Informacje o stanowisku

For a pharmaceutical company we are looking for an experienced Open Source Compliance Specialist. This role combines software engineering, legal, and compliance functions to ensure our use of open source software (OSS) complies with licensing obligations and aligns with clients product and business goals. This specialist will primarily assess open source license obligations based on Software Bill of Materials (SBOM) data across our commercial products. Additionally, specialist will collaborate with the legal department to support due diligence and contract assessments related to third-party software partnerships, supplier agreements, and joint development initiatives.

• 3+ years of experience in open source license compliance, preferably in a regulated or product-driven environment
  
• Strong knowledge of OSS licenses, obligations, and best practices for permissive, weak copyleft, and strong copyleft licenses
  
• Experience reviewing and interpreting SBOMs (SPDX, CycloneDX) and related tooling (e.g., FOSSA, Black Duck, ORT, Syft, etc.)
  
• Familiarity with software development processes, CI/CD pipelines
  
• Proficient in at least one dependency management (e.g., Maven, NPM, PyPI, .net, dpkg, go, cargo, helm-charts, etc.)
  
• Experience working with or supporting legal teams on software licensing topics
  
• Experience in MedTech, automotive, or other regulated industries
  
• Knowledge of security vulnerabilities associated with OSS (CVEs, SBOM-driven risk mitigation)
  
• Familiarity with ISO/IEC standards like ISO 5230 (OpenChain), ISO 62443, or IEC 62304
  
• Understanding of commercial software procurement and licensing models (e.g., EULAs, OEM terms, dual licensing)

For a pharmaceutical company we are looking for an experienced Open Source Compliance Specialist. This role combines software engineering, legal, and compliance functions to ensure our use of open source software (OSS) complies with licensing obligations and aligns with clients product and business goals. This specialist will primarily assess open source license obligations based on Software Bill of Materials (SBOM) data across our commercial products. Additionally, specialist will collaborate with the legal department to support due diligence and contract assessments related to third-party software partnerships, supplier agreements, and joint development initiatives.

,[Evaluate SBOMs generated from internal tools or suppliers for OSS license compliance, Classify and interpret open source licenses (e.g., MIT, Apache, GPL, LGPL, AGPL, etc.) and flag potential risks or obligations, Conduct impact analysis for license incompatibilities or usage restrictions (e.g., copyleft triggers), Support legal teams in the review of software-related clauses in partnership agreements, procurement contracts, and supplier terms, Maintain internal documentation related to open source policies, licensing exceptions, and compliance workflows, Help develop and roll out internal training on OSS use and compliance, Collaborate with product lifecycle, DevOps, and cybersecurity teams to integrate compliance checks into CI/CD workflows Requirements: AWS, Maven, Apache, CI/CD Pipelines Additionally: Sport subscription, International projects, Private healthcare.

Praca Warszawa

Warszawa - Oferty pracy w okolicznych lokalizacjach