The Eclipse Foundation is a not-for-profit, member-supported organization that hosts the world-class Eclipse Java IDE and over 375 Eclipse projects. The Foundation helps cultivate both an open-source community and an ecosystem of complementary products and services.
Working closely with the members of the small yet effective IT team, you’ll play a key role in fulfilling the requirements of the Foundation and its large community of open-source developers.
The Open Source Compliance Engineer supports execution of the Eclipse Foundation’s Intellectual Property policy and licensing obligations for Open Source Software across multiple products and platforms. This person will participate in the analysis of large and complex software code bases and report detected third-party and open source components and their licenses.
The ideal candidate will understand multiple build systems (Maven, Gradle, NPM etc), software usage details, communicate technical and legal challenges, drive change, and track critical dependencies for successful compliance around use of Open Source Software.
The position requires the individual to facilitate and operate software composition analysis tools, as well as review and track Open Source license compliance issues before software is shipped.
In essence, a license compliance engineer is a software engineer with passion for IP, copyright and licenses who work with engineers, managers and lawyers to:
- Raise the general knowledge about the license compliance topic among the workforce;
- Define and implement technical measures towards continuous compliance;
- Support engineers and managers in the most common cases related to licenses;
- Support IP and licenses specialists in the technical aspects of the software development and delivery processes related with the IP and license compliance field;
- Perform scans, audits, clearance and reporting activities;
- Filter and escalate cases for evaluation to specialists and lawyers;
- Represent the IP/license function within engineering. Represent engineering function within the IP/license; and
- Establish and nurture relationships between multiple teams, and navigate dependencies.
The successful candidate will have strong interpersonal skills with demonstrated ability to work with diverse/cross-functional teams, as well as elicit work output from peers and other team members.
This is a full-time position.
- Ability to engage directly with stakeholders from the Eclipse Foundation’s open source projects, provide ongoing guidance and leadership in the Eclipse community, and help maintain policies;
- Ability to collaborate in asynchronous environments, supporting multiple projects at the same time;
- Experience in the license compliance field;
- Experience working in remote/distributed environments;
- Familiarity and experience with the Open Source process;
- Ability to work with engineers, managers and lawyers;
- Ability to develop and deliver training sessions and workshops;
- Experience with code review, continuous Integration, continuous delivery. Integration of source code and binaries scanning and audit (continuous compliance) processes and tooling into development and delivery processes;
- Solid understanding of Open Source licenses and proficiency in understanding the terms of common Open Source licenses such as the Eclipse Public License 2.0, Apache Software License 2.0, MIT, LGPL, GPL, …, supply chain conformance and compliance processes, and standards;
- Basic understanding of asset and risk management, intellectual property, copyright and patents in different jurisdictions;
- 5+ years of experience in software development; and
- Fluency in English.
Real world experience and proficiency with Git and GitHub is an absolute requirement.
Proficiency with the following technologies/tools will be considered an asset:
- GitLab;
- Gerrit, Jenkins, Gitlab runners, pipelines, orchestration tools;
- Compilers, static code analysis, code signing/encryption, Software Composition Analysis (SCA);
- Open Source tooling for license scanning, conformance and clearance:
- OSS Review Toolkit (ORT); and
- Scancode, FOSSology, ClearlyDefined, REUSE;
- Build technologies: Maven, NPMJS, SBT, Gradle, …;
- Standard Software Bill of Materials (SBOM) format such as SPDX or CycloneDX; and
- Basic knowledge of some proprietary tooling like ScanOSS, Black Duck Hub, FOSSA.
- Remote. Work from where you are. The Eclipse Foundation is global in scope and is domiciled in Belgium, with staff located in Europe, Canada, and the United States.
To apply, please submit a detailed resume and cover letter. We offer a competitive annual salary and comprehensive benefits package. We thank all applicants for their interest; however, only those to be interviewed will be contacted. For more information about Eclipse Foundation, please visit our website at https://www.eclipse.org.
The Eclipse Foundation respects the dignity and independence of people with disabilities and provides accommodation and support to persons with disabilities throughout any recruitment process, once made aware of a need for accommodation. If you require any special accommodation or support during the recruitment process, please indicate in your email to us.