Devops Engineer- Contract inside ir35- Hybrid Core Responsibilities: Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ,SAST/Container). Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch). Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling). Refactor legacy scripts (remove global state, consolidate hashing, standardize templates). Document ci-config.yaml standards and usage patterns. Mentor engineers on secure pipeline developme Essential Skills: - 7+ years engineering; 3+ in CI/CD platform or DevSecOps. Strong Jenkins + Groovy shared library expertise. Advanced Python automation (JSON/YAML processing, tooling scripts). Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata. Supply-chain security (SLSA, CycloneDX SBOM, digests). Experience with SonarQube, Sonatype IQ, container and SAST scanning. Proven performance tuning (caching, parallelization, dependency pruning). Compliance Awareness.