Job Specifications
DevOps Engineer
Location: Sheffield – Hybrid (3 days in office per week)
Rate: Market rate (Inside IR35)
Duration: 6 months
The Role
We are seeking a DevOps Engineer to own and evolve our Jenkins Shared Library, powering multi-language builds across Java/Maven, Node/NPM, Python, Helm, Terraform, and containers. The successful candidate will deliver fast, secure, provenance-rich pipelines in line with SLSA standards, strengthen supply-chain integrity, and mentor teams on best practices.
Key Responsibilities
Design, maintain, and enhance Groovy pipeline steps for build, test, package, scan, and deployment processes.
Extend Python tooling for SLSA provenance, SBOM generation, hash/digest validation, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container).
Optimise pipeline performance using parallel builds, caching, scope-reduced BOMs, and dependency prefetching.
Ensure artifact integrity through correct SHA1/SHA256 mapping, reproducible builds, and evidence modelling.
Refactor and modernise legacy scripts, removing global state, consolidating hashing, and standardising templates.
Document CI/CD configuration standards, ci-config.yaml usage patterns, and pipeline conventions.
Mentor engineers on secure pipeline development and supply-chain security practices.
Troubleshoot, resolve, and prevent pipeline incidents and bottlenecks.
Essential Skills & Experience
7+ years of engineering experience, with at least 3 years in CI/CD platforms or DevSecOps.
Strong expertise in Jenkins Shared Libraries and Groovy scripting.
Advanced Python automation, including JSON/YAML processing and tooling scripts.
Deep understanding of Maven, NPM, and Python packaging; exposure to Helm, Terraform, and container image metadata.
Knowledge of supply-chain security, including SLSA, CycloneDX SBOMs, and digests.
Experience with SonarQube, Sonatype IQ, container and SAST scanning.
Proven skills in pipeline performance tuning, including caching, parallelisation, and dependency pruning.
Awareness of compliance and security standards relevant to CI/CD pipelines.
Desirable Skills
Experience with artifact signing and attestations (e.g., cosign, OCI).
Familiarity with Terraform module and Helm chart publishing patterns.
Experience in GitOps or release automation workflows.
Exposure to GCP or AWS cloud environments.
About the Company
In late 2009, Stott and May was founded on the belief that hiring managers should never have to make the choice between time to hire and quality of candidate. We noticed a gap in the market for a search offering that can combine the speed of contingent recruitment with a high value, high touch, insightful service more commonly found in the executive search space. A talent solution that's helpful, engaging, collaborative and stacked full of value-add. Built with the flexibility to provide our partners with a choice of best pr...
Know more