Role Overview The State Street Cyber Security Architecture & Engineering team is seeking a highly skilled DevSecOps / Software Supply Chain Security Engineer to support enterprise rollout of secure software delivery practices. This role focuses on securing the software supply chain across CI/CD pipelines, artifact management, and dependency ecosystems. Key Responsibilities • Design and implement software supply chain security strategies • Secure artifact sourcing from Maven, PyPI, and internal registries • Manage Artifactory and artifact governance • Ensure artifact provenance, immutability, and integrity • Integrate security into CI/CD pipelines • Support Chainguard implementation and trusted image pipelines • Drive DevSecOps adoption across engineering teams • Develop dashboards, metrics, and governance standards Required Skills & Experience • Experience in DevOps / DevSecOps • Hands-on CI/CD experience • Strong understanding of supply chain security • Experience with Artifactory/Nexus • Knowledge of SLSA principles • Container security experience (Chainguard preferred) • Cloud experience (AWS/Azure) • IaC tools (Terraform, Ansible, Kubernetes) Salary Range - CA$ 100,000 - CA$ 120,000 Per Year TCS does not use artificial intelligence tools for candidate screening or evaluation. This post is for a current vacancy. The hiring process includes an initial screening, followed by a technical evaluation and managerial discussion.