DevX Build_Pipeline Engineer

DevX Build Pipeline Engineer +11 month + +Hybrid working with Birmingham / Sheffield / Edinburgh +Inside IR35 +525 - 548 a day Skills: +CI / CD pipeline +Python +Jenkins We are seeking an experienced DevX Build Pipeline Engineer to own and evolve a critical Jenkins Shared Library that powers multi-language build pipelines across the organisation. You will play a key role in delivering fast, secure, and provenance-rich CI/CD pipelines, strengthening software supply-chain integrity and enabling engineering teams to ship with confidence. This role sits at the intersection of DevOps, DevSecOps, and Developer Experience , with a strong emphasis on Python automation, Jenkins/Groovy pipelines, and modern supply-chain security standards. Key Responsibilities Design, build, and maintain Jenkins Shared Library pipeline steps (build, test, package, scan, deploy). Develop and extend Python tooling for: SLSA provenance SBOM generation (CycloneDX) Hash/digest accuracy (SHA1/SHA256) Security scan aggregation (SonarQube, Sonatype IQ, SAST, container scanning) Optimise pipeline performance through parallelisation, caching, dependency prefetching, and BOM scope reduction. Ensure artifact integrity and reproducibility , including evidence modelling and digest validation. Refactor and modernise legacy pipeline scripts (remove global state, standardise templates, consolidate hashing logic). Define and document ci-config.yaml standards and usage patterns. Mentor engineers on secure pipeline development and software supply-chain best practices. Proactively troubleshoot and prevent CI/CD pipeline incidents. Essential Skills & Experience 7+ years' engineering experience, with 3+ years in CI/CD platform or DevSecOps roles . Expert knowledge of Jenkins and Groovy Shared Libraries . Strong Python automation skills (JSON/YAML processing, tooling scripts). Deep understanding of Maven, NPM, and Python packaging . Exposure to Helm, Terraform, and container image metadata . Solid experience with software supply-chain security (SLSA, CycloneDX SBOMs, digests). Hands-on use of SonarQube, Sonatype IQ, SAST, and container scanning tools . Proven ability to optimise CI/CD performance (caching, parallel builds, dependency pruning). Awareness of compliance and secure-by-design engineering practices. If you'd like to discuss this DevX Build Pipeline Engineer role in more detail, please send your updated CV to and I will get in touch. TPBN1_UKTJ

Created: 2026-01-16