As a Sr. Release Engineer, you'll develop automation tools, manage CI/CD pipelines, support software security tools, and analyze build performance across platforms.
Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
Sr. Release Engineer - Build & Supply Chain Security
We are looking for a Release Engineer/ Sr Release Engineer to join our Build & Deployment Engineering team. As a member of the release engineering team you will have an opportunity to develop tools to automate processes, develop re-usable libraries and build and release pipelines that use them. We are embracing cutting edge technology as we go, so that we can continue to increase velocity. The ideal candidate will be a great communicator and a quality focused innovator. You need to be willing to experiment and to learn quickly so we can leverage new technology as it becomes available.
Responsibilities of this Role:
Analyze and Tune build and Unit Test Pipelines across multiple platforms and technology stacks
Maintain and Deploy Continuous Integration/Continuous Delivery Pipelines using GitLab CI, docker and python libraries, using Jenkins Pipelines with Groovy Libraries
supporting GitHub Actions and other CI/CD platforms
Automate branching, tagging, and SCM administration for multiple projects across various VCS platforms
Maintain, Evolve and Create Automation Infrastructure
Identify processes that can be automated and create tools or scripts
Develop and maintain reusable build libraries and frameworks
Provide consistent and reliable build environments across Windows, Linux, and macOS
Implement and manage Software Supply Chain Security
Deploy, Admin and Manage Software Composition Analysis (SCA) and vulnerability scanning tools
Implement secure build practices and artifact management
Monitor and report on supply chain security posture
Deploy, Admin and Manage SAST, DAST scans and security tools (Black Duck, Coverity, Code Dx and other security analysis tools)
Manage containerized application deployments using Docker, Kubernetes, and related orchestration tools
Automate infrastructure provisioning and deployment using Ansible, Terraform, and cloud provider tools
Manage Release of VM Images/Virtual Applications into the Amazon and Google Cloud Marketplaces
Troubleshoot build failures and infrastructure issues, providing timely resolution and documentation
Monitor build system performance and implement optimizations to reduce build times and failures
Key Qualifications:
5+ years of Bash Shell Scripting
Build Pipelines with CI/CD automation in Jenkins, Gitlab, Github, Concourse, or equivalent platforms
Python programming and package creation
OOP design and implementation
Docker image creation, tagging and releases
Git and Gitlab CI or equivalent version control and CI systems
Experience with build tools: Gradle, Maven, NodeJS, Ant, or equivalent
Multi-platform build system experience (Windows, Linux, macOS)
Experience with software supply chain security and vulnerability management
Linux System Administration and shell scripting proficiency
Strong troubleshooting and problem-solving skills
Excellent documentation and communication skills
Preferred Experience
Kubernetes, Helm, Terraform, Ansible
AWS / GCP / Azure cloud automation and infrastructure management
DevOps Automation and Infrastructure as Code practices
Linux System Administration and VM Management via OpenStack or equivalent
Dev Sec Ops and CI Supply Chain Security frameworks (SLSA, SBOM)
Software Composition Analysis (SCA) tools and vulnerability scanning platforms
MacOS signing and Notarization processes
Windows Binary Signing and certificate management
Experience with multiple build systems and their integration
Pay Range
$101,300—$152,000 USD
Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.
Black Duck Burlington, Massachusetts, USA Office
800 District Ave, Burlington, MA, United States, 01803
Similar Jobs
.png)
Gaming
The Build Engineer will automate deployment processes, manage CI/CD pipelines, and collaborate across teams to ensure high-quality software delivery.
Top Skills:
BashC#DockerGitJavaJenkinsPerforcePowershellPythonTeamcity
Artificial Intelligence • Cloud • Sales • Security • Software • Cybersecurity • Data Privacy
As a Staff Product Analyst, you will drive strategic projects, manage communications for the CPO, and synthesize market insights to influence product strategy and market perception.
Top Skills:
AIMl
Blockchain • Fintech • Payments • Financial Services • Cryptocurrency • Web3
The Lead Analyst, Product Compliance ensures compliance in product lifecycle, conducts risk assessments, collaborates with teams, and develops compliance processes for Circle's Payments product.
Top Skills:
Ai ToolsBlockchainDecentralized FinanceRisk Management Tools
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
