DevSecOps Engineer – Software Supply Chain Security

DevSecOps Engineer Location: Toronto, ON Hybrid (4 days/week onsite) Experience Required: 810 years Skill Category: Digital SecDevOps Role Overview The State Street Cyber Security Architecture & Engineering team is seeking a highly skilled DevSecOps / Software Supply Chain Security Engineer to support the enterprise rollout of secure software delivery practices. This role focuses on securing the software supply chain across CI/CD pipelines, artifact management, and dependency ecosystems. Key Responsibilities Design and implement software supply chain security strategies Secure artifact sourcing from Maven, PyPI, and internal registries Manage Artifactory and artifact governance Ensure artifact provenance, immutability, and integrity Integrate security into CI/CD pipelines Support Chainguard implementation and trusted image pipelines Drive DevSecOps adoption across engineering teams Develop dashboards, metrics, and governance standards Required Skills & Experience 812 years of experien...