We are seeking an experienced Senior DevOps and Secure Software Delivery Consultant for an engagement with a leading manufacturing client. The successful consultant will take ownership of designing a modern, secure, and scalable build environment that supports secure software development, artifact management, and code signing.
The assignment requires both strategic architectural expertise and hands-on technical knowledge to assess the current environment, define the target architecture, and provide a comprehensive implementation roadmap.
Requirements
As part of this engagement, you will be responsible for:
- Conducting a comprehensive assessment of the client's existing build infrastructure, CI/CD pipelines, artifact repositories, and software signing processes.
- Identifying security, operational, and scalability gaps in the current setup.
- Designing a future-state build environment aligned with DevSecOps best practices.
- Defining the architecture for secure build pipelines, artifact repositories, and software signing infrastructure.
- Designing integration with Hardware Security Modules (HSMs) to enable secure key management and code signing.
- Recommending suitable technologies, infrastructure components, and deployment models.
- Producing a detailed solution proposal, including architecture diagrams, implementation roadmap, and technical recommendations.
- Preparing a realistic cost estimate covering implementation, licensing (where applicable), infrastructure, and knowledge transfer activities.
- Providing recommendations for governance, operational processes, and long-term maintenance.
- Delivering technical workshops and knowledge transfer sessions to ensure the client's engineering teams can successfully operate and maintain the solution.
We are looking for a senior consultant with a proven track record in designing secure software delivery platforms.
Required Experience- Senior or expert-level consultant with extensive DevOps architecture experience.
- Strong background in designing and implementing secure CI/CD and build environments.
- Deep experience with build automation technologies and modern build pipelines.
- Extensive knowledge of artifact repository management.
- Proven experience implementing secure software signing solutions.
- Hands-on experience integrating build environments with Hardware Security Modules (HSMs).
- Strong understanding of DevSecOps principles, supply chain security, and secure software development practices.
- Experience designing scalable, highly available, and secure enterprise DevOps platforms.
- Ability to produce architecture documentation, solution designs, implementation plans, and commercial cost estimates.
- Experience facilitating workshops, technical training, and knowledge transfer for engineering teams.
- Excellent communication skills with the ability to engage both technical stakeholders and management.
Experience with one or more of the following is considered an advantage:
- Secure Software Supply Chain (SLSA)
- Sigstore, Cosign, or similar signing technologies
- Software Bill of Materials (SBOM)
- Build provenance and artifact integrity
- Cloud-native DevOps platforms
- Infrastructure as Code (Terraform, Ansible, etc.)
- Enterprise Git platforms and CI/CD tooling
The consultant is expected to deliver:
- Assessment report of the current build and software delivery environment.
- Target architecture and design documentation.
- Recommended build and artifact management solution.
- Secure software signing architecture with HSM integration.
- Implementation roadmap with prioritized activities.
- Cost estimate covering implementation, infrastructure, licensing (if applicable), and training.
- Knowledge transfer sessions and supporting documentation for the client's technical teams.
Skills Required
- Extensive DevOps architecture experience
- Designing and implementing secure CI/CD and build environments
- Deep experience with build automation technologies and modern build pipelines
- Extensive knowledge of artifact repository management
- Proven experience implementing secure software signing solutions
- Hands-on experience integrating build environments with Hardware Security Modules (HSMs)
- Strong understanding of DevSecOps principles, supply chain security, and secure software development practices
- Experience designing scalable, highly available, secure enterprise DevOps platforms
- Ability to produce architecture documentation, solution designs, implementation plans, and commercial cost estimates
- Experience facilitating workshops, technical training, and knowledge transfer for engineering teams
- Excellent communication skills to engage technical stakeholders and management
- Experience with cloud-native DevOps platforms
What We Do
Belmont Lavan is an IT solutions provider specializing in the design, development, and implementation of systems like ERP, CRM, EAM, Microsoft, and Cybersecurity, aiming to help businesses streamline operations, enhance security, and improve efficiency.









