Job details

Sr Software Engineer - Compliance

Get a free resume review

What's the role?

The Enterprise Risk & Compliance team is a globally distributed team of security and privacy professionals working together to secure the world’s preeminent open location data ecosystem and platform. Help us build our open-source licensing and application security program to ensure HERE’s products, applications, and data are secure, and comply with applicable data protection, privacy, and copyright laws.

Key Responsibilities:

Open-source compliance: play a key role in our Open-Source Licensing Office operations team by ensuring compliance with open-source community practices
R&D team engagement: Fulfill open-source licensing obligations (e.g., GPL, MIT, Apache) resolving technical and licensing issues
Reporting: communicate findings and issues with product development teams to remediate any non-compliant use of open-source software
Research: determine any applicable commercial licensing shifts and regulatory measures that impact open-source code compliance
Assess security risks: Assess various open-source, security, and privacy findings through the secure-software development lifecycle
Application assurance: Support HERE’s Application Assurance Dashboard by providing engineering support for our Application Security Dashboard and its development
Serve as a primary licensing compliance and security point of contact for business teams requiring security and privacy support to bridge the gap from security to product development teams
Risk management: Document and manage identified risks and vulnerabilities detected while evaluating applications and work with teams to mitigate findings
Collaboration: Work with peers across legal, development, customer, and Trust organizations to improve processes and compliance across the organization
Training and Awareness: Train and improve employee understanding of open-source licensing and security practices with continuous feedback

Who are you?

Position Requirements:

Undergraduate or graduate degree in Computing Science, Information Technology, Information Science, or equivalent experience
2+ years experience of open-source software licenses assessment in commercial software development
Familiarity in Java, C/C++, Python, or other modern programming languages as well as emerging artificial intelligence frameworks and services
Involvement of commercial and open-source tools (e.g., BlackDuck, FOSSA, ORT)
Ability to assess and troubleshoot software development errors
Working knowledge of information security principles, best practices, architectures, tools, and processes consistent with ISO 27001 and COSO principles
Understanding of application and infrastructure security tools, processes, and organizations
Basic understanding of web technologies and vulnerabilities such as SSL/TLS, REST, HTTP, OWASP, or other related standards and protocols
Written and verbal communication skills with both a technical and non-technical audience including legal, product development, and security functions
Self-motivated with a willingness to learn and experience security, privacy, and compliance domains with the ability to work independently in a global team

Preferred Skills:

Active engagement in the open-source community and contributions
Experience in defining, developing, maintaining, and supporting a software development lifecycle (SDLC) in an agile environment
Capacity to perform code reviews or implement security controls for developed applications
Passion for machine learning algorithms and artificial intelligence applications ranging across various domains (e.g., copyright laws, development, regulatory compliance)
Knowledge of relevant information security standards across the automotive and artificial intelligence industries (e.g., ISO 42001, TISAX, ISO 21434)

HERE is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status, and other legally protected characteristics. - #LI-MS1

As part of HERE Technologies employment process, candidates will be required to successfully complete a background verification process. This offer and any related claims are subject to the successful completion of a background verification.

Who are we?

HERE Technologies is a location and data technology platform copmany. We empower our customers to achieve better outcomes -- from helping a city manage its infrastructure or a business optimize its assets to guiding drivers to their destination safely.

You can find us everywhere: in vehicles, smartphones, drones or third-party apps. We believe that with the right people, we will continue to be a game-changer in the technology industry and improve the daily lives of people around the world.

At HERE we take it upon ourselves to be the change we wish to see. We create soluions that fuel innovation, provide opportunity and foster inclusion to improve people's lives. If you are inspired by an open world and driven to create positive change, join us.

Average salary estimate

$105000 / YEARLY (est.)

min

max

$90000K

$120000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Sr Software Engineer - Compliance, HERE Technologies

HERE Technologies is searching for a talented Sr Software Engineer - Compliance to join our Enterprise Risk & Compliance team! As a vital part of our globally distributed group of security and privacy professionals, you'll play an essential role in securing our open location data ecosystem and platform. In this exciting position, you'll focus on open-source compliance by engaging actively with our Open-Source Licensing Office operations team. Your responsibilities will include fulfilling licensing obligations such as GPL, MIT, and Apache, helping to resolve any technical and licensing issues that arise. You'll be communicating findings and issues with our product development teams, assessing various open-source security and privacy risks, and supporting our Application Assurance Dashboard. Ideal candidates will have an undergraduate or graduate degree in Computing Science or a related field, along with at least 2 years of experience in assessing open-source software licenses. Familiarity with modern programming languages like Java, C/C++, and Python, along with tools such as BlackDuck and FOSSA, will be greatly beneficial. If you are self-motivated, eager to learn, and have a passion for improving compliance practices and security awareness, we want you on our team! At HERE Technologies, you will have the opportunity to make a meaningful impact in a collaborative environment while helping drive positive change in the technology landscape.

Frequently Asked Questions (FAQs) for Sr Software Engineer - Compliance Role at HERE Technologies

What are the key responsibilities of a Sr Software Engineer - Compliance at HERE Technologies?

As a Sr Software Engineer - Compliance at HERE Technologies, your main responsibilities include overseeing open-source compliance by engaging with the Open-Source Licensing Office operations team, ensuring adherence to licensing obligations like GPL, MIT, and Apache. You'll also communicate any non-compliant uses of software to product development teams, assess security risks in open-source software throughout the secure-software development lifecycle, and support the Application Assurance Dashboard. Your role will involve collaborating with various teams to improve compliance and managing risks effectively.