Free and Open Source Software Auditor
Engineering & Design
All Cities Virtual, USA
Lexmark creates innovative IoT- and cloud-enabled imaging technologies that help customers in more than 170 countries worldwide achieve their vision of print simplicity, security, savings and sustainability. At the forefront of our global software development organization is the reliance on open-source software.
We are looking for a detail-oriented auditor to join our Free and Open-Source Software (FOSS) team. As a FOSS auditor you will guide the use of open-source software within Lexmark's diverse business segments. The FOSS team is leveraged by global development teams to ensure Lexmark remains in compliance with all open-source software licenses that are used. As such, this role is responsible for scanning and analyzing Lexmark-developed software for security and licensing risks.
Our growth provides a rich opportunity to develop market-leading solutions enabling customers to capture, manage, and access their content in ways that solve real business problems. This is where you come in. If you are looking for the opportunity to help guide Lexmark's use of open-source software, protect Lexmark from unauthorized use of open-source libraries, all while working from the comfort of your home office with unlimited vacation, this is a great opportunity for you.
The position responsibilities include, but are not limited to:
Prevent use of software that isn’t accompanied by a Lexmark-approved software license
Analyze software for FOSS components and their licenses
Manage the queue of audit requests from software development teams
Maintain FOSS training material
Facilitate the lifecycle for acceptance of new software licenses
Create and distribute NOTICE files
Provide audit summaries to the out-licensing team
The FOSS Auditor should have a general understanding of:
Characteristics and usage of various programming languages and FOSS components
Standard package managers such as NPM, Gradle/Maven, Ivy, etc.
Types of software distribution/licensing models
commercial/proprietary code vs free and open-source code
non-sublicense-able and sublicense-able license terms
static and dynamic linking (in regard to certain licenses)
copyleft and permissive license types
transitive and direct dependencies
Conditions of Use associated with most frequently used FOSS licenses
Implications of release types in licensing (Beta, PE, GA, Internal, SPR)
Implications of viral licensing in proprietary software code
Jenkins/build systems and associated files, including icons, fonts, JAR files, and source code (Java, Sprint, etc...)
*It is preferred this position be located in Lexington, KY, but will consider remote for a strong candidate. Relocation assistance will not be provided for this position.