Type of contract: B2B contract

Salary range: 168-214 PLN / hour

What will you do?

You will own and evolve our Jenkins Shared Library powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Deliver fast, secure, provenance-rich pipelines (SLSA, SBOM, digests) and strengthen supply chain integrity across teams.

We’re building

• A reusable Jenkins Shared Library: Our “ci-shared-library” provides opinionated, pluggable pipeline stages for build, test, security controls, and deployment. Teams adopt it via a simple YAML (ci-config.yaml), and get consistent CI/CD without reinventing the wheel.
• Multi-language build orchestration:

o Java/Maven, .NET, Node.js/NPM, Python/pytest

o Container packaging and metadata publishing

o Helm/Terraform support for infra-as-code

• First-class security and compliance:

o SonarQube code quality and coverage

o Sonatype IQ

o SAST/DAST/container scans

o HashiCorp Vault integrations for secret management

• Deployment integrations
• Regression testing pipelines
• Metadata, SBOM, and SLSA

Your skills

• 7+ years engineering; 3+ in CI/CD platform or DevSecOps.
• Strong Jenkins + Groovy shared library expertise.
• Advanced Python automation (JSON/YAML processing, tooling scripts).
• Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.
• Supply-chain security (SLSA, CycloneDX SBOM, digests).
• Experience with SonarQube, Sonatype IQ, container and SAST scanning.
• Proven performance tuning (caching, parallelization, dependency pruning).
• Compliance Awareness.

Nice-to-Have

• Artifact signing / attestations (cosign, OCI).
• Terraform module and Helm chart publishing patterns.
• GitOps or release automation experience.
• GCP/AWS cloud experience

This possibility applies to work on a B2B basis.