Senior Software Engineer

Job Description:

• The Senior Software Engineer will lead embedded engineering, automation, and open-source compliance initiatives across the SDLC, ensuring secure, compliant, and reproducible software delivery.

• Automate audits of binaries and source for license usage and generate SBOMs using Cyclone
  
  DX and SPDX.
• Standardize reproducible builds using CMake and Clang/LLVM and manage dependencies with Conan and Snapcraft.
• Govern artifacts in JFrog Artifactory and perform dependency health checks using JFrog Xray.
• Design and operationalize Git Ops and CI/CD pipelines using Git Hub Actions and Git Lab CI.
• Integrate SAST, DAST, and IAST into embedded and application pipelines.
• Triage third-party vulnerabilities and assess results from CodeQL, Sonar Qube, and related scanners.
• Create, publish, and revalidate Open Source Candidates with compliant build scripts, license texts, and distribution materials.
• Conduct formal risk assessments and ensure compliance with open-source licenses and security standards.
• Evaluate third-party libraries and document licensing obligations and implementation patterns.
• Author and maintain SOPs, work instructions, runbooks, and public distribution documentation.
• Develop and deliver open-source and governance training programs.
• Lead incident response activities and drive continuous improvement initiatives.
• Build and publish compliance and security dashboards using Power BI and SQL.
• Collaborate with engineering, legal, leadership, and external partners to ensure alignment and compliance.

• Deep knowledge of GPL, LGPL, MPL, MIT, and Apache licenses and compliance obligations.
• Strong experience with CMake, Clang/LLVM, Conan, Snapcraft, and JFrog Artifactory with Xray.
• Hands‑on experience with Git Hub Actions, Git Lab CI, and Git Ops practices.
• Experience integrating SAST, DAST, and IAST into CI/CD pipelines.
• Proficiency with CodeQL, Sonar Qube, Scan Code, and SBOM tooling such as SPDX and Cyclone
  
  DX.

• Seven years of experience in embedded software development including Linux kernel, device, or firmware development.
• Two years of experience in security‑focused roles such as Dev Sec Ops , App Sec, or Compliance.

• Programming in C, C++, and C#.
• Automation and tooling using Python and JavaScript.
• Configuration and data formats including XML, JSON, and YAML.
• Power BI dashboard creation and SQL analysis.
• Strong written and verbal communication for technical and non‑technical audiences.
• Ability to collaborate across engineering, legal, and external partners.

• Bachelor’s or Master’s degree in Computer Engineering, Electrical Engineering, Computer Science, or a related field.
• Security certifications such as CISSP or CSSLP are a plus.