Sr. Software Security Engineer

2 Months ago • 3-5 Years • Cyber Security

Job Summary

Job Description

The Sr. Software Security Engineer role at Cadence focuses on cloud and on-premise software security controls, including WAF and CDN tools. The role involves integrating security tools at the source code repo, build environment, and artifactory levels. Responsibilities include developing and supporting the secure software development lifecycle, including DAST, SAST, SCA, penetration testing, and attack surface management. This position requires direct interaction with development teams and exposure to incident response, vulnerability management, and deployment of security solutions. The ideal candidate will have a strong background in Application Development, Configuration Management/DevOps, and experience building software security within CI/CD. The role will include operational support for AWS and Azure WAF configurations, automating DAST in CI/CD pipelines, and performing manual penetration tests on web applications.
Must have:
  • Experience with AWS WAF and Azure WAF configurations.
  • Experience with Dynamic Application Security Testing (DAST).
  • Experience with GitHub, Perforce, and GitLab.
  • Strong understanding of application security concepts and tools.
  • Experience in OWASP Top 10 and common AppSec tools.
Good to have:
  • Experience with SonaType, JFrog.
  • Working knowledge of scripting languages like Python and PowerShell.
  • Experience with Linux/UNIX and Windows based operating systems.
  • Experience with common security libraries and controls.
  • CISSP or SANS GIAC certifications.

Job Details

At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology.

Cadence’s Information Security team is seeking a Sr. Software Security Engineer. This role will focus on Cloud and on-premise Software Security controls including WAF and CDN tools.  This is a Security Development Operations role that will ensure security tool integration at the source code repo (Perforce, Github etc.), build environment, and artifactory level.  As a member of the Information Security team, this role will develop and support the secure software develop life cycle, including DAST, SAST, SCA, penetration testing, and attack surface management.  

This role will interface directly with development teams. Of course, there is broad exposure to other aspects of information security related tasks such as incident response, vulnerability management, and deployment of security solutions. The successful candidate for this position is a highly motivated individual with a strong Application Development and Configuration Management/DevOps background with hands-on experience in building software security within CI/CD.

Key Deliverables and Responsibilities (include but are not limited to the following):

Perform operational support for AWS WAF configurations – updating whitelists and creating security automation web ACLs to protect Internet facing endpoints and applications.

Perform operational support for Azure WAF configurations

Automate Dynamic Application Security Testing (DAST) in the CI/CD pipeline. 

Perform manual penetration tests on web applications

Maintain Cloudflare DDOS protections and WAF configurations.

Attend enterprise architecture reviews to standardize and secure new deployments

Qualifications and Special Skills Required

Bachelor’s degree in computer science or engineering field or equivalent combination of education and relevant 3 – 5 years of experience

A passion to learn and educate others on how to build secure software.

Ability to work in a group setting and independently

Experience with Jira IT ticketing systems.

Experience with GitHub, Perforce, GitLab

Experience with SonaType, JFrog

Good working knowledge in scripting language, Python, PowerShell, etc.

Strong understanding of Linux/UNIX and Windows based operating systems and networks.

Strong working knowledge of Application security concepts and technologies such as:

Experience in OWASP Top 10 and usage of common AppSec testing tools.

Experience of Secure by Design concepts and threat modeling

Knowledge of common security libraries, security controls, and common security flaws.

Experience in application penetration testing techniques and tools

Knowledge of application technologies including Web applications, Web services, XML, SOA, AJAX, JSON, and Web scanning tools

Open Source Security (OSS) - Software Composition Analysis (SCA)

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Security Architecture Review - Threat Modeling

AWS and Azure WAF Configuration and whitelisting

Cloudflare DDOS configuration and operation

Manual Penetration Testing

Penetration testing with 3rd party vendors

Host level vulnerability Scanning

Web application security training course development and delivery

Preferred Certifications:

Certified Information Systems Security Professional (CISSP)

SANS GIAC certifications

Amazon Web Services, Azure, Google Cloud Platform

We’re doing work that matters. Help us solve what others can’t.

Similar Jobs

HYCU - Product Marketing Manager

HYCU

Bengaluru, Karnataka, India (Hybrid)
11 Months ago
extreme network - Staff Engineer – DevSecOps

extreme network

Ontario, Canada (Hybrid)
4 Weeks ago
Demandbase - Software Engineer II (Front-End)

Demandbase

San Francisco, California, United States (Remote)
2 Months ago
Simcorp - Senior Automation Software Tester

Simcorp

Warsaw, Masovian Voivodeship, Poland (Hybrid)
1 Year ago
Veeam Software - JavaScript Developer (React)

Veeam Software

Prague, Czechia (On-Site)
2 Months ago
Rackspace Technology - Senior Cyber Security Engineer (IAM/PAM - DevSecOps)

Rackspace Technology

Riyadh, Riyadh Province, Saudi Arabia (On-Site)
3 Months ago
binance - Web3 Security Senior Software Engineer

binance

Taipei City, Taiwan (Remote)
7 Months ago
CyberArk - Manager, IT Security Architecture

CyberArk

Israel (Hybrid)
2 Months ago
Glocomms - Network and Security Engineer

Glocomms

Reno, Kansas, United States (On-Site)
2 Months ago
PayPal - Cybersecurity Strategy & Policy Analyst

