Responsibilities

• Generate and maintain SBOMs for all software products, ensuring completeness and accuracy.
• Integrate SBOM generation into CI/CD pipelines for automated updates.
• Use SBOM data to identify vulnerabilities in software components and prioritize remediation.
• Collaborate with security teams to integrate SBOMs with vulnerability management tools and threat intelligence feeds.
• Assess risks in software supply chains using SBOM data and provide recommendations for mitigation.
• Work with vendors to validate SBOMs and ensure transparency in third-party components.
• Implement SBOM tooling and integrate with DevSecOps platforms, artifact repositories, and build systems.
• Enable automated workflows for SBOM updates and vulnerability scanning.

Technical Skills

• Proficiency in SBOM standards (SPDX, CycloneDX) and tools (Dependency-Track, OWASP).
• Knowledge of...