Company: Siemens EDA

Job Title: Security Engineer

Job Reference #:  454372

Job Location: Boulder, CO

Siemens EDA is a global technology leader in electronic design automation software. Our software tools enable companies around the world to develop new and highly innovative electronic products faster and more cost-effectively. Our customers use our tools to push the boundaries of technology and physics in order to deliver better products in the increasingly complex world of chip, board and system design.

As a Security Engineer, you will contribute as a team member responsible for the security of various Electronic Design Automation products, including cloud-based applications, enterprise client-server applications, and on-premises native code applications. This person works closely with our developer teams and is vital in ensuring that every step of the software development and operation lifecycle (SDLC) follows security best practices. You will be responsible for active involvement in development, advocating secure coding principles, and guiding the testing of applications against security risks/parameters before release.

As a Security Engineer, you will work with the team to:

Develop software solutions to implement reusable security controls within our products. Develop and promote security testing standards and techniques throughout the development organization. Provide input on secure coding, architecture, and automation. Proactively harden the security posture of the organization’s products. Specify, implement, and execute internal processes and tools to assess and further develop the maturity of development teams in the areas of: Threat and Risk Analysis Security Requirements identification and fulfillment Static analysis (SAST), dynamic analysis (DAST), and Software Component Analysis (SCA) 3rd party component selection and management Vulnerability management Collaborate with other security professionals across multiple organizations and multiple geographies in broad security initiatives.

Minimum Qualifications:

Bachelor’s degree or better in Electrical Engineering, Computer Science, Computer Engineering, or related. Minimum of 5+ years of experience distributed across multiple of the following competencies: Design and development of cloud security architectures experience Security aspects of on-premises native code applications experience Security architecture of client-server-based enterprise applications experience Threat modeling and risk analysis experience Vulnerability assessment and management experience Integration of security tools (SAST/DAST/SCA) into the SDLC process and CI/CD pipelines experience Software Supply Chain security through CI/CD systems, including Software Bill of Materials experience Application penetration testing experience Red team / blue team attack and defense experience Containerization technologies and modern microservice design principles experience Automation of internal development processes experience Prior software development experience in C/C++ or Java. Experience with extensive understanding of the AWS architecture and the security facilities within it.  Excellent communication and presentation skills to lead and coach junior security engineers to improve their skills and effectiveness experience People skills – able to work collaboratively with senior engineers to raise their awareness of security issues within their products. Word skills – communicating effectively in short form (email), long-form (design documents), and interaction/presentation. Training skills - To lead and coach others to improve their skills and effectiveness and to contribute to building a training program.

Preferred Qualifications:

Familiarity with secure development methodologies such as OWASP SAMM, Microsoft Secure SDLC Familiarity with standardization and compliance requirements such as ISO 27001, SOC2, Executive Order 14028, EU CRA, and NIST 800 standards Collaboration with and direction of external vendors of security services such as penetration testing and configuration analysis Experience working with a commercial-grade code base in a collaborative organization. Strong understanding of network and web protocols Experience with cloud architectures other than AWS (Azure, GCP, VMWare) Relational and NoSQL database design competency Familiarity with Electronic Design Automation products and solutions JavaScript/TypeScript/React, Python, and similar languages

Why us?

Working at Siemens Software means flexibility - Choosing between working at home and the office at other times is the norm here. We offer great benefits and rewards, as you'd expect from a world leader in industrial software.

A collection of over 377,000 minds building the future, one day at a time in over 200 countries. We're dedicated to equality, and we welcome applications that reflect the diversity of the communities we work in. All employment decisions at Siemens are based on qualifications, merit, and business need. Bring your curiosity and creativity and help us shape tomorrow!

Siemens Software. Transform the Everyday with Us

The salary range for this position is $105,100 to $189,200 and this role is eligible to earn incentive compensation. The actual compensation offered is based on the successful candidate’s work location as well as additional factors, including job-related skills, experience, and relevant education/training.  Siemens offers a variety of health and wellness benefits to employees. Details regarding our benefits can be found here: www.benefitsquickstart.com. In addition, this position is eligible for time off in accordance with Company policies, including paid sick leave, paid parental leave, PTO (for non-exempt employees) or non-accrued flexible vacation (for exempt employees).

#LI-EDA

#LI-HYBRID

#LI-CF1

Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.

Reasonable Accommodations
If you require a reasonable accommodation in completing a job application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please fill out the accommodations form by clicking on this link Accommodation for disability form. If you’re unable to complete the form, you can reach out to our AskHR team for support at 1-866-743-6367. Please note our AskHR representatives do not have visibility of application or interview status.
EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here.

Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here.

California Privacy Notice
California residents have the right to receive additional notices about their personal information. To learn more, click here.
Criminal History
Qualified applications with arrest or conviction records will be considered for employment in accordance with applicable local and state laws.