Share this Job

Application Security (AppSec) Senior Defender

Date: Jul 26, 2019

Location: Quebec, Quebec, CA, G1E 3L1

Company: Bentley Systems

Bentley Systems is the leading global provider of software solutions to engineers, architects, geospatial professionals, constructors, and owner-operators for the design, construction, and operations of infrastructure. Bentley’s MicroStation-based engineering and BIM applications, and its digital twin cloud services, advance the project delivery (ProjectWise) and the asset performance (AssetWise) of transportation and other public works, utilities, industrial and resources plants, and commercial and institutional facilities.Bentley Systems employs more than 3,500 colleagues, generates annual revenues of $700 million in 170 countries, and has invested more than $1 billion in research, development, and acquisitions since 2014. From inception in 1984, the company has remained majority-owned by its five founding Bentley brothers. Bentley shares transact by invitation on the NASