Demo

DevSecOps & Supply Chain Security Consultant

Digital Dhara LLC
Tewksbury, MA Contractor
POSTED ON 6/20/2026
AVAILABLE BEFORE 7/18/2026

Role Summary

Assess software supply chain security, SDLC maturity, SBOM governance, CI/CD pipeline controls, secrets management, logging/auditability, and vulnerability management to support lifecycle security evaluation and compliance traceability.

Key Responsibilities

  • Review SDLC processes, tooling, and secure development practices
  • Assess software supply chain security, including SCA, SBOM accuracy/completeness, dependency governance, and third-party risk
  • Evaluate CI/CD pipeline security, artifact integrity, and secure release controls
  • Review secrets management across development, build, deployment, and operational environments
  • Assess logging, auditability, and security event traceability controls
  • Evaluate vulnerability management, remediation tracking, and patch governance processes
  • Support lifecycle security assessment, compliance evidence mapping, and traceability
  • Contribute to assessment reporting, remediation guidance, and release governance reviews

Required Skills & Experience

Mandatory:

  • Strong understanding of DevSecOps and secure software delivery practices
  • Experience with SBOM frameworks (CycloneDX, SPDX) and SCA tooling
  • Familiarity with CI/CD security controls and artifact integrity validation
  • Experience with vulnerability management and dependency governance programs
  • Understanding of lifecycle security, auditability, and compliance evidence requirements
  • Experience with secrets management and secure release governance

Good to have:

  • Experience participating in CRA or regulated product security, or compliance-driven cybersecurity assessments
  • Experience participating in engagement related to export-controlled environments
  • Strong documentation skills

Preferred Certifications

  • Kubernetes / Cloud Security certifications preferred
  • DevSecOps or secure software supply chain experience preferred
  • Familiarity with SLSA or modern software supply chain security practices
  • Clearance / Compliance Requirements

Years of Required Experience

  • 7-10 years in setting up, maintaining and controls validation of Secure. CI/CD pipelines across different type of tech stack.
  • 2 Years experience with SBOM analysis

Hourly Wage Estimation for DevSecOps & Supply Chain Security Consultant in Tewksbury, MA
$40.00 to $52.00
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Not the job you're looking for? Here are some other DevSecOps & Supply Chain Security Consultant jobs in the Tewksbury, MA area that may be a better fit.

DevSecOps & Supply Chain Security Consultant
Apply
  • Arkhya Tech. Inc. Tewksbury, MA
  • Role: DevSecOps & Supply Chain Security Consultant Work Location: Tewksbury, MA 01876 (Hybrid) Contract Role Summary Assess software supply chain security,... more
  • Just Posted
DevSecOps & Supply Chain Security Consultant
Apply
  • Cloudious Tewksbury, MA
  • Role: DevSecOps & Supply Chain Security Consultant Work Location: Tewksbury, MA 01876 (Hybrid) Type: C2C Role Summary Assess software supply chain security... more
  • Just Posted
View More Jobs

AI Assistant is available now!

Feel free to start your new journey!