Open Source Compliance & Policy Consultant (Black Duck Program Lead) jobs in United States
cer-icon
Apply on Employer Site
company-logo

BayOne Solutions · 8 hours ago

Open Source Compliance & Policy Consultant (Black Duck Program Lead)

positionUnited States
timeContract
remoteRemote
seniorityMid Level
date3+ years exp

BayOne Solutions is seeking an experienced Policy & Enablement Consultant to join their expert team focusing on open source compliance. The role involves defining policies, building workflows, and enabling the organization to manage open source risk while collaborating with legal, security, and development teams.

Information and Communications Technology (ICT)Information ServicesInformation TechnologySaaSSoftware
check
Growth Opportunities

Responsibilities

Act as the primary liaison between Legal, Security, and Development teams to define and document open source usage policies, security risk thresholds, and license compliance requirements
Configure Black Duck policy rules, project groups, and vulnerability triage/workflow settings to operationalize defined policies
Design the end-to-end process for developers to remediate vulnerabilities and address license compliance issues, integrating with existing DevSecOps workflows
Develop comprehensive training curricula, user guides, and workshops tailored to developers, security analysts, and legal counsel
Create executive and operational dashboards/reports within Black Duck to track KPIs (e.g., time to remediate, policy violation rates, program adoption)
Establish metrics to demonstrate program ROI and effectiveness to leadership
Develop a complete "Transition to Operations" plan to hand over the sustained management of the program to internal teams

Qualification

Black Duck configurationSoftware security policiesOpen source licensesTechnical training deliveryStakeholder managementProcess-oriented deliverablesWritten communicationVerbal communication

Required

Minimum 3 years of hands-on experience configuring policy management, reporting, and workflows within Synopsys Black Duck
Proven experience in developing software security policies, compliance programs, or risk management frameworks for open source
Deep understanding of open source licenses (e.g., GPL, Apache, MIT) and associated compliance obligations
Experience in creating and delivering technical training to developer audiences
Strong stakeholder management and facilitation skills, able to translate legal requirements into developer workflows
Excellent written and verbal communication skills, with the ability to produce clear process documentation and executive briefings
Ability to work remotely, drive process-oriented deliverables, and collaborate seamlessly with a technical implementation partner

Preferred

Background in retail, financial services, or other highly regulated sectors
Familiarity with GDPR, CCPA, or other data privacy regulations as they relate to software
Project management or program management certification (PMP, etc.)

Company

BayOne Solutions

twittertwittertwitter
company-logo
BayOne Solutions provides computer programming services.
dateFounded in 2012
location
Pleasanton, California, USA
people-size501-1000 employees
web-link
https://bayone.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Yogesh Virmani
CEO and Co-founder
linkedin
leader-logo
Rahul Sharma
President and Co-founder
linkedin

Recent News

LinkedIn
BayOne Solutions on LinkedIn: #teambayone #newbeginnings #team #success #growth
2024-05-21
LinkedIn
BayOne Solutions on LinkedIn: #aapi #asianamericanpacificislandermonth #diversity
2024-05-21
Company data provided by crunchbase