3 of 3 SonarQube Jobs in the West Midlands

DevOps Engineer

Hiring Organisation
Vallum Associates
Location
Handsworth, West Midlands, UK
Employment Type
Full-time
pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, Optimize performance. Ensure artifact integrity. Refactor legacy scripts (remove global state, consolidate hashing, standardize templates). Document ci-config.yaml standards and usage …/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, containers, and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). ...

DevOps Engineer

Hiring Organisation
CBSbutler Holdings Limited
Location
Birmingham, West Midlands, United Kingdom
Employment Type
Contract
scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence … Helm, Terraform, and container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance ...

DevX Build Pipeline Engineer

Hiring Organisation
CBSbutler Holdings Limited
Location
Birmingham, West Midlands, United Kingdom
Employment Type
Contract
scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence … Helm, Terraform, and container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance ...