About the role
We are seeking an experienced Senior DevOps and Secure Software Delivery Consultant for an engagement with a leading manufacturing client. The successful consultant will take ownership of designing a modern, secure, and scalable build environment that supports secure software development, artifact management, and code signing.
The assignment requires both strategic architectural expertise and hands-on technical knowledge to assess the current environment, define the target architecture, and provide a comprehensive implementation roadmap.
Requirements
As part of this engagement, you will be responsible for:
- Conducting a comprehensive assessment of the client's existing build infrastructure, CI/CD pipelines, artifact repositories, and software signing processes.
- Identifying security, operational, and scalability gaps in the current setup.
- Designing a future-state build environment aligned with DevSecOps best practices.
- Defining the architecture for secure build pipelines, artifact repositories, and software signing infrastructure.
- Designing integration with Hardware Security Modules (HSMs) to enable secure key management and code signing.
- Recommending suitable technologies, infrastructure components, and deployment models.
- Producing a detailed solution proposal, including architecture diagrams, implementation roadmap, and technical recommendations.
- Preparing a realistic cost estimate covering implementation, licensing (where applicable), infrastructure, and knowledge transfer activities.
- Providing recommendations for governance, operational processes, and long-term maintenance.
- Delivering technical workshops and knowledge transfer sessions to ensure the client's engineering teams can successfully operate and maintain the solution.
Required Qualifications
We are looking for a senior consultant with a proven track record in designing secure software delivery platforms.
Required Experience
- Senior or expert-level consultant with extensive DevOps architecture experience.
- Strong background in designing and implementing secure CI/CD and build environments.
- Deep experience with build automation technologies and modern build pipelines.
- Extensive knowledge of artifact repository management.
- Proven experience implementing secure software signing solutions.
- Hands-on experience integrating build environments with Hardware Security Modules (HSMs).
- Strong understanding of DevSecOps principles, supply chain security, and secure software development practices.
- Experience designing scalable, highly available, and secure enterprise DevOps platforms.
- Ability to produce architecture documentation, solution designs, implementation plans, and commercial cost estimates.
- Experience facilitating workshops, technical training, and knowledge transfer for engineering teams.
- Excellent communication skills with the ability to engage both technical stakeholders and management.
Preferred Experience
Experience with one or more of the following is considered an advantage:
- Secure Software Supply Chain (SLSA)
- Sigstore, Cosign, or similar signing technologies
- Software Bill of Materials (SBOM)
- Build provenance and artifact integrity
- Cloud-native DevOps platforms
- Infrastructure as Code (Terraform, Ansible, etc.)
- Enterprise Git platforms and CI/CD tooling
Deliverables
The consultant is expected to deliver:
- Assessment report of the current build and software delivery environment.
- Target architecture and design documentation.
- Recommended build and artifact management solution.
- Secure software signing architecture with HSM integration.
- Implementation roadmap with prioritized activities.
- Cost estimate covering implementation, infrastructure, licensing (if applicable), and training.
- Knowledge transfer sessions and supporting documentation for the client's technical teams.