Skip to main content

Director of Software Security at Cadence

Pricing Companies Market Trends For Employers FAQ Sign in

Director of Software Security

External

Cadence · San Jose

$165K–$306K/yrFull-timeOn-siteToday

AgileAPI DesignApplication SecurityAWSAzureCI/CD

Cover Letter Connect

Prepare for this interview

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

DevSecOps Strategy & Leadership
Define and execute enterprise DevSecOps strategy across all development teams
Integrate security controls into CI/CD pipelines (build, test, release)

© 2026 Hiro by Mistiq

Privacy Terms FAQ Employer FAQ Support

Establish "shift-left" security practices across the SDLC

Drive adoption of secure coding, SAST, DAST, and SCA tools

Secure Software Architecture

Define reference architectures for secure microservices, APIs, and cloud-native apps

Establish security patterns for containers, Kubernetes, and serverless

Lead threat modeling initiatives

Ensure secure API design and zero trust principles

Regulatory Compliance & CMMC

Lead compliance initiatives for:

Cybersecurity Maturity Model Certification (CMMC 2.0)

NIST SP 800-171r2 /800-53

ISO 27001

Ensure software systems meet federal, defense, and privacy regulations

Coordinate audits, assessments, and continuous monitoring programs

Implement controls for handling Controlled Unclassified Information (CUI)

Cloud & Platform Security

Secure DevOps pipelines across cloud platforms:

Amazon AWS

Microsoft Azure

Google Cloud

IBMC cloud

Cadence software service and products

Implement infrastructure-as-code (IaC) security scanning

Define secrets management, identity, and access controls

Application Security Program

Build and scale AppSec program across all product lines

Define vulnerability management lifecycle (discovery → remediation → validation)

Establish bug bounty / responsible disclosure programs

Integrate security into Agile and CI/CD workflows

Supply Chain & Software Integrity

Secure software supply chain (SBOM, dependency scanning)

Implement artifact signing, provenance, and integrity validation

Governance & Risk Management

Define policies, standards, and secure development guidelines

Establish KPIs: vulnerability remediation SLA, code coverage, pipeline security

Align software security with enterprise risk management

Report posture to executive leadership and board

Leadership & Cross-Functional Influence

Lead teams of AppSec engineers, DevSecOps engineers, and architects

Partner with Engineering, Product, Legal, and Compliance teams

Build security champions program within development teams

Influence engineering culture toward security ownership

Required Qualifications

12-15+ years in cybersecurity, with strong focus on application security and DevSecOps

5+ years in leadership (manager/director level)

Deep expertise in:

Secure SDLC and DevSecOps pipelines

Cloud-native architectures and container security

Regulatory frameworks (CMMC, NIST, ISO)

Experience in regulated industries (defense, government, healthcare, fintech)

Requirements

Hands-on experience with tools such as:
SAST: Checkmarx, Veracode
DAST: Burp Suite
SCA: Snyk, Black Duck
CI/CD: Jenkins, GitHub Actions
Familiarity with Kubernetes, Docker, and service mesh security
Certifications:
CISSP, CSSLP
CISM or CCSP
Experience with Zero Trust and identity-first security
Key Skills
DevSecOps Transformation
Secure Software Architecture
Regulatory Compliance (CMMC, NIST, ISO)
Application Security & Threat Modeling
Software Supply Chain Security (SBOM, SLSA)
Cloud & Container Security
Executive Communication & Strategy
We're doing work that matters. Help us solve what others can't.

Benefits

Health insuranceDental insuranceVision insurance401(k)Paid time offEquity / stock optionsPerformance bonus

Additional Information

At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology. Cadence InfoSec is seeking a Director of Software Security to lead the strategy, architecture, and execution of secure software development practices across the enterprise. This role will drive DevSecOps transformation, ensure compliance with regulatory frameworks (including CMMC), and embed security throughout the software lifecycle (SDLC).

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Cadence? Share your experience

Interested in this role?

Apply on the company's website.

Cover Letter Connect