Open Source Compliance Engineer - FOSS

Global Technologies

Bangalore

5 - 10 Years

4.2

32+ Reviews

Open Source IT Compliance CI/CD Pipeline IT Governance Linux Shell Scripting Jenkins COTS Products

Posted on: 01/12/2025

Job Description

Description :

- 5+ years of experience in FOSS auditing and compliance.

- Proficiency with one or more SCA tools (e.g., Black Duck, WhiteSource, FOSSA, Snyk, FOSSID).

- Strong understanding of open source licenses (GPL, MIT, Apache, BSD, etc.).

- Experience working with SBOMs and license documentation.

- Understanding of Open Source Software principles and communities.

- Excellent communication and documentation skills.

- Ability to work independently and cross-functionally in a rapid-paced environment. IT Skills : MS office tools (Word, Excel, and PowerPoint).

- Language Skills : Proficient in English language.

Preferred Qualifications :

- Experience with CI/CD pipelines and integrating SCA tools.

- Familiarity with legal aspects of software distribution and IP.

- Knowledge of Inner-Source, Open-Source and Contributions are plus....

- Have experience in working on Blackduck protex, Fossid, Fossology and Jenkins

- Having good knowledge in open source licenses.

- Good understanding of complete Life-cycle of software audit process using various tools like Protex, FOSSID and Fossology.

- Knowledge on Open Source compliance, governance & security vulnerabilities with the aid of tools like FOSSID.

- Good understanding on FOSS - License Compliance, Conflicts and Compatibility.

- Very Strong knowledge in Protex, FOSSID and Fossology.

- Expert in report generation for FOSS audit using Protex.

- Generation of standard audit reports for use by the management and legal teams for analysis.

- Having good knowledge on Linux shell scripting

Roles & Responsibilities :

- Responsible for doing Open-Source code audit for multiple BUs using Fossology.

- Extensive knowledge on open source licenses, its governance & compliance.

- Knowledge on Open Source compliance, governance with the aid of tools like Protex.

- Good knowledge on Open source licenses.

- Worked on configuring GitLab, Clear case, BitBucket various SCMs integrating to Protex tool using CI/CD tool Jenkins.

- Have good knowledge on SW360 for storing the created reports with respect to projects and following the approval process.

- Analyze Open Source licenses, obligations, license compatibilities and create opinion reports.

- Providing information to clients to understand which licenses govern the modification, use and distribution of the software in their code base.

- Created OSS readme files and also trained OSS team for product releases.

- Worked on many COTS Commercial of The Selfs reports for many commercial products and created reports.

- Product clearing - released multiple product clearing reports for different projects and trained my team on the same.

- Having good knowledge on multiple distributions of Linux and Linux command sets.