Apply Now

DevSecOps & Supply Chain Security Consultant

Tewksbury, MA, US • Posted 1 day ago • Updated 2 hours ago

Contract Corp To Corp

On-site

$80/Hr on C2C

Fitment

Dice Job Match Score™

👤 Reviewing your profile...

Job Details

Skills

cra
DevSecOp Supply Chain Security
SBOM

Summary

Role: DevSecOps & Supply Chain Security Consultant

Work Location: Tewksbury, MA 01876 (Hybrid)

Type: C2C

Role Summary

Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability.

Key Responsibilities

Review SDLC processes, tooling, and secure development practices
Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk
Evaluate CI/CD pipeline security, artifact integrity, and secure release controls
Review secrets management across development, build, deployment, and operational environments
Assess logging, auditability, and security event traceability controls
Evaluate vulnerability management, remediation tracking, and patch governance processes
Support lifecycle security assessment, compliance evidence mapping, and traceability
Contribute to assessment reporting, remediation guidance, and release governance reviews

Required Skills & Experience

Mandatory:

Strong understanding of DevSecOps and secure software delivery practices
Experience with SBOM frameworks (CycloneDX, SPDX) and SCA tooling
Familiarity with CI/CD security controls and artifact integrity validation
Experience with vulnerability management and dependency governance programs
Understanding of lifecycle security, auditability, and compliance evidence requirements
Experience with secrets management and secure release governance

Good to have:

Experience participating in CRA or regulated product security, or compliance-driven cybersecurity assessments
Experience participating in engagement related to export-controlled environments
Strong documentation skills

Preferred Certifications

Kubernetes / Cloud Security certifications preferred
DevSecOps or secure software supply chain experience preferred
Familiarity with SLSA or modern software supply chain security practices
Clearance / Compliance Requirements

Years of Required Experience

7-10 years in setting up, maintaining and controls validation of Secure. CI/CD pipelines across different type of tech stack.
2+ Years experience with SBOM analysis

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 91009966
Position Id: 2026-30335
Posted 1 day ago

Contact the job poster

Martin Raj Selvaraj

Recruiter @ Cloudious

View Profile

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Tewksbury, Massachusetts

•

3d ago

Hi , Our client is looking for an DevSecOps & Supply Chain Security Consultant for a project and below is the detailed requirement. Job Title: DevSecOps & Supply Chain Security Consultant Location: Tewksbury, MA Domain: Healthcare Job Description: Bachelor's degree in Computer Science, Information Technology, Engineering, or a related field with 12+ years of overall IT experience. Review SDLC processes, tooling, and secure development practices Assess software supply chai

Easy Apply

Third Party, Contract

Depends on Experience

DevSecOps & Supply Chain Security Consultant

Tewksbury, Massachusetts

•

3d ago

Role Summary Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability. Key Responsibilities Review SDLC processes, tooling, and secure development practicesAssess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party riskEvaluate CI/CD pipeline security, artifa

Easy Apply

Third Party, Contract

Depends on Experience

Principal Security Engineer

Natick, Massachusetts

•

3d ago

Job Summary MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More: ;br> We're looking for a hands-on, highly collaborative Principal Security Engineer to secure our software delivery pipeline. You'll take ownership of protecting our CI/CD processes, Artifactory, and Internal Developer Platform against supply

Full-time

USD 160,800.00 - 209,000.00 per year

Expert DevSecOps Engineer

Remote or District of Columbia

•

Today

job summary: Join a premier financial services organization managing substantial investment assets and dedicated to providing specialized retirement planning and health savings solutions. We are seeking a highly technical professional to lead the integration and advancement of security throughout our entire software development lifecycle. In this permanent role, you will help build resilient solutions while enjoying a robust total rewards package that features comprehensive medical, dental, and

Full-time

USD140,000 - USD180,000

Search all similar jobs

More jobs at Cloudious in Tewksbury, MA

DevSecOps & Supply Chain Security Consultant

Dice Job Match Score™

Job Details

Skills

Summary

Martin Raj Selvaraj

Similar Jobs