Sr. Release Engineer

About The Position

Requirements

• 5+ years of Bash Shell Scripting
• Build Pipelines with CI/CD automation in Jenkins, Gitlab, Github, Concourse, or equivalent platforms
• Python programming and package creation
• OOP design and implementation
• Docker image creation, tagging and releases
• Git and Gitlab CI or equivalent version control and CI systems
• Experience with build tools: Gradle, Maven, NodeJS, Ant, or equivalent
• Multi-platform build system experience (Windows, Linux, macOS)
• Experience with software supply chain security and vulnerability management
• Linux System Administration and shell scripting proficiency
• Strong troubleshooting and problem-solving skills
• Excellent documentation and communication skills

Nice To Haves

• Kubernetes, Helm, Terraform, Ansible
• AWS / GCP / Azure cloud automation and infrastructure management
• DevOps Automation and Infrastructure as Code practices
• Linux System Administration and VM Management via OpenStack or equivalent
• Dev Sec Ops and CI Supply Chain Security frameworks (SLSA, SBOM)
• Software Composition Analysis (SCA) tools and vulnerability scanning platforms
• MacOS signing and Notarization processes
• Windows Binary Signing and certificate management
• Experience with multiple build systems and their integration

Responsibilities

• Analyze and Tune build and Unit Test Pipelines across multiple platforms and technology stacks
• Maintain and Deploy Continuous Integration/Continuous Delivery Pipelines using GitLab CI, docker and python libraries, using Jenkins Pipelines with Groovy Libraries supporting GitHub Actions and other CI/CD platforms
• Automate branching, tagging, and SCM administration for multiple projects across various VCS platforms
• Maintain, Evolve and Create Automation Infrastructure
• Identify processes that can be automated and create tools or scripts
• Develop and maintain reusable build libraries and frameworks
• Provide consistent and reliable build environments across Windows, Linux, and macOS
• Implement and manage Software Supply Chain Security
• Deploy, Admin and Manage Software Composition Analysis (SCA) and vulnerability scanning tools
• Implement secure build practices and artifact management
• Monitor and report on supply chain security posture
• Deploy, Admin and Manage SAST, DAST scans and security tools (Black Duck, Coverity, Code Dx and other security analysis tools)
• Manage containerized application deployments using Docker, Kubernetes, and related orchestration tools
• Automate infrastructure provisioning and deployment using Ansible, Terraform, and cloud provider tools
• Manage Release of VM Images/Virtual Applications into the Amazon and Google Cloud Marketplaces
• Troubleshoot build failures and infrastructure issues, providing timely resolution and documentation
• Monitor build system performance and implement optimizations to reduce build times and failures

Benefits

• Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.