Open Source Compliance Engineer

Remote
Full Time
Eclipse Management Organization
Mid Level

Location: remote. Work from where you are. The Eclipse Foundation is global in scope and is domiciled in Belgium, with staff located in Europe, Canada, and the United States.

About the Eclipse Foundation

The Eclipse Foundation provides our global community of individuals and organizations with a mature, scalable, and business-friendly environment for open source software collaboration and innovation. Working closely with the members of the small yet effective Eclipse Management Organization team, you’ll play a key role in supporting the Foundation and its large community of open-source projects and developers.

The Open Source Compliance Engineer supports execution of the Eclipse Foundation’s Intellectual Property policy and licensing obligations for Open Source Software across multiple open source projects, products, and platforms. They participate in the intellectual property due diligence analysis of large and complex software code bases and work with project teams to resolve provenance and license conformance issues in open source components. 

The ideal candidate understands multiple build systems (Maven, Gradle, NPM etc), communicates technical and legal challenges, drives change, and tracks critical dependencies for successful compliance around use of open source software. 

The position requires the individual to facilitate and operate software composition analysis tools, as well as review and track open source license compliance issues before software is shipped.

In essence, a license compliance engineer is a software engineer with passion for intellectual property, copyright, and open source licenses who works with engineers, managers and lawyers to: 

  • Raise the general knowledge about the license compliance topic among the open source project developers; 

  • Define and implement technical measures towards continuous compliance; 

  • Support engineers and managers in the most common cases related to licenses; 

  • Support IP and licenses specialists in the technical aspects of the software development and delivery processes related with the IP and license compliance field; 

  • Perform scans, audits, clearance and reporting activities; 

  • Filter and escalate cases for evaluation to specialists and lawyers; 

  • Represent the IP/license function within engineering. Represent engineering function within the IP/license; and 

  • Establish and nurture relationships between multiple teams, and navigate dependencies. 

The successful candidate will have strong interpersonal skills with demonstrated ability to work with diverse/cross-functional teams, as well as elicit work output from peers and other team members. 

This is a full-time position. 

Skills and Competences:

  • Ability to engage directly with stakeholders from the Eclipse Foundation’s open source projects, provide ongoing guidance and leadership in the Eclipse community, and help maintain policies; 

  • Ability to collaborate in asynchronous environments, supporting multiple projects at the same time; 

  • Experience in the license compliance field; 

  • Experience working in remote/distributed environments; 

  • Familiarity and experience with the Open Source process; 

  • Ability to work with engineers, managers, and lawyers; 

  • Ability to develop and deliver training sessions and workshops; 

  • Experience with code review, continuous Integration, continuous delivery, integration of source code and binaries scanning and audit (continuous compliance) processes, and tooling into development and delivery processes; 

  • Solid understanding of Open Source licenses and proficiency in understanding the terms of common Open Source licenses such as the Eclipse Public License 2.0, Apache Software License 2.0, MIT, LGPL, GPL, …, supply chain conformance and compliance processes, and standards; 

  • Basic understanding of asset and risk management, intellectual property, copyright, and patents in different jurisdictions; 

  • 5+ years of experience in software development; and 

  • Fluency in English. 

Tools 

Real world experience and proficiency with Git and GitHub is an absolute requirement. 

Proficiency with the following technologies/tools will be considered an asset: 

  • GitLab; 

  • Gerrit, Jenkins, Gitlab runners, pipelines, orchestration tools; 

  • Compilers, static code analysis, code signing/encryption, Software Composition Analysis (SCA); 

  • Open Source tooling for license scanning, conformance and clearance: 

  • OSS Review Toolkit (ORT);

  • Scancode, FOSSology, ClearlyDefined, REUSE;  

  • Build technologies: Maven, NPMJS, SBT, Gradle, …; 

  • Standard Software Bill of Materials (SBOM) format such as SPDX or CycloneDX; and 

  • Basic knowledge of some proprietary tooling like ScanOSS, Black Duck Hub, FOSSA. 
     

To Apply 

To apply, please submit a detailed resume and cover letter. We offer a competitive annual salary and comprehensive benefits package. We thank all applicants for their interest; however, only those to be interviewed will be contacted. For more information about Eclipse Foundation, please visit our website at https://www.eclipse.org

The Eclipse Foundation respects the dignity and independence of people with disabilities and provides accommodation and support to persons with disabilities throughout any recruitment process, once made aware of a need for accommodation. If you require any special accommodation or support during the recruitment process, please indicate in your email to us.

Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file