Open Source Licensing Expert- Aerospace and Defense: - London, United Kingdom - Gentrian

Gentrian
Gentrian
Verified Company
London, United Kingdom

1 month ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description
Bullisher is a data centric fintech Solution provider in the aerospace and defense industry for institutional level investors, looking to disrupt and revolutionise a
$3 trillion dollar industry. We spearhead an industrial-leading Blackbox to facilitate and administer trade agreements pioneered by a vehicle, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. Predicts trends in the aerospace and government defense entities, predicts trends in political shifts and the ability to influence actual effect changes in government policies through innovation.

Determining which products/software and services pose the highest risk of legal liability - this will differ depending on the syndicate members, but, broadly:
Create open source policies for these products/software and services and implement those policies in our scanning tool.

WHAT ARE WE LOOKING FOR?

  • 5yrs+ Extensive experience in permissive licenses, public domain dedication, corporatestyle permissive licenses.
  • High level experience in sampling policy for distributed commercial licensed Products.
  • Hands on setting up policies on very sophisticated software's/products scanning tools physically distributed.
  • The Ability to encode these policies into a tool. The tool will flag up things that violate a particular policy.

DUTIES, RESPONSIBILITIES AND MANAGEMENT RELATIONSHIPS:

  • Name one person responsible for managing the scanning tools and integrating it across the BULLISHER organization ( do not decentralize this function).
  • Commit to a regular schedule of looking at scanning reports and publishing open source attributions reports ( embedding in development processes).
  • Integrate our scanning tool with a ticketing tool like JIRA.
  • Configure our scanning tool to autoapprove
  • It's very important for you to find an engineering partner within the organization structure who's going to launch help legal action to run the compliance process Who has a big bird eye view over the company e.g (Head of Technology risk management, head of engineering or CTO).
  • It's important to publish attribution reports and have source codes ready for every release we do.
  • The Scanning tools should have strong policy enforcement automation and function as knowledge management.
  • Use our general counsel/compliance to look at the result of a policy system Flagg up that isn't autoapproved.
  • E.g AGPL
  • Source code of the relevant product to confirm the correct licenses have been identified
  • Approved/deny decisions should take into account risk tolerance that underlies the open source policies.
  • Implement policies for security and engineers to separately review tickets, this should be built into the ticketing workflow.
  • Create packaging attribution files
  • Prepare a source code for engineers should they create a tarball ( including modifications) for all open source used in the product/software.
  • Maintain compliance continuity to require OSS scanning tool integration for new repos and new products/software's within the company ( this can be technical or procedural in nature).
  • Anytime we are creating a product/repos you have to go through the process of integrating it with our open source scanning tools.

KEY REQUIREMENTS:

  • Hybrid working within a minimum one day a week in the office.
  • Hands on with Open Source licenses e.g (BDS, Apache 2.0, MIT, XLL, OpenSSL, SSLeay, LGPL, GPL, W3C, BOOST, Mozilla Public License, Eclipse Public License, Common Development and distribution license, Common Public License, Netscape Public license, IBM Public License, Microsoft limited Public licenses etc)
  • Technical abilities with multiple programming languages such as C++, Python, JavaScript, or Java
  • Executive level experience with automated build tools, version control systems, and artifact repositories such as Jenkins, Git, Perforce, Docker, Maven, and Gradle
  • Masters degree in Computer Science/Engineering or equivalent).
More jobs from Gentrian
See all jobs of Gentrian