1 of 1 Permanent SBOM Jobs in the West Midlands

Python, and Jenkins/Tekton Responsibilities: Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, Optimize performance. Ensure artifact integrity. Refactor legacy scripts (remove global state, consolidate hashing … scripts). Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, containers, and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). ...