We are seeking a talented ApplicationSecurityArchitect to be part of our dedicated software security team (AppSec) at Bentley Systems.
The future addition to this team will play a crucial role in safeguarding our cutting:
edge products.
Our product security team is committed to continuously elevating security standards and staying ahead of the curve in the ever:
evolving cybersecurity landscape.
This role demands exceptional expertise, a passion for learning, and a willingness to embrace challenges.
Youll collaborate with a team of remotely:
based experts from across the globe, working across a diverse range of technologies, including C, Typescript, JavaScript, Node.js, single:
page applications and Electron applications, Azure cloud services, K8s, and more.
We will rely on you for the following:
:
Define security best practices and standards.
:
Perform securityarchitecture and design reviews of applications.
:
Work independently with developers to ensure secure design, development, implementation, and verification of applications.
:
Provide remediation guidance and recommendations to developers and administrators.
:
Lead Secure Software Development Lifecycle best practices and standards.
:
Participate in and advance threat modeling practices.
:
Help stakeholders make risk:
based decisions.
:
Train developers and create educational presentations.
:
Develop tools and automation supporting responsibilities.
What You Bring to The Team
:
:
More than 4+years of applicationSecurityArchitecture experience.
:
Background experience in software and development.
:
Strong experience in threat modeling software systems.
:
Proficiency in reading, writing, and auditing code and the ability to learn new languages/technologies.
:
Proficiency in cloud technologies
:
Experience with OWASP Top10 or SANS Top 25
:
Experience breaking down complex systems and applications to identify threats.
:
Certification in CISSP or CCSP, it's a plus.
:
Strong problem:
solving capabilities using various technologies.
:
Capability to research a new topic and to learn quickly.
:
Excellent ability to communicate, verbally and in writing, complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management.
:
Requires sitting or standing at will while performing work on a computer (or any other physical requirements).
The role requires communication with managers, peers, and other colleagues of the company in person, and by utilizing Microsoft Teams chat, calling, and meeting functions.
What would make you stand out:
:
Knowledge/Experience of containerization solutions, such as Kubernetes, Docker, and Istio.
:
Knowledge/Experience of web technologies (JavaScript, HTML5, HTTP, REST, SOAP, etc.).
:
Good knowledge of some of the following programming platforms/languages:
.Net Core.
Node.js, C, Java, JavaScript/TypeScript, C/C++.
:
Knowledge of OAuth 2.0/OpenID Connect.
:
Ability to make risk:
based, unbiased, judgments that include both technical and business impacts.
This role is subject to multiple background checks:
conduct search, criminal check, global sanctions and enforcement, and global employment checks.
An offer for this role is contingent upon successful verification of these checks, which will be performed by an external vendor, HireRight, during the written offer process.
What We Offer:
:
A great Team and culture :
please see our
Recruitment Video
:
An exciting career as an integral part of a world:
leading software company providing solutions for architecture, engineering, and construction.
:
Competitive Salary and benefits
:
The opportunity to work within a global and diverse international team.
:
A supportive an remote Agriculture, Fisheries & Forestry, Engineering, Utilities & Services CDI Competitive
