contract SBOM Jobs in the UK

Responsibilities Design, build, and maintain Jenkins Shared Library pipeline steps (build, test, package, scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency ...

Responsibilities Design, build, and maintain Jenkins Shared Library pipeline steps (build, test, package, scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency ...

The Company Superb opportunity to join a leading financial services client with offices in Edinburgh. This is an initial 6-month contract inside IR35. There will be a requirement to be in the office up ...

Contract inside ir35- Hybrid Core Responsibilities: Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container). Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency … scripts). Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, container and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). Compliance Awareness. ...