Urgent role || DevSecOps & Supply Chain Security Consultant || Tewksbury, MA 01876, United State (Hybrid)

0 views
Skip to first unread message

Rahul Pandey

unread,
12:42 PM (3 hours ago) 12:42 PM
to Direct client requirments

Hello,

 

This is Rahul from Quantum world Technologies; I am working as Senior Technical Recruiter in this company. I have an Onsite Job Opportunity with one of our clients. Please share your resume if you are interested in the job details given below

 

Role- DevSecOps & Supply Chain Security Consultant 

 

Location- Tewksbury, MA 01876, United State (Hybrid)


Local or nearby location


Project Duration- 2 Months

Role Summary

Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability.

Key Responsibilities

  • Review SDLC processes, tooling, and secure development practices
  • Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk
  • Evaluate CI/CD pipeline security, artifact integrity, and secure release controls
  • Review secrets management across development, build, deployment, and operational environments
  • Assess logging, auditability, and security event traceability controls
  • Evaluate vulnerability management, remediation tracking, and patch governance processes
  • Support lifecycle security assessment, compliance evidence mapping, and traceability
  • Contribute to assessment reporting, remediation guidance, and release governance reviews

Required Skills & Experience

Mandatory:

  • Strong understanding of DevSecOps and secure software delivery practices
  • Experience with SBOM frameworks (CycloneDX, SPDX) and SCA tooling
  • Familiarity with CI/CD security controls and artifact integrity validation
  • Experience with vulnerability management and dependency governance programs
  • Understanding of lifecycle security, auditability, and compliance evidence requirements
  • Experience with secrets management and secure release governance

Good to have:

  • Experience participating in CRA or regulated product security, or compliance-driven cybersecurity assessments
  • Experience participating in engagement related to export-controlled environments
  • Strong documentation skills

Preferred Certifications

  • Kubernetes / Cloud Security certifications preferred
  • DevSecOps or secure software supply chain experience preferred
  • Familiarity with SLSA or modern software supply chain security practices
  • Clearance / Compliance Requirements

Years of Required Experience

  • 7-10 years in setting up, maintaining and controls validation of Secure. CI/CD pipelines across different type of tech stack.
  • 2+ Years’ experience with SBOM analysis

 

Thanks & Regards

Rahul Pandey

rahul....@quantumworldit.com

Senior Technical Recruiter     
Reply all
Reply to author
Forward
0 new messages