Senior SBOM Support Consultant - 14856

Om jobbet

Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in securing the perfect talent fit. With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.

Assignment Description:

We are looking for a Senior SBOM Support Consultant to join our dynamic team.

What you will work on:

Enable and support SBOM generation in build systems for IHU, DHU, and UXC

Collaborate with CI and security teams to establish continuous SBOM generation for all product releases

Introduce vulnerability scanning and open-source software (OSS) regression scanning pre-merge within CI pipelines as part of the continuous SBOM initiative

Ensure verified SBOM output is generated for each build and that vulnerability scanning reports are fully integrated into CI/CD pipelines

Support region-specific cybersecurity certification activities for the US, China, and EU markets

Produce, complete, and manage cybersecurity documentation including TARA, CSPD, and CS-CASE, ensuring review, approval, and upload in Teamcenter

Coordinate and document monthly CSMS review meetings, tracking actions and follow-ups in JIRA

Support penetration testing activities, including documentation and approval of test reports and remediation plans

Provide compliance evidence and support sign-off activities for UNECE WP.29 R155 and ISO/SAE 21434

Prepare and deliver monthly governance reports covering delivery status, risks, and mitigation plans

What you bring:

Strong background in software engineering within Test IT and/or Industrial IT environments

Hands-on experience with SBOM generation, CI/CD pipelines, and secure build processes

Experience working with vulnerability management, OSS compliance, and security scanning tools

Knowledge of automotive or industrial cybersecurity standards, including UNECE WP.29 R155 and ISO/SAE 21434

Experience supporting cybersecurity documentation such as TARA, CSPD, and CS-CASE

Familiarity with CSMS processes, governance reporting, and structured compliance follow-up

Ability to collaborate effectively with CI, security, and cross-functional engineering teams

Strong documentation skills and experience working with tools such as Teamcenter and JIRA

Structured, detail-oriented, and proactive approach to cybersecurity and compliance work