Your newpany

This is a prestigious financial services client with an office in central London.

Your new role

You will own the rollout of DevSecOps controls across the software supply chain — onboarding dev teams onto SonarQube Advanced Security and introducing a curated artifact repository to ensure all third‑party/open‑source code is secure andpliant.

What you'll need to succeed

Solid DevSecOps or application security engineering experience

Hands-on experience with JFrog Artifactory including curation, repository management and policy enforcement

Experience deploying and operating SonarQube orparable SAST tooling at scale

Proficiency with CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions or equivalent)

Working knowledge of software supply chain security concepts: SBOM, dependency confusion, typosquatting, CVE triage

Scripting proficiency in Python, Bash or equivalent for automation