We are seeking an experienced Senior DevOps and Secure Software Delivery Consultant for an engagement with a leading manufacturing client. The successful consultant will take ownership of designing a modern, secure, and scalable build environment that supports secure software development, artifact management, and code signing.

The assignment requires both strategic architectural expertise and hands-on technical knowledge to assess the current environment, define the target architecture, and provide a comprehensive implementation roadmap.

Requirements

As part of this engagement, you will be responsible for:

• Conducting a comprehensive assessment of the client's existing build infrastructure, CI/CD pipelines, artifact repositories, and software signing processes.
• Identifying security, operational, and scalability gaps in the current setup.
• Designing a future-state build environment aligned with DevSecOps best practices.
• Defining the architecture for secure build pipelines, artifact repositories, and software signing infrastructure.
• Designing integration with Hardware Security Modules (HSMs) to enable secure key management and code signing.
• Recommending suitable technologies, infrastructure components, and deployment models.
• Producing a detailed solution proposal, including architecture diagrams, implementation roadmap, and technical recommendations.
• Preparing a realistic cost estimate covering implementation, licensing (where applicable), infrastructure, and knowledge transfer activities.
• Providing recommendations for governance, operational processes, and long-term maintenance.
• Delivering technical workshops and knowledge transfer sessions to ensure the client's engineering teams can successfully operate and maintain the solution.

Required Qualifications

We are looking for a senior consultant with a proven track record in designing secure software delivery platforms.

Required Experience

• Senior or expert-level consultant with extensive DevOps architecture experience.
• Strong background in designing and implementing secure CI/CD and build environments.
• Deep experience with build automation technologies and modern build pipelines.
• Extensive knowledge of artifact repository management.
• Proven experience implementing secure software signing solutions.
• Hands-on experience integrating build environments with Hardware Security Modules (HSMs).
• Strong understanding of DevSecOps principles, supply chain security, and secure software development practices.
• Experience designing scalable, highly available, and secure enterprise DevOps platforms.
• Ability to produce architecture documentation, solution designs, implementation plans, and commercial cost estimates.
• Experience facilitating workshops, technical training, and knowledge transfer for engineering teams.
• Excellent communication skills with the ability to engage both technical stakeholders and management.

Preferred Experience

Experience with one or more of the following is considered an advantage:

• Secure Software Supply Chain (SLSA)
• Sigstore, Cosign, or similar signing technologies
• Software Bill of Materials (SBOM)
• Build provenance and artifact integrity
• Cloud-native DevOps platforms
• Infrastructure as Code (Terraform, Ansible, etc.)
• Enterprise Git platforms and CI/CD tooling

Deliverables

The consultant is expected to deliver:

• Assessment report of the current build and software delivery environment.
• Target architecture and design documentation.
• Recommended build and artifact management solution.
• Secure software signing architecture with HSM integration.
• Implementation roadmap with prioritized activities.
• Cost estimate covering implementation, infrastructure, licensing (if applicable), and training.
• Knowledge transfer sessions and supporting documentation for the client's technical teams.