- Senior
- Ufficio in Ahmedabad
Position:
Senior Engineer / Technical Lead (Python Yocto)Job Description:
- Lead the design and development of SBOM generation pipelines within Yocto-based embedded build systems
- Integrate and validate SPDX 3.0-compliant SBOMs using open-source and custom tools
- Automate SBOM creation as part of the CI/CD pipelines using Jenkins and other DevOps tools
- Work with security teams to analyze and track Open-Source Vulnerabilities (CVE) from generated SBOMs
- Collaborate with development teams to ensure accurate tracking of software components, licenses, and dependencies
- Maintain and improve tooling for source scanning, license compliance, and vulnerability management
- Analyze complex source code bases and integrate SBOM processes with SCM systems (Git, Gerrit, etc.)
- Write and maintain Python scripts for build integration, reporting, and automation of SBOM tasks
What Are We Looking For
- Experience with Yocto Build System (BitBake, meta layers, custom recipes)
- Strong hands-on experience with SPDX standards (preferably 3.0) and SBOM generation tools (e.g., SPDX tools, FOSSology, CycloneDX, scancode-toolkit)
- Solid understanding of CI/CD concepts and Jenkins pipeline development
- Proficiency with Git, Gerrit, JIRA, and other collaborative tools
- In-depth knowledge of Python scripting, including advanced concepts
- Experience working with Makefiles, toolchains, and compiler optimization in embedded environments
- Strong grasp of open-source licensing, compliance, and security scanning (CVE/NVD tools)
- Excellent problem-solving, communication, and collaboration skills
 Location - Ahmedabad, Pune, Bangalore
 
			 
			 
			 
			