CyberNX- SBOM License Compliance Analyst
Job Description : SBOM License Compliance Analyst
Location: Mumbai
Experience: 5+ Years.
Company overview:
Established in 2018, CyberNX Technologies is an innovative cybersecurity firm based in
Mumbai, India. Our dynamic team, blending seasoned expertise with a modern, cloud-centric
mindset, offers a full range of cybersecurity and cloud services. We are dedicated to facilitating
secure digital transformation, working hand-in-hand with clients to embed information security
into the foundation of their organizations. Our mission is to deliver cutting-edge cybersecurity
solutions and services at competitive prices, ensuring our clients are well-protected against
emerging threats.
Role overview:
A Senior License Compliance Analyst to lead Software Bill of Materials (SBOM) risk
management operations. This senior role shall govern the legal and regulatory compliance of
open-source software (OSS) utilized across our enterprise business applications. The role shall
bridge the gap between legal, procurement, business solutioning and security, to mitigate third-
party risk.
Key Responsibilities:
Lead SBOM Governance: Drive enterprise-wide analysis of automated SBOM
outputs to identify and catalog Open-Source Software (OSS) components across
critical banking applications.
Risk Architecture: Evaluate complex license profiles, copyleft obligations, and dual-
licensing risks against regulatory requirements.
Remediation Lead: Design remediation pathways for Business Solution Group to
resolve high-risk license conflicts.
Coordination Lead: Coordinate internally with Legal, Procurement and security units
on remediation, escalations and apprise top management on periodic basis.
Policy & Framework Design: Architect and update the bank's internal OSS
governance policies, ensuring alignment with RBI-CERT-IN Guideline.
Regulatory Compliance & Audit: Serve as the primary subject matter expert for OSS
compliance during internal, external, and regulatory audits.
Qualification/Requirements:
Industry Experience: 5+ years of software license compliance or IT audit experience
specifically within banking, fintech, or highly regulated financial environments.
Expert License Knowledge: Deep understanding of OSS licenses (e.g., AGPL, GPL,
Apache, MIT), patents, copyleft risks, and license compatibility constraints.
Advanced Tooling Mastery: Extensive hands-on experience with Enterprise Software
Composition Analysis (SCA) and SBOM management tools.
Regulatory Acumen: Familiarity with Regulatory requirements
Stakeholder Management: Proven ability to advise solutions team on technical
compliance strategies along with top management updates.
Certifications: Specific certifications such as OpenChain, CISA, or CISSP will be an
added advantage.
Benefits:
Flat Hierarchy: Enjoy a collaborative environment where every voice matters.
Flexible Work Hours: Tailor your schedule to fit your lifestyle and enhance work-
life balance.
Dynamic Team: Join a vibrant, forward-thinking group of young professionals.
Inclusive Culture: Experience an open and supportive work atmosphere that
encourages creativity.
Career Development: Benefit from structured career paths that align with your goals.
Mentorship Opportunities: Receive guidance and support from experienced mentors
to help you grow.
Note: This job description is a general outline of the role's responsibilities and may be adjusted
to suit the needs of the organization.
Employment Type: FULL_TIME