Senior Researcher - OSS Supply Chain Security
Huawei Technologies Canada Co., Ltd.
Location
Markham, ON | Canada
Job description
Our team has an immediate permanent opening for a Senior Researcher. Responsibilities: - Conduct and apply cutting-edge research to design and implement research protocols for improving supply chain security in open source
- Insight investigation into new technology trends and promote the overall improvement of Huawei's open source asset management capabilities (e.g., SBOM management and OSS license compliance) by introducing industry-leading technologies, tools, standards, best practices, and independent innovations
- Collaborate closely with researchers and product teams to help them improve OSS asset management/OSS supply chain security and integrate your solution into the product
- Write and submit patentable inventions or research papers (at top-tier conferences)
What you’ll bring to the team:
- 2+ years of research and development experience (Java/Python/C/C++), solid understanding of ML/DL algorithms and experimental design
- Ability to demonstrate, evaluate, apply, and mature published research to real-world problems on prototype systems
- MS or Ph.D. Degree in Computer Science/Electrical Engineering, related to the Machine Learning field, or equivalent relevant experience
- Experience with static/dynamic program analysis
- Understanding of OSS vulnerability management and best practices, including knowledge in one or more of the following areas: Common Weakness Enumeration (2022 CWE Top 10), OSS vulnerability disclosure process, OSS vulnerability advisories (e.g., NVD, SNYK, GitHub)
- Knowledge of software supply chain risk and mitigation
- Knowledge of open source asset management (e.g., SBOM)
#LI-JG1
Job tags
Salary
