Back to listings
Veritaz ABRemote

Senior SBOM Support Consultant – 14856

Project-Based

Description

Assignment Description:

We are looking for a Senior SBOM Support Consultant to join our dynamic team.

What you will work on:

  • Enable and support SBOM generation in build systems for IHU, DHU, and UXC
  • Collaborate with CI and security teams to establish continuous SBOM generation for all product releases
  • Introduce vulnerability scanning and open-source software (OSS) regression scanning pre-merge within CI pipelines as part of the continuous SBOM initiative
  • Ensure verified SBOM output is generated for each build and that vulnerability scanning reports are fully integrated into CI/CD pipelines
  • Support region-specific cybersecurity certification activities for the US, China, and EU markets
  • Produce, complete, and manage cybersecurity documentation including TARA, CSPD, and CS-CASE, ensuring review, approval, and upload in Teamcenter
  • Coordinate and document monthly CSMS review meetings, tracking actions and follow-ups in JIRA
  • Support penetration testing activities, including documentation and approval of test reports and remediation plans
  • Provide compliance evidence and support sign-off activities for UNECE WP.29 R155 and ISO/SAE 21434
  • Prepare and deliver monthly governance reports covering delivery status, risks, and mitigation plans

What you bring:

  • Strong background in software engineering within Test IT and/or Industrial IT environments
  • Hands-on experience with SBOM generation, CI/CD pipelines, and secure build processes
  • Experience working with vulnerability management, OSS compliance, and security scanning tools
  • Knowledge of automotive or industrial cybersecurity standards, including UNECE WP.29 R155 and ISO/SAE 21434
  • Experience supporting cybersecurity documentation such as TARA, CSPD, and CS-CASE
  • Familiarity with CSMS processes, governance reporting, and structured compliance follow-up
  • Ability to collaborate effectively with CI, security, and cross-functional engineering teams
  • Strong documentation skills and experience working with tools such as Teamcenter and JIRA
  • Structured, detail-oriented, and proactive approach to cybersecurity and compliance work

If this sounds interesting, please send your CV to

Skills

CybersecurityPenetration TestingCI/CDComplianceJIRASecurity