Open Source Software (OSS)

Product Security Engineer - OSSThe Dell Technologies Product Security Engineering Team is responsible for ensuring that all code developed at Dell is secure by default. Security Engineers are product security subject matter experts that come from a software development background and utilize their unique skillset to partner with engineering teams across the company to build security into every phase of the software development lifecycle at Dell Technologies.Join us as a Product Security Engineer - OSS on our Product Security and Applications Team in Bangalore to do the best work of your career and make a profound social impact.What you’ll achieve The Product Security Engineering Team is seeking a Security Engineer specializing in Open-Source Security who will collaborate closely with development teams, product security leaders, and cross‑functional stakeholders to mature Dell’s OSS governance, accelerate secure OSS adoption, and reduce risk from third‑party components.You will: - Partner with development teams to establish and enforce secure open-source usage practices, including component selection, patching, and lifecycle management.- Integrate, optimize, and automate Software Composition Analysis (SCA) tools within CI/CD pipelines to detect vulnerabilities, enforce policy, and generate SBOMs.- Build automation and dashboards that deliver actionable OSS security metrics, risk insights, and executive‑level KPIs.- Drive timely remediation of OSS vulnerabilities by embedding security into developer workflows and providing expert guidance on dependency hygiene.- Research emerging OSS ecosystem threats, supply-chain at are looking for with this role: Essential Requirements- Prior software development experience with one or more languages such as Python, Java, or .NET.- Strong understanding of Open Source Security, including dependency management, package ecosystem risks, vulnerability disclosure processes, and OSS community norms.- Experience with SCA tools (e.g., Black Duck, Checkmarx, Snyk, or similar), including configuration, CI/CD integration, and policy tuning.- Fami