Software Engineer-Information Security (Open Source Compliance) jobs in United States
cer-icon
Apply on Employer Site
company-logo

GlobalLogic · 2 weeks ago

Software Engineer-Information Security (Open Source Compliance)

positionDallas, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$120K/yr - $130K/yr
date9+ years exp

GlobalLogic is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. They are seeking a Software Engineer specializing in Information Security and Open Source Compliance to automate audits, manage dependencies, and ensure compliance with open source licenses while working cross-functionally with various teams.

Developer PlatformInformation TechnologyProduct DesignSoftware
check
H1B Sponsor Likelynote

Responsibilities

Conduct formal risk assessments to identify threats and vulnerabilities and recommend mitigating controls
Ensure compliance with open source licenses and applicable standards (e.g., ISO 27001, ISO/IEC 5230:2020, SOC 2) in partnership with Engineering, Legal, and external stakeholders
Evaluate proposed libraries before integration (GPL/LGPL/MPL/MIT/Apache), document obligations (attribution, source offer, relinking), and guide compliant implementation patterns (static vs. dynamic link, dual license scenarios)
Author/update SOPs, Working Instructions, developer-facing runbooks, and public distribution READMEs
Develop and deliver open source and product-based GRC training to employees and contractors
Communicate complex build processes, package management, and license implications to technical and non-technical audiences
Lead incident response (identify, contain, recover), conduct post-incident reviews, and recommend program and control improvements
Monitor industry trends and best practices in Open Source License Compliance; propose program updates proactively
Publish compliance/security dashboards in Power BI; use SQL to analyze SBOM coverage, license risk, vulnerability posture, and release readiness for executive decision-making

Qualification

Embedded software developmentOpen Source ComplianceSecurity TestingCI/CD PipelinesC/C++/C#/PythonSAST/DAST/IASTCMake/Clang/LLVMJFrog ArtifactoryPower BITrainingCollaborationDocumentation

Required

7+ years in embedded software development (Linux kernel, device/firmware), plus 2+ years in a security-focused role (DevSecOps/AppSec/Compliance)
Deep, practical familiarity with GPL/LGPL/MPL/MIT/Apache requirements (attribution, source publication, relinking, derivative work analysis) and enforcement throughout the SDLC
Strong in C, C++, C#; proficient in Python/JavaScript for automation/tooling; confident with XML/JSON/YAML for configs and SBOMs
Proficient with CMake, Clang/LLVM, cross compilers; package with Conan/Snapcraft; govern artifacts in JFrog Artifactory with risk analysis via JFrog Xray
Hands-on with GitHub Actions / GitLab CI and GitOps practices (GitHub/GitLab) for policy as code and environment orchestration
Skilled at integrating and interpreting SAST/DAST/IAST results; practical experience with CodeQL, SonarQube, ScanCode, and SBOM tooling (SPDX/CycloneDX)
Able to build Power BI dashboards, write SQL, and translate complex technical topics into clear narratives for technical and non-technical audiences
Exceptional writing quality for SOPs, Working Instructions, and public distribution artifacts; experienced trainer for OSS/GRC topics
Comfortable influencing cross-functional roadmaps and mediating license/security trade-offs with engineering, Legal, and external partners
Bachelor's or Master's in Computer Engineering, Electrical Engineering, Computer Science, or a closely related field

Preferred

Security certifications (e.g., CISSP, CSSLP) are a plus

Benefits

Culture of caring.
Learning and development.
Interesting & meaningful work.
Balance and flexibility.
High-trust organization.

Company

GlobalLogic

twittertwittertwitter
Glassdoor3.8
company-logo
GlobalLogic is a product development services company that specializes in chip-to-cloud software engineering.
dateFounded in 2000
location
Santa Clara, California, USA
people-size10001+ employees
web-link
http://www.globallogic.com

H1B Sponsorship

GlobalLogic has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (317)
2024 (295)
2023 (225)
2022 (329)
2021 (303)
2020 (388)

Funding

Current Stage
Late Stage
Total Funding
$763.7M
Key Investors
CPP InvestmentsNew Enterprise Associates
2021-03-31Acquired
2017-01-11Secondary Market· $720M
2008-02-11Series C· $29.5M

Leadership Team

leader-logo
Srinivas Shankar
President and Chief Executive Officer
linkedin
leader-logo
Vishal Anand
COO and Head of Americas
linkedin

Recent News

Unified Communications fuel big enterprise success | CIO
There’s (industrial) strength in numbers when building AI
2026-01-25
acnnewswire.com
GlobalLogic and Elektrobit Strengthen Partnership to Accelerate Next-Generation Software-Defined Vehicles
2026-01-24
Irish Tech News
GlobalLogic and Elektrobit expand partnership on SDV platforms
2026-01-23
Company data provided by crunchbase