Sr. Engineer - SBOM (SPDX and CycloneDX) , C/C++ , Embedded , DevOPs , DevOpsec jobs in United States
cer-icon
Apply on Employer Site
company-logo

LanceSoft, Inc. · 5 hours ago

Sr. Engineer - SBOM (SPDX and CycloneDX) , C/C++ , Embedded , DevOPs , DevOpsec

positionSan Diego, CA
timeContract
remoteOnsite
seniorityMid, Senior Level
money$56/hr - $66/hr
date2+ years exp

LanceSoft, Inc. is seeking a Sr. Engineer with expertise in SBOM standards and tooling, particularly SPDX and CycloneDX formats. The role involves ensuring compliance with cybersecurity regulations in embedded C/C++ environments and integrating SBOM workflows into CI/CD pipelines.

Information Technology
check
Growth Opportunities
check
H1B Sponsor Likelynote
Hiring Manager
Vineet Sharma
linkedin

Responsibilities

Deep knowledge of SPDX and CycloneDX formats
Experience with SBOM generation tools (e.g., Syft, SPDX tools, CycloneDX CLI)
Ability to validate SBOMs against CRA requirements (machine-readable, complete metadata)
Demonstrated experience applying EU Cyber Resilience Act compliance requirements within embedded C/C++ environments, including expertise in build systems, toolchains, and secure software development practices
Expertise in provenance, component analysis, vulnerability scanning (e.g., SCA tools like Snyk, Black Duck)
Ability to integrate SBOM workflows into CI/CD pipelines for continuous compliance
Experience with DevOps/DevSecOps practices
Knowledge of automation frameworks for SBOM generation and distribution
Ability to effectively communicate with cross functional teams

Qualification

SBOM Standards & ToolingCybersecurity & ComplianceSoftware Supply Chain SecurityIntegration & AutomationC/C++DevOpsDevSecOpsEffective communication

Required

Deep knowledge of SPDX and CycloneDX formats
Experience with SBOM generation tools (e.g., Syft, SPDX tools, CycloneDX CLI)
Ability to validate SBOMs against CRA requirements (machine-readable, complete metadata)
Demonstrated experience applying EU Cyber Resilience Act compliance requirements within embedded C/C++ environments, including expertise in build systems, toolchains, and secure software development practices
Expertise in provenance, component analysis, vulnerability scanning (e.g., SCA tools like Snyk, Black Duck)
Ability to integrate SBOM workflows into CI/CD pipelines for continuous compliance
Experience with DevOps/DevSecOps practices
Knowledge of automation frameworks for SBOM generation and distribution
Ability to effectively communicate with cross functional teams
Bachelor's Degree in Engineering, Information Systems, Computer Science or related field and 2+ years of Software Engineering or related work experience
Master's Degree in Engineering, Information Systems, Computer Science or related field and 1+ year of Software Engineering or related work experience
PhD in Engineering, Information Systems, Computer Science or related field

Company

LanceSoft, Inc.

twittertwitter
Glassdoor4.1
company-logo
Established in 2000, LanceSoft is a pioneer in delivering top-notch Global Workforce Solutions and IT Services to a diverse clientele.
dateFounded in 2000
location
Herndon, Virginia, USA
people-size5001-10000 employees
web-link
http://www.lancesoft.com/

H1B Sponsorship

LanceSoft, Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (55)
2024 (32)
2023 (23)
2022 (25)
2021 (60)
2020 (80)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Ram Karuppusamy
Chairman & CEO
linkedin
leader-logo
Simon Dealy
Chief Financial Officer
linkedin
Company data provided by crunchbase