AppSec Jobs
← Back to all jobs

Cadence

Sr Cloud Security Architect

SAN JOSEWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Cadence

Cadence Design Systems, Inc. is a multinational technology company that specializes in electronic design automation (EDA) software, hardware, and services. The company provides computational software and engineering solutions that facilitate the design and development of electronic systems, including chips and complete systems-on-chips. Their tools are utilized in various applications such as AI, 5G, automotive, hyperscale computing, and aerospace. Cadence offers a range of EDA software for designing, verifying, and optimizing electronic systems. Their hardware platforms, including emulation and prototyping systems, support faster design validation. Additionally, the company provides engineering and methodology services to assist customers in effectively implementing EDA tools, along with intellectual property cores for reusable design blocks.

Industry

information technology & services

Employees

13,000

8034 engineers

Revenue

$4.6B

Website

Visit →

Security at Cadence

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Cadence's AppSec mission involves applying continuous security assessments during development operations and implementing a 'shift-left' security practice within the software development lifecycle (SDLC).
  • Their risk philosophy includes expanding a Zero-Trust security model to additional environments and having the Audit Committee oversee annual enterprise business risk assessments.
  • Cadence states that security is a top priority.
  • However, no public statements explicitly label AppSec as 'developer-first' or strictly 'security sign-off'.

Security Team

Cadence's Information Security team is principally responsible for identifying security matters, and the Audit Committee receives semi-annual reports on cybersecurity. Tarak Ray serves as Senior Vice President and Chief Information Officer since 2022. No public, named AppSec manager or CISO-specific profile was found. The team size estimate is not publicly available. As of, there was one active AppSec job posting for a Software Security Architect (Job ID: R50300). Common skill and tool patterns from this posting include architecting and leading secure SDLC, DAST, SAST, SCA, penetration testing, attack surface management, building artifactory using JFrog or SonaType, and familiarity with Blackduck, Fortify, and SonarQube. No public org chart or reporting line explicitly states whether AppSec is centralized or embedded.

Key Initiatives

Cadence practices 'shift-left security' within the SDLC, integrating security tools at the source code repository, build, and artifact levels, and incorporating static application security testing (SAST) into scheduled and ad-hoc builds. For vulnerability management, open-source software (OSS) security is enforced through vetted components, and released products undergo dynamic application security testing (DAST) and manual penetration testing. The Software Security Architect role includes prioritization and remediation of software vulnerabilities and leading the secure SDLC. There is no public evidence of a Security Champions Program, nor public SLAs, MTTR targets, or ticketing workflows. Recent initiatives include the 2025 acquisition of Secure-IC, a leader in embedded security IP.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.