Application Security Architect

We are looking for a talented Application Security Architect to be part of our dedicated Bentley Infrastructure Cloud product security team at Bentley Systems. The successful candidate will be a member of the software development group that delivers industry leading software to transition the lifecycle of infrastructure assets into the digital world, contributing towards the Bentley Mission of providing innovative software and services for the enterprises and professionals who design, build and operate the world's infrastructure - advancing both the global economy and environment for improved quality of life.

This role demands exceptional expertise, a passion for learning, and a willingness to embrace challenges. You'll collaborate with a team of remotely based experts from across the globe, working across a diverse range of technologies, including C#, Typescript, JavaScript, Node.js, single-page applications and Electron applications, Azure cloud services, Kubernetes, and more.

We Will Rely On You For The Following:

• Lead Secure Software Development Lifecycle best practices and standards.
• Perform security architecture and design reviews of applications.
• Collaborate with empowered teams to ensure secure design, development, implementation, and verification of applications.
• Provide remediation guidance and recommendations to developers and administrators.
• Participate in and advance threat modelling practices across the division.
• Help stakeholders make risk-based decisions.
• Train developers and create educational presentations.
• Develop tools and automation supporting responsibilities.

What You Bring To The Team:

• Around 10 years experience within software of which 4+ years is in application Security Architecture.
• Background in software and development.
• Proficiency in securing cloud technologies.
• Proficiency in reading, writing, and auditing code and the ability to learn new languages/technologies.
• Experience with OWASP Top10 or SANS Top 25.
• Experience breaking down complex systems and applications to identify threats.
• Excellent ability to communicate, verbally and in writing, complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management.
• Strong experience in threat modelling software systems.
• Certification in CISSP or CCSP, it’s a plus.
• Strong problem-solving capabilities using various technologies.
• Capability to research a new topic and to learn quickly.

What Would Make You Stand Out:

• Knowledge of OAuth 2.0/OpenID Connect.
• Knowledge/Experience of containerization solutions, such as Kubernetes, Docker, and Istio.
• Knowledge/Experience of web technologies (JavaScript, HTML5, HTTP, REST, etc.).
• Good knowledge of some of the following programming platforms/languages: .Net Core, Node.js, C#, Java, JavaScript/TypeScript, C/C++.
• Ability to make risk-based, unbiased, judgments that include both technical and business impacts.

What We Offer:

• A great Team and culture.
• An exciting career as an integral part of a world-leading software company providing solutions for architecture, engineering, and construction.
• Competitive Salary and benefits.
• The opportunity to work within a global and diverse international team.
• A supportive and collaborative environment.

About Bentley Systems: Bentley Systems (Nasdaq: BSY) is the infrastructure engineering software company. We provide innovative software to advance the world’s infrastructure – sustaining both the global economy and environment. Our industry-leading software solutions are used by professionals, and organizations of every size, for the design, construction, and operations of roads and bridges, rail and transit, water and wastewater, public works and utilities, buildings and campuses, mining, and industrial facilities.

Bentley is proud to be an equal opportunity employer and considers for employment all qualified applicants without regard to race, color, gender/gender identity, sexual orientation, disability, marital status, religion/belief, national origin, caste, age, or any other characteristic protected by local law or unrelated to job qualifications.