Free Open Source Software Engineer

Position Summary: 

The FOSS Engineer is responsible for ensuring that the developed code is compliant with the Open Source internal policy and international license standards for the free open source software being used by liaising with the functional owners and internal/external stakeholders of the project.

Job Responsibilities:

• Responsible for delivery of FOSS (free open source software) documentation structure, verification and validation of tool documentation content;
• Open Source Components identification;
• Efficient copyright extraction;
• Open source license issues/conflicts mediator with the help of the internal and (if existent) external legal department;
• Strong communication with the project architects, PMs and internal stakeholders;
• Trigger and maintain the relation with software developers (owners), functional owners of each domain and client (FOSS office);
• Development of tools and scripts (partly/on demand in collaboration with partners);
• OSS vulnerabilities and security track record;
• Maintaining the audit trail of tasks performed (Jira, Confluence, etc) for traceability reasons;
• Following the FOSS process throughout the SDLC and making sure that the tasks and deliveries are handled in time and with quality;
• Perform vulnerability analysis and documentation;
• Perform security research activities on both known and unknown vulnerabilities;
• Identify the open source scope of each individual project also including the vendor FOSS (obtaining documentation, adapting the format to suite the client’s needs);
• Adjusting to a FOSS Functional Owner way of thinking which includes having responsibility for the deliveries and keeping the client informed of any updates/changes regarding the OSS used in the product;
• Report the activity on a weekly basis or on request to the direct and dotted-line management;
• Assigning tasks to the technical experts which conduct in depth investigations of OSS components.

• At least 4 years experience in the IT environment;
• At least 2 years of professional working experience in Agile SCRUM Methodologies;
• Knowledge of Free Open Source Software Components (FOSS) and types of OSS licenses;
• MS Office (Word si Excel);
• Demonstrated understanding of the Software Development Lifecycle;
• Linux OS Knowledge, understanding and basic commands;;
• Python scripting basics;
• OSS analysis and management tools (Black duck or similar: Palamida, Open Logic) will be considered an advantage;
• Experience in IT Audit, Quality & Security Management;
• Excellent written and oral communications skills; very good technical and commercial level of English is mandatory;
• Excellent team collaboration;
• Capable of working in a fast paced agile environment.

• Advise Development teams on implementation, configuration and integration of compliance software (BlackDuck, Flexera, Scan Toolkit)OSS analysis and management tools (Black duck or similar: Palamida, Open Logic) will be considered an advantage;
• ITIL foundations certification will be considered an advantage;
• Legal background for open source license analysis will be considered an advantage;
• Knowledge of various operating systems and common applications;
• OSS usage in analysis process;
• Working with repositories (GIT, Perforce etc.)
• Ability to perform vulnerability/penetration assessments;
• Solid understanding of existing threats & mitigation / remediation strategies;
• Cybersecurity knowledge