PayPal

Chicago, Illinois, United States (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

PayPal - Senior SDET

PayPal

Chennai, Tamil Nadu, India (Hybrid)
1 Month ago
Thatgamecompany - Full Stack iOS Engineer

Thatgamecompany

Shanghai, Shanghai, China (On-Site)
3 Months ago
Marsh McLennan - Senior Java Software Engineer

Marsh McLennan

Cluj-Napoca, Cluj County, Romania (Hybrid)
1 Month ago
52 entertainment - Unity Developer - 6-Month Internship

52 entertainment

Boulogne-Billancourt, Île-de-France, France (On-Site)
2 Weeks ago
Zapak Digital Entertainment Limited - Game Programmer (Nintendo Switch)

Zapak Digital Entertainment Limited

Pune, Maharashtra, India (On-Site)
5 Months ago
Tide - Senior Engineer, Flutter

Tide

Lithuania (Remote)
1 Week ago
Boomi  - Principal Software Engineer - Security Architect

Boomi

India (On-Site)
1 Month ago
Toast - Senior Software Engineer

Toast

Boston, Massachusetts, United States (Remote)
2 Months ago
bounteous - Senior Back End Developer

bounteous

Mexico (Remote)
1 Month ago
Tide - Staff Engineer, Backend

Tide

Belgrade, Serbia (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Jobs in San Jose, California, United States

HP - Senior Android Systems Developer

HP

Austin, Texas, United States (Hybrid)
1 Month ago
Hawkeye Innovations - College Sports Systems Technician

Hawkeye Innovations

New Brunswick, New Jersey, United States (On-Site)
3 Months ago
Mercury - Customer Content Marketer

Mercury

San Francisco, California, United States (On-Site)
2 Months ago
Interface AI - Program Manager

Interface AI

San Jose, California, United States (On-Site)
1 Month ago
Opendoor - Senior Decision Scientist

Opendoor

San Francisco, California, United States (Hybrid)
2 Months ago
Internet Brands - Software Engineer

Internet Brands

Eagan, Minnesota, United States (On-Site)
1 Month ago
Yodlee - Solutions Consulting Director

Yodlee

Raleigh, North Carolina, United States (Remote)
1 Month ago
attentive - Senior Software Engineer

attentive

San Francisco, California, United States (Hybrid)
2 Weeks ago
Apple - Senior Annotation Analyst - Mexican Spanish language

Apple

Austin, Texas, United States (On-Site)
1 Month ago
Fashionphile - Client Advisor, Luxury Sales

Fashionphile

United States (Remote)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Crowd Strick - Sr. Engineer - Cloud Security

Crowd Strick

Tel Aviv-Yafo, Tel Aviv District, Israel (On-Site)
1 Month ago
Interactive Brokers - Security Analyst - Incident Response

Interactive Brokers

Hyderabad, Telangana, India (Hybrid)
1 Month ago
Cadence - Senior Cybersecurity Engineer

Cadence

San Jose, California, United States (On-Site)
2 Months ago
Sony Pictures Entertainment - Sr. Engineer, Information Security

Sony Pictures Entertainment

Culver City, California, United States (On-Site)
1 Month ago
Qualcomm - Senior Cyber Security Engineer

Qualcomm

San Diego, California, United States (On-Site)
4 Weeks ago
Thales - Integration and Validation Manager for Cybersecurity Systems

Thales

Gennevilliers, Île-de-France, France (On-Site)
2 Months ago
Epic Games - Senior Security Engineer - Asset Integrity

Epic Games

Porto Alegre, State Of Rio Grande Do Sul, Brazil (On-Site)
3 Months ago
luxsoft - Tech Cyber Security Support Specialist

luxsoft

Nashville, Tennessee, United States (On-Site)
1 Week ago
Zscaler - Senior Devops Engineer (Terraform/Security Solutions)

Zscaler

Bengaluru, Karnataka, India (Hybrid)
2 Months ago
Microsoft - Technical Support Engineer - Security & Compliance

Microsoft

(On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Cadence plays a critical role in creating the technologies that modern life depends on. We are a global electronic design automation company, providing software, hardware, and intellectual property to design advanced semiconductor chips that enable our customers create revolutionary products and experiences. Thanks to the outstanding caliber of the Cadence team and the empowering culture that we have cultivated for over 25 years, Cadence continues to be recognized by Fortune Magazine as one of the 100 Best Companies to Work For. Our shared passion for solving the world’s toughest technical challenges, our dedication to pushing the limits of the industry, and our drive to do meaningful work differentiates the people of Cadence.

Shenzhen, Guangdong Province, China (On-Site)

San Jose, California, United States (On-Site)

San Jose, California, United States (On-Site)

Hyderabad, Telangana, India (On-Site)

San Jose, California, United States (On-Site)

San Jose, California, United States (On-Site)

Burlington, Massachusetts, United States (On-Site)

San Jose, California, United States (On-Site)

Noida, Uttar Pradesh, India (On-Site)

Cary, North Carolina, United States (On-Site)

View All Jobs

Get notified when new jobs are added by Cadence

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug