Sr. Software Security Engineer

Join to apply for the
Sr.
Software Security Engineer
role at
Cadence
Continue with Google Continue with Google
1 day ago Be among the first 25 applicants
Join to apply for the
Sr.
Software Security Engineer
role at
Cadence
At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology.
Cadence is a pivotal leader in electronic design, building upon more than 30 years of computational software expertise.
The company applies its underlying Intelligent System Design strategy to deliver software, hardware and IP that turn design concepts into reality.
Cadence customers are the world's most innovative companies, delivering extraordinary electronic products from chips to boards to systems for the most dynamic market applications including consumer, hyperscale computing, 5G communications, automotive, aerospace industrial and health.
At Cadence, we hire and develop leaders and innovators who want to make an impact on the world of technology.
Job Title:
Sr.
Software Security Engineer
Location: Cork, Ireland
Reports to:
Sreeni Kancharla; VP & CISO
Job Overview
Cadence's Information Security team is seeking a Sr.
Software Security Engineer.
This role will focus on Cloud and on-premise Software Security controls including WAF and CDN tools.
This is a Security Development Operations role that will ensure security tool integration at the source code repositories (Perforce, Github etc.), build environment, and artifactory level.
As a member of the Information Security team, this role will develop and support the secure software develop life cycle, including DAST, SAST, SCA, penetration testing, and attack surface management.
This role will interface directly with development teams.
Of course, there is broad exposure to other aspects of information security related tasks such as incident response, vulnerability management, and deployment of security solutions.
The successful candidate for this position is a highly motivated individual with a strong Application Development and DevOps background with hands-on experience in building software security within CI/CD.
Job Responsibilities
Perform operational support for AWS WAF configurations – updating whitelists and creating security automation web ACLs to protect Internet facing endpoints and applications.
Perform operational support for Azure WAF configurations
Automate Dynamic Application Security Testing (DAST) in the CI/CD pipeline.
Perform manual penetration tests on web applications
Maintain Cloudflare DDOS protections and WAF configurations.
Attend enterprise architecture reviews to standardize and secure new deployments
Job Qualifications
Bachelor's degree in computer science or engineering field or equivalent combination of education and relevant 3 – 5 years of experience
Experience with GitHub, Perforce, GitLab
Experience with SonaType, JFrog
Good working knowledge in scripting language, Python, PowerShell, etc.
Strong understanding of Linux/UNIX and Windows based operating systems and networks.
A passion to learn and educate others on how to build secure software.
Experience with CVE and CVSS vulnerability scoring
Experience with Jira IT ticketing systems.
US and EU Cybersecurity regulations
Ability to work in a group setting and independently
Skills
Additional Skills/Preferences:
Certified Information Systems Security Professional (CISSP)
SANS GIAC certifications
Amazon Web Services, Azure, Google Cloud Platform
Additional Information
Strong working knowledge of Application security concepts and technologies such as:
Experience in OWASP Top 10 and usage of common AppSec testing tools.
Experience of Secure by Design concepts and threat modeling
Knowledge of common security libraries, security controls, and common security flaws.
Experience in application penetration testing techniques and tools
Knowledge of application technologies including Web applications, Web services, XML, SOA, AJAX, JSON, and Web scanning tools
Open Source Security (OSS) - Software Composition Analysis (SCA)
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)
Security Architecture Review - Threat Modeling
AWS and Azure WAF Configuration and whitelisting
Cloudflare DDOS configuration and operation
Manual Penetration Testing
Penetration testing with 3rd party vendors
Host level vulnerability Scanning
Web application security training course development and delivery
Cadence is committed to equal employment opportunity and employment equity throughout all levels of the organization.
We strive to attract a qualified and diverse candidate pool and encourage diversity and inclusion in the workplace.
Travel:
If applicable, include an estimate of travel (e.g., ">10% domestic travel").
We're doing work that matters.
Help us solve what others can't.
Seniority level
Seniority level
Mid-Senior level
Employment type
Employment type
Full-time
Job function
Job function
Information Technology
Industries
Software Development
Referrals increase your chances of interviewing at Cadence by 2x
Sign in to set job alerts for "Senior Software Security Engineer" roles.
Senior Embedded Security Software Engineer
Senior Software Engineer (Hypervisor & Virtualization)
We're unlocking community knowledge in a new way.
Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr