Sr. Release Engineer

Black Duck Software

Job Location:

Burlington, CO - USA

Monthly Salary: $ 101300 - 152000

Posted on: 11 hours ago

Vacancies: 1 Vacancy

Job Summary

Black Duck Software Inc. helps organizations build secure high-quality software minimizing risks while maximizing speed and productivity. Black Duck a recognized pioneer in application security provides SAST SCA and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code open source components and application behavior. With a combination of industry-leading tools services and expertise only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

Sr. Release Engineer - Build & Supply Chain Security

We are looking for a Release Engineer/ Sr Release Engineer to join our Build & Deployment Engineering team. As a member of the release engineering team you will have an opportunity to develop tools to automate processes develop re-usable libraries and build and release pipelines that use them. We are embracing cutting edge technology as we go so that we can continue to increase velocity. The ideal candidate will be a great communicator and a quality focused innovator. You need to be willing to experiment and to learn quickly so we can leverage new technology as it becomes available.

Responsibilities of this Role:

Analyze and Tune build and Unit Test Pipelines across multiple platforms and technology stacks

Maintain and Deploy Continuous Integration/Continuous Delivery Pipelines using GitLab CI docker and python libraries using Jenkins Pipelines with Groovy Libraries

supporting GitHub Actions and other CI/CD platforms

Automate branching tagging and SCM administration for multiple projects across various VCS platforms

Maintain Evolve and Create Automation Infrastructure

Identify processes that can be automated and create tools or scripts

Develop and maintain reusable build libraries and frameworks

Provide consistent and reliable build environments across Windows Linux and macOS

Implement and manage Software Supply Chain Security

Deploy Admin and Manage Software Composition Analysis (SCA) and vulnerability scanning tools

Implement secure build practices and artifact management

Monitor and report on supply chain security posture

Deploy Admin and Manage SAST DAST scans and security tools (Black Duck Coverity Code Dx and other security analysis tools)

Manage containerized application deployments using Docker Kubernetes and related orchestration tools

Automate infrastructure provisioning and deployment using Ansible Terraform and cloud provider tools

Manage Release of VM Images/Virtual Applications into the Amazon and Google Cloud Marketplaces

Troubleshoot build failures and infrastructure issues providing timely resolution and documentation

Monitor build system performance and implement optimizations to reduce build times and failures

Key Qualifications:

5 years of Bash Shell Scripting

Build Pipelines with CI/CD automation in Jenkins Gitlab Github Concourse or equivalent platforms

Python programming and package creation

OOP design and implementation

Docker image creation tagging and releases

Git and Gitlab CI or equivalent version control and CI systems

Experience with build tools: Gradle Maven NodeJS Ant or equivalent

Multi-platform build system experience (Windows Linux macOS)

Experience with software supply chain security and vulnerability management

Linux System Administration and shell scripting proficiency

Strong troubleshooting and problem-solving skills

Excellent documentation and communication skills

Preferred Experience

Kubernetes Helm Terraform Ansible

AWS / GCP / Azure cloud automation and infrastructure management

DevOps Automation and Infrastructure as Code practices

Linux System Administration and VM Management via OpenStack or equivalent

Dev Sec Ops and CI Supply Chain Security frameworks (SLSA SBOM)

Software Composition Analysis (SCA) tools and vulnerability scanning platforms

MacOS signing and Notarization processes

Windows Binary Signing and certificate management

Experience with multiple build systems and their integration

Pay Range

$101300 - $152000 USD

Black Duck considers all applicants for employment without regard to race color religion sex gender preference national origin age disability or status as a Covered Veteran in accordance with federal addition Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.

Required Experience:

Senior IC