ACL DigitalWe're hiring a Software Supply Chain & SBOM Specialist to help secure our embedded software and ensure compliance with emerging regulations like the EU Cyber Resilience Act (CRA).
Implement and maintain SBOM standards (SPDX, CycloneDX) and tooling (Syft, CycloneDX CLI)
Validate SBOMs against regulatory and CRA requirements
Apply secure development practices in embedded C/C++ environments
Lead software supply chain security initiatives: component analysis, provenance, and vulnerability scanning (SCA tools like Snyk, Black Duck)
Integrate SBOM and security workflows into CI/CD pipelines
Leverage DevSecOps and automation to streamline compliance and security processes
Collaborate effectively with cross-functional teams including engineering, security, and product
Strong experience with SBOM standards, generation, and validation
Expertise in embedded C/C++ security practices and secure build/toolchain management
Hands-on knowledge of software supply chain security and CI/CD integration
Strong communication and collaboration skills
¿Te interesa este puesto?