Demo

DevSecOps & Supply Chain Security Consultant

Cloudious
Tewksbury, MA Contractor
POSTED ON 6/25/2026
AVAILABLE BEFORE 7/25/2026

Role: DevSecOps & Supply Chain Security Consultant

Work Location: Tewksbury, MA 01876 (Hybrid)

Type: C2C

Role Summary

Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability.

Key Responsibilities

  • Review SDLC processes, tooling, and secure development practices

  • Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk

  • Evaluate CI/CD pipeline security, artifact integrity, and secure release controls

  • Review secrets management across development, build, deployment, and operational environments

  • Assess logging, auditability, and security event traceability controls

  • Evaluate vulnerability management, remediation tracking, and patch governance processes

  • Support lifecycle security assessment, compliance evidence mapping, and traceability

  • Contribute to assessment reporting, remediation guidance, and release governance reviews

Required Skills & Experience

Mandatory:

  • Strong understanding of DevSecOps and secure software delivery practices

  • Experience with SBOM frameworks (CycloneDX, SPDX) and SCA tooling

  • Familiarity with CI/CD security controls and artifact integrity validation

  • Experience with vulnerability management and dependency governance programs

  • Understanding of lifecycle security, auditability, and compliance evidence requirements

  • Experience with secrets management and secure release governance

Good to have:

  • Experience participating in CRA or regulated product security, or compliance-driven cybersecurity assessments

  • Experience participating in engagement related to export-controlled environments

  • Strong documentation skills

Preferred Certifications

  • Kubernetes / Cloud Security certifications preferred

  • DevSecOps or secure software supply chain experience preferred

  • Familiarity with SLSA or modern software supply chain security practices

  • Clearance / Compliance Requirements

Years of Required Experience

  • 7-10 years in setting up, maintaining and controls validation of Secure. CI/CD pipelines across different type of tech stack.

  • 2 Years experience with SBOM analysis

Salary : $80

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a DevSecOps & Supply Chain Security Consultant?

Sign up to receive alerts about other jobs on the DevSecOps & Supply Chain Security Consultant career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Cloudious

Oracle Apps Exadata DBA
Apply
  • Cloudious Columbus, OH
  • Oracle Apps Exadata DBA Columbus, OH(3 Days Onsite) Contract-6 Months Mandatory Skills : Oracle DB Administration JD:: 12 years Oracle DBA Apps DBA Strong ... more
  • Just Posted
Full Stack Engineer with Agentic AI
Apply
  • Cloudious Dallas, TX
  • Full Stack Engineer with Agentic AI Location : Richardson, TX need to come to office 2 to 3 days in a week Contract-6 Months Skills Mandatory Skills : Gola... more
  • Just Posted
Service Desk Analyst (French)
Apply
  • Cloudious Dallas, TX
  • Position Details: Title: Service Desk Analyst (Bilingual English & French) Location: Dallas, TX - Onsite Role Type: Contract Duration: 12 Months with possi... more
  • Just Posted
Databrick Architect
Apply
  • Cloudious Los Angeles, CA
  • Role : Databrick Architect Location : Los Angeles CA or New York, NY (onsite) Type: C2C Job Description: The Databricks Architect is responsible for design... more
  • Just Posted
View More Jobs at Cloudious

Not the job you're looking for? Here are some other DevSecOps & Supply Chain Security Consultant jobs in the Tewksbury, MA area that may be a better fit.

DevSecOps & Supply Chain Security Consultant
Apply
  • Arkhya Tech. Inc. Tewksbury, MA
  • Role: DevSecOps & Supply Chain Security Consultant Work Location: Tewksbury, MA 01876 (Hybrid) Contract Role Summary Assess software supply chain security,... more
  • Just Posted
DevSecOps & Supply Chain Security Consultant
Apply
  • Digital Dhara LLC Tewksbury, MA
  • Role Summary Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and ... more
  • 5 Days Ago
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!