Jobs · Information Technology · California

Director of Software Security

Cadence · San Jose, CA · 4 wk ago
Information Technology$165k–$306k/yrFull-time

Key Responsibilities

  • Define and execute enterprise DevSecOps strategy across all development teams
  • Integrate security controls into CI/CD pipelines (build, test, release)
  • Establish “shift-left” security practices across the SDLC
  • Drive adoption of secure coding, SAST, DAST, and SCA tools
  • Define reference architectures for secure microservices, APIs, and cloud-native apps
  • Lead threat modeling initiatives
  • Ensure secure API design and zero trust principles
  • Lead compliance initiatives for:Cybersecurity Maturity Model Certification (CMMC 2.0), NIST SP 800-171r2 /800-53, ISO 27001
  • Coordinate audits, assessments, and continuous monitoring programs
  • Implement controls for handling Controlled Unclassified Information (CUI)
  • Secure DevOps pipelines across cloud platforms: Amazon AWS, Microsoft Azure, Google Cloud, IBM Cloud
  • Implement infrastructure-as-code (IaC) security scanning
  • Define secrets management, identity, and access controls
  • Build and scale AppSec program across all product lines
  • Define vulnerability management lifecycle (discovery → remediation → validation)
  • Establish bug bounty / responsible disclosure programs
  • Integrate security into Agile and CI/CD workflows
  • Secure software supply chain (SBOM, dependency scanning)
  • Implement artifact signing, provenance, and integrity validation
  • Define policies, standards, and secure development guidelines
  • Align software security with enterprise risk management

Required Qualifications

  • 12–15+ years in cybersecurity, with strong focus on application security and DevSecOps
  • 5+ years in leadership (manager/director level)
  • Deep expertise in: Secure SDLC and DevSecOps pipelines, Cloud-native architectures and container security, Regulatory frameworks (CMMC, NIST, ISO)
  • Experience in regulated industries (defense, government, healthcare, fintech)

Preferred Qualifications

  • Hands-on experience with tools such as:SAST: Checkmarx, Veracode, DAST: Burp Suite, SCA: Snyk, Black Duck, CI/CD: Jenkins, GitHub Actions
  • Familiarity with Kubernetes, Docker, and service mesh security
  • Certifications: CISSP, CSSLP, CISM, or CCSP

Key Skills

  • DevSecOps Transformation
  • Secure Software Architecture
  • Regulatory Compliance (CMMC, NIST, ISO)
  • Application Security & Threat Modeling
  • Software Supply Chain Security (SBOM, SLSA)
  • Cloud & Container Security
  • Executive Communication & Strategy

Pay & Benefits

The annual salary range for California is $164,500 to $305,500. You may also be eligible to receive incentive compensation: bonus, equity, and benefits.

Our benefits programs include: paid vacation and paid holidays, 401(k) plan with employer match, employee stock purchase plan, a variety of medical, dental and vision plan options, and more.

Similar jobs