FOSS Compliance Engineer
SunGreenH2
Compliance / Regulatory
Hyderabad, Telangana, India
Posted on Mar 14, 2026
Company
Qualcomm India Private Limited
Job Area
Engineering Group, Engineering Group > Software Engineering
General Summary
Qualcomm Open Source Engineering team is looking for a FOSS Compliance Engineer in Hyderabad to ensure our products and services meet opensource licensing obligations and industry best practices. This role requires strong hands-on experience in FOSS compliance operations.
The primary responsibilities include ensuring license compliance, enhancing software license reporting, and maintaining a software bill of materials (SBOM) and FOSS reports for all product lines. Additionally, the role involves automating compliance processes, educating the development community, and collaborating with various teams to ensure adherence to licensing obligations.
What You’ll Do
Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.
To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.
If you would like more information about this role, please contact Qualcomm Careers.
Qualcomm India Private Limited
Job Area
Engineering Group, Engineering Group > Software Engineering
General Summary
Qualcomm Open Source Engineering team is looking for a FOSS Compliance Engineer in Hyderabad to ensure our products and services meet opensource licensing obligations and industry best practices. This role requires strong hands-on experience in FOSS compliance operations.
The primary responsibilities include ensuring license compliance, enhancing software license reporting, and maintaining a software bill of materials (SBOM) and FOSS reports for all product lines. Additionally, the role involves automating compliance processes, educating the development community, and collaborating with various teams to ensure adherence to licensing obligations.
What You’ll Do
- Perform FOSS compliance analysis for software products and services across the business units or product lines (source and binaries).
- Identify and analyze OSS licenses and assess impact on commercial distribution.
- Maintain accurate inventories of components, licenses, obligations, and attributions; ensure traceability across source code, third-party binaries, images, and containers.
- Operate and integrate SCA tooling (FossID preferred) and embed scans into development workflows.
- Automate compliance workflows (Python) for scanning, SBOM generation/validation, approvals, reporting, and release readiness checks.
- Apply SBOM standards and best practices (SPDX, CycloneDX) across the product lifecycle; publish, validate, and version SBOMs for releases.
- Conduct OSS risk assessments (licensing, security, provenance) and recommend practical remediation strategies (substitution, configuration, exception management).
- Guide development teams on OSS intake, dependency linking, proper attribution, notice files, and license-compliant usage patterns.
- Stay current on licensing trends, regulatory developments, and community practices; contribute to continuous improvement of policies and processes.
- Support reviews, audits, and governance activities, including prerelease compliance gates, customer/partner disclosures, and internal/external audits.
- Experience with FOSS compliance analysis, reporting and publishing.
- Handson experience using Software Composition Analysis (SCA) tools such as FossID, Blackduck or equivalent.
- Familiarity with SBOM standards (SPDX, CycloneDX) and validation best practices.
- Familiarity or experience with OpenChain standard and implementation.
- Ability to read programming languages such as C/C++, Java, Python, Go.
- Ability to automate license compliance reporting and integrate it into CI/CD processes.
- Strong attention to detail and high-quality output.
- Ability to work independently, drive improvements, meet schedules, and exhibit strong writing skills.
- Experience with Linux OS is preferred.
- Required: Bachelor's, Computer Engineering or equivalent
- Preferred: Master's, Computer Engineering or equivalent
- Bachelor's degree in Engineering, Information Systems, Computer Science, or related field.
Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.
To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.
If you would like more information about this role, please contact Qualcomm Careers.