Apply Now

DevSecOps & Supply Chain Security Consultant

Tewksbury, MA, US • Posted 7 hours ago • Updated 7 hours ago

Contract W2

Contract Corp To Corp

2 Years

No Travel Required

On-site

Depends on Experience

Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

DevSecOps & Supply Chain Security Consultant

Summary

Hi ,

Our client is looking for an DevSecOps & Supply Chain Security Consultant for a project and below is the detailed requirement.

Job Title: DevSecOps & Supply Chain Security Consultant

Location: Tewksbury, MA

Domain: Healthcare

Job Description:

Bachelor's degree in Computer Science, Information Technology, Engineering, or a related field with 12+ years of overall IT experience.
Review SDLC processes, tooling, and secure development practices
Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk
Evaluate CI/CD pipeline security, artifact integrity, and secure release controls
Review secrets management across development, build, deployment, and operational environments
Assess logging, auditability, and security event traceability controls
Evaluate vulnerability management, remediation tracking, and patch governance processes
Support lifecycle security assessment, compliance evidence mapping, and traceability
Contribute to assessment reporting, remediation guidance, and release governance reviews

Required Skills & Experience

Mandatory:

Strong understanding of DevSecOps and secure software delivery practices
Experience with SBOM frameworks (CycloneDX, SPDX) and SCA tooling
Familiarity with CI/CD security controls and artifact integrity validation
Experience with vulnerability management and dependency governance programs
Understanding of lifecycle security, auditability, and compliance evidence requirements
Experience with secrets management and secure release governance

Good to have:

Experience participating in CRA or regulated product security, or compliance-driven cybersecurity assessments
Experience participating in engagement related to export-controlled environments
Strong documentation skills

Preferred Certifications

Kubernetes / Cloud Security certifications preferred
DevSecOps or secure software supply chain experience preferred
Familiarity with SLSA or modern software supply chain security practices
Clearance / Compliance Requirements

Years of Required Experience

7-10 years in setting up, maintaining and controls validation of Secure. CI/CD pipelines across different type of tech stack.
2+ Years experience with SBOM analysis

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10120137
Position Id: 69563-10367-
Posted 7 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Tewksbury, Massachusetts

•

Today

Role Summary Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability. Key Responsibilities Review SDLC processes, tooling, and secure development practicesAssess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party riskEvaluate CI/CD pipeline security, artifa

Easy Apply

Contract, Third Party

Depends on Experience

DevSecOps Lead/Architect (with Supply Chain and SBOM)

Hybrid in Tewksbury, Massachusetts

•

Today

Role Summary Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability. Key Responsibilities Review SDLC processes, tooling, and secure development practices Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk EvaluateCI/CD pipeline security, arti

Easy Apply

Contract, Third Party

80 - 82

DevSecOps & Supply Chain Security Consultant

Hybrid in Tewksbury, Massachusetts

•

Today

Role: DevSecOps & Supply Chain Security Consultant Work Location: Tewksbury, MA 01876 (Hybrid) Duration:6-12 months Role Summary Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability. Key Responsibilities Review SDLC processes, tooling, and secure development practices Assess software supply chain security, including

Easy Apply

Contract, Third Party

Depends on Experience

Principal Security Engineer

Natick, Massachusetts

•

Yesterday

Job Summary MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More: ;br> We're looking for a hands-on, highly collaborative Principal Security Engineer to secure our software delivery pipeline. You'll take ownership of protecting our CI/CD processes, Artifactory, and Internal Developer Platform against supply

Full-time

USD 160,800.00 - 209,000.00 per year

Search all similar jobs

More jobs at Lorven Technologies, Inc. in Tewksbury, MA

DevSecOps & Supply Chain Security Consultant

Dice Job Match Score™

Job Details

Skills

Summary

Similar Jobs