Software Supply Chain Security Engineer (SBOM & Vulnerability Management)

Software Supply Chain Security Engineer (SBOM & Vulnerability Management) page is loaded## Software Supply Chain Security Engineer (SBOM & Vulnerability Management)locations:

Canada - Ottawa (Bill Leathem)time type:

Full timeposted on:

Posted 2 Days Agojob requisition id:

202665It's fun to work in a company where people truly BELIEVE in what they're doing!

*We're committed to bringing passion and customer focus to the business.**If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!*Lumentum Canada was awarded the 2022 National Capital Region’s Top Employers *for the 6th consecutive year* and the 2022 Career Directory Canada’s Best Employers for Recent Graduates *for the 5th consecutive year*.**Position Title:** Software Supply Chain Security Engineer (SBOM & Vulnerability Management)**Employment Type:** Full-time, Existing vacancy**Location:** Ottawa ON, Onsite**About Lumentum**At Lumentum, we’re building the tech behind the world’s fastest networks and most advanced systems. Our optical and photonic solutions power everything from AI and cloud computing to data centers, telecom, and advanced manufacturing.We’re a global team of innovators working where light meets technology, solving big challenges that keep the world connected and moving forward. If shaping the future of connectivity excites you, you’ll fit right in.**What You’ll Be Doing*** Generate, validate, and maintain SBOMs (SPDX, CycloneDX) across products and CI/CD pipelines.* Interpret SBOMs to assess license compliance, provenance, and transitive risk.* Run continuous vulnerability scanning (CVE, CWE) and produce clear, prioritized reports.* Triage findings by exploitability (EPSS), impact, and exposure; drive remediation SLAs.* Upgrade or replace vulnerable open-source packages; backport fixes when upgrades aren’t feasible.* Collaborate with product teams to resolve vulnerabilities with minimal regression risk.* Automate policy gates for builds/releases (e.g., block on critical CVEs).* Track and report risk metrics to security, engineering, and compliance stakeholders.* Support audits and customer security inquiries related to SBOMs and supply chain risk.**What We’re Looking For****Education:**

Bachelor’s degree in computer science, Computer Engineering, Software Engineering, Electrical Engineering, or a related field**Experience:*** 5+ years in software engineering, DevSecOps, or application security.* Hands-on experience generating and consuming SBOMs.* Proven vulnerability management and remediation experience.* CI/CD automation experience (GitHub Actions, GitLab CI, Jenkins).* Proficiency in at least one systems language (Go, Python, C/C++).* Solid understanding of licenses (MIT, Apache 2.0, GPL).**Perks You’ll Love*** Flexible time off* Health and wellness benefits (physical and mental)* Tuition reimbursement and career growth support* A workplace built for you: free gym, games room, prayer room* Subsidized meals, free coffee/tea* Employee stock options and incentive plans* A collaborative, innovative, and inclusive culture**Salary Range**

The salary range for this position is $110,625 - $149,675 CAD (Flexible).Final compensation will be determined based on factors such as experience, skills, and qualifications. In line with our commitment to being a great place to work, Lumentum offers competitive total rewards which may include annual bonus, equity, and comprehensive health and welfare benefits.**Join a Team That’s Shaping the Future**At Lumentum, we’re more than just a workplace—we’re a launchpad for creativity and innovation. We’re committed to celebrating your unique talents and helping you grow. Our guiding principles—Innovate, Engage, Deliver, Excel, and Win—aren’t just words; they’re the heart of what we do.**Let’s Build a Brighter Future Together!**We’re committed to building an inclusive workplace where everyone feels valued and empowered. We welcome applicants from all backgrounds and provide accommodations for individuals with disabilities throughout the hiring process. Your uniqueness makes us stronger, sparks creativity, and drives our success.*Please contact us at* *talentacquisition@lumentum.com* *to request accommodation.*Join us—your future starts here! #J-18808-Ljbffr