Director of Software Security

At Cadence we hire and develop leaders and innovators who want to make an impact on the world of technology.

Cadence InfoSec is seeking a Director of Software Security to lead the strategy architecture and execution of secure software development practices across the enterprise. This role will drive DevSecOps transformation ensure compliance with regulatory frameworks (including CMMC) and embed security throughout the software lifecycle (SDLC).

Key Responsibilities

DevSecOps Strategy & Leadership

• Define and execute enterprise DevSecOps strategy across all development teams

• Integrate security controls into CI/CD pipelines (build test release)

• Establish shift-left security practices across the SDLC

• Drive adoption of secure coding SAST DAST and SCA tools

Secure Software Architecture

• Define reference architectures for secure microservices APIs and cloud-native apps

• Establish security patterns for containers Kubernetes and serverless

• Lead threat modeling initiatives

• Ensure secure API design and zero trust principles

Regulatory Compliance & CMMC

• Lead compliance initiatives for:

  • Cybersecurity Maturity Model Certification (CMMC 2.0)

  • NIST SP 800-171r2 /800-53

  • ISO 27001

• Ensure software systems meet federal defense and privacy regulations

• Coordinate audits assessments and continuous monitoring programs

• Implement controls for handling Controlled Unclassified Information (CUI)

Cloud & Platform Security

• Secure DevOps pipelines across cloud platforms:

  • Amazon AWS

  • Microsoft Azure

  • Google Cloud

  • IBMC cloud

  • Cadence software service and products

• Implement infrastructure-as-code (IaC) security scanning

• Define secrets management identity and access controls

Application Security Program

• Build and scale AppSec program across all product lines

• Define vulnerability management lifecycle (discovery remediation validation)

• Establish bug bounty / responsible disclosure programs

• Integrate security into Agile and CI/CD workflows

Supply Chain & Software Integrity

• Secure software supply chain (SBOM dependency scanning)

• Implement artifact signing provenance and integrity validation

Governance & Risk Management

• Define policies standards and secure development guidelines

• Establish KPIs: vulnerability remediation SLA code coverage pipeline security

• Align software security with enterprise risk management

• Report posture to executive leadership and board

Leadership & Cross-Functional Influence

• Lead teams of AppSec engineers DevSecOps engineers and architects

• Partner with Engineering Product Legal and Compliance teams

• Build security champions program within development teams

• Influence engineering culture toward security ownership

Required Qualifications

• 1215 years in cybersecurity with strong focus on application security and DevSecOps

• 5 years in leadership (manager/director level)

• Deep expertise in:

  • Secure SDLC and DevSecOps pipelines

  • Cloud-native architectures and container security

  • Regulatory frameworks (CMMC NIST ISO)

• Experience in regulated industries (defense government healthcare fintech)

Preferred Qualifications

• Hands-on experience with tools such as:

  • SAST: Checkmarx Veracode

  • DAST: Burp Suite

  • SCA: Snyk Black Duck

  • CI/CD: Jenkins GitHub Actions

• Familiarity with Kubernetes Docker and service mesh security

• Certifications:

  • CISSP CSSLP

  • CISM or CCSP

• Experience with Zero Trust and identity-first security

Key Skills

• DevSecOps Transformation

• Secure Software Architecture

• Regulatory Compliance (CMMC NIST ISO)

• Application Security & Threat Modeling

• Software Supply Chain Security (SBOM SLSA)

• Cloud & Container Security

• Executive Communication & Strategy

The annual salary range for California is $164500 to $305500. You may also be eligible to receive incentive compensation: bonus equity and benefits. Sales positions generally offer a competitive On Target Earnings (OTE) incentive compensation structure. Please note that the salary range is a guideline and compensation may vary based on factors such as qualifications skill level competencies and work location. Our benefits programs include: paid vacation and paid holidays 401(k) plan with employer match employee stock purchase plan a variety of medical dental and vision plan options and more.

Were doing work that matters. Help us solve what others cant.