CI/CD Security Architect / DevSecOps Lead - Outside IR35 at AgileSource Ltd, London Area, £Contract Rate

CI/CD Security Architect / DevSecOps Lead required by AgileSource for a 5 week initial contract which falls Outside IR35.

CI/CD Security Architect / DevSecOps Lead to review, design, and implement improvements to their software supply chain security and risk management approach.

Key Responsibilities

• Conduct stakeholder interviews to gather requirements and understand current processes
• Review existing software supply chain risk management practices
• Assess on-prem, cloud, and SaaS hosting options
• Design and recommend a secure, scalable solution
• Select appropriate tools (e.g. SCA, repository management, CI/CD security)
• Build and implement the chosen solution
• Integrate security controls into CI/CD pipelines
• Lead testing, UAT and deployment into production
• Ensure solution meets banking security and compliance requirements
• Drive stakeholder engagement and secure final sign-off

Security & DevSecOps

• Strong experience in software supply chain security
• Expertise with Software Composition Analysis (SCA) tools (e.g. Sonatype IQ)
• Knowledge of Software Bill of Materials (SBOM) and dependency risk management
• Experience embedding security gates into CI/CD pipelines
• Familiar with artifact governance and secure development practices

CI/CD & Platform Engineering

• Hands-on experience with CI/CD tools such as:
• GitHub Actions
• GitLab CI
• Jenkins
• Strong understanding of:
• Repository design
• Artifact repositories (e.g. Nexus, Artifactory)
• Versioning strategies