Sr Software Engineer/ Embedded software Engineer , Information Security (Open Source Compliance)

Job Title: Sr Software Engineer/ Embedded software Engineer , Information Security (Open Source Compliance)

Location: Dallas, TX

Duration: Long-term

Note : onsite role (five days a week)

We are seeking a Staff-level engineer who thrives on autonomy, engineering latitude, and self-determination someone who relishes the freedom to architect solutions, drive compliance, and innovate in a fast-moving environment. You ll join an incredibly dynamic and highly competent Security team, where your expertise will be valued and your voice heard.

The ideal candidate brings at least eight years of hands-on embedded software development experience, with a proven track record of transitioning into security-focused roles. You ll demonstrate mastery in open-source license compliance, CI/CD automation, vulnerability management, and technical communication showcasing both self-reliance and the ability to lead initiatives from concept to production. If you re ready to join a team that sets the standard in Security and empowers its members to excel, this is your chance to make your mark.

Required Skills:

Experience: 8+ years in embedded software development (Linux kernel, device/firmware), plus 2+ years in a securityfocused role (DevSecOps/AppSec/Compliance).

Licensing & Policy: Deep, practical familiarity with GPL/LGPL/MPL/MIT/Apache requirements (attribution, source publication, relinking, derivativework analysis) and enforcement throughout the SDLC.

Languages & Stacks: Strong in C, C++, C#; proficient in Python/JavaScript for automation/tooling; confident with XML/JSON/YAML for configs and SBOMs.

Build, Packaging & Artifacts: Proficient with CMake, Clang/LLVM, crosscompilers; package with Conan/Snapcraft; govern artifacts in JFrog Artifactory with risk analysis via JFrog Xray.

CI/CD & GitOps: Handson with GitHub Actions / GitLab CI and GitOps practices (GitHub/GitLab) for policyascode and environment orchestration.

Testing & Vulnerability Triage: Skilled at integrating and interpreting SAST/DAST/IAST results; practical experience with CodeQL, SonarQube, ScanCode, and SBOM tooling (SPDX/CycloneDX).

Data & Communication: Able to build PowerBI dashboards, write SQL, and translate complex technical topics into clear narratives for technical and non-technical audiences.

Documentation & Training: Exceptional writing quality for SOPs, Working Instructions, and public distribution artifacts; experienced trainer for OSS/GRC topics.

Collaboration: Comfortable influencing crossfunctional roadmaps and mediating license/security tradeoffs with engineering, Legal, and external partners.

Education: Bachelor s or Master s in Computer Engineering, Electrical Engineering, Computer Science, or closely related field. Security certifications (e.g., CISSP, CSSLP) are a plus.