Join us on our transformation journey to the digital futureAt Volvo Group Digital & IT, we have a clear ambition to enable value creation at scale for the Volvo Group. With a new product centric operating model and digital technologies, we will produce digital offerings that are profitable, scalable, and differentiated. With Volvo Group Digital & IT, you will be part of a global and diverse team of highly skilled professionals, who learn continuously and embrace change to stay ahead. We have a very important role to play in reaching the Volvo Group ambitions for 2030. Do you want to be part of our transformation journey towards becoming the digital capability of the Group? The time is now. Role DescriptionWe are now looking for an Open Source Compliance Officer to join our Application Security Platform team. We are looking for someone who has a real interest and passion for Open Source Governance and has a good technical background in application security, especially Software Composition Analysis. Your ability to learn new things, to inspire others around you and your excellent communication skills maybe just what we are looking for. You have a continuous improvement mind-set and your experience as a senior developer or IT Architect is a great foundation to take this exciting step in your career.You will:Provide auditors' expertise and know-how to Application delivery teams that use Open Source software in 1200+ applications.​Coordinate source code scans.Use tools like Synopsis BlackDuck or Sonatype NexusIQ to identify the OSS used to develop a software product, as well as identifying open source licenses.Support teams in how to analyse, assess, and respond to various internet threats in the open source domain.Be an open source security subject matter expert and answer application security questions, helping development teams to build secure applications.Advise Delivery Organization leadership team on how to apply application security across its products.Your Experience:You already have:Solid software engineering experience in one or more general purpose languages and strong experience in IT Architecture.Experience with CI/CD pipelines.A good understanding of application security with awareness of OWASP Top 10 vulnerabilities and OWASP ASVS requirements.Experience with BlackDuck or other relevant tool for creating open source BOM.Strong technical background, including several years’ experience with software architecture design.It is an advantage to:Have experience with security maturity models frameworks like OWASP SAMM or BSIMM.Experience analyzing and improving product and software security at scale is an advantage.Have experience in implementing Application Security Testing processes & tools is an advantage.What we can offer you:Application security is an area of growing importance. While we can’t offer you an effortless job, we can offer you a chance to be part of an exciting, growing and evolving domain. Our team is fun to work with, diverse and we are all passionate about developing, supporting and helping others in many aspects of software development. We are happy to get your application!