Job description
Bullisher is a data centric fintech Solution provider in the aerospace and defense industry for institutional level investors, looking to disrupt and revolutionise a
$3 trillion dollar industry. We spearhead an industrial-leading Blackbox to facilitate and administer trade agreements pioneered by a vehicle, driven by our new generation benchmark delivering solutions through innovation with uncompromising agility. Predicts trends in the aerospace and government defense entities, predicts trends in political shifts and the ability to influence actual effect changes in government policies through innovation.
Job description:This role may suit an individual who is a specialist in comprehensive open Source compliance.Inventorying current applications, including programming languages and distribution methods.
Determining which products/software and services pose the highest risk of legal liability – this will differ depending on the syndicate members, but, broadly:
Focus on mobile and on-prem applications, for on-prem, prioritize products.Pay particular attention to images, and virtual machines.
Create open source policies for these products/software and services and implement those policies in our scanning tool.
Focus on mobile and on-prem applications.
- 5yrs+ Extensive experience in permissive licenses, public domain dedication, corporate-style permissive licenses.
- High level experience in sampling policy for distributed commercial licensed Products.
- Hands on setting up policies on very sophisticated software’s/products scanning tools physically distributed.
- The Ability to encode these policies into a tool. The tool will flag up things that violate a particular policy.
- Name one person responsible for managing the scanning tools and integrating it across the BULLISHER organization ( do not decentralize this function).
- Commit to a regular schedule of looking at scanning reports and publishing open source attributions reports ( embedding in development processes).
- Integrate our scanning tool with a ticketing tool like JIRA.
- Configure our scanning tool to auto-approve
- It’s very important for you to find an engineering partner within the organization structure who’s going to launch help legal action to run the compliance process Who has a big bird eye view over the company e.g (Head of Technology risk management, head of engineering or CTO).
- It’s important to publish attribution reports and have source codes ready for every release we do.
- The Scanning tools should have strong policy enforcement automation and function as knowledge management.
- Use our general counsel/compliance to look at the result of a policy system Flagg up that isn’t auto-approved.
- E.g AGPL
- Source code of the relevant product to confirm the correct licenses have been identified
- Approved/deny decisions should take into account risk tolerance that underlies the open source policies.
- Implement policies for security and engineers to separately review tickets, this should be built into the ticketing workflow.
- Create packaging attribution files
- Prepare a source code for engineers should they create a tarball ( including modifications) for all open source used in the product/software.
- Manage the continuous cycle of the open source process of the sophisticated application/platform.
- Maintain compliance continuity to require OSS scanning tool integration for new repos and new products/software’s within the company ( this can be technical or procedural in nature).
- Anytime we are creating a product/repos you have to go through the process of integrating it with our open source scanning tools.
- Hybrid working within a minimum one day a week in the office.
- Hands on with Open Source licenses e.g (BDS, Apache 2.0, MIT, XLL, OpenSSL, SSLeay, LGPL, GPL, W3C, BOOST, Mozilla Public License, Eclipse Public License, Common Development and distribution license, Common Public License, Netscape Public license, IBM Public License, Microsoft limited Public licenses etc) • Technical abilities with multiple programming languages such as C++, Python, JavaScript, or Java •
- Executive level experience with automated build tools, version control systems, and artifact repositories such as Jenkins, Git, Perforce, Docker, Maven, and Gradle • Masters degree in Computer Science/Engineering or equivalent).
INTERVIEW PROCESS:
- STAGE 1 : COGNITIVE ABILITY TEST
- STAGE 2 : COGNITIVE ASSESSMENT SCREENING: WITH A 30yrs+ EXPERIENCE PSYCHOLOGIST:
- STAGE 3: PRE-SCREENING ( verification checks & security clearance)
- STAGE 4: INTERVIEW WITH THE: CEO, CTO & GC