Software Supply Chain Engineer

Your responsibilities

• Collaborate with software architects, senior developers and devops leads to generate a comprehensive Software Bill of Materials (SBOM) for commercial products, including detailed information on open source components and dependencies.
• Review, analyze, and assess the usage of open source software in products to ensure compliance with relevant regulations and licenses, including knowledge of how usage, deployment, and architecture affects compliance.
• Integrate open source compliance checks into CI/CD pipelines, facilitating the early identification of compliance issues and minimizing compliance risks.
• Demonstrate proficiency in managing dependencies for at least two of the following programming languages: .NET/C#, Python, Java, C/C++, Node.JS/TypeScript, considering both proprietary and open source components.
• Create and maintain clear and concise compliance documentation, including policies, procedures, and best practices, to foster a compliant development environment.
• Utilize your expertise with CycloneDX, a lightweight SBOM standard, to enhance the accuracy and efficiency of our compliance processes.
• Stay informed about industry regulations, particularly FDA requirements, and ensure that our open source compliance practices align with current and emerging standards.
• Provide training and support to development teams on open source compliance practices, fostering a culture of awareness and responsibility.
• Provide expert guidance to development teams on open source licensing requirements, restrictions, and obligations to ensure legal and regulatory compliance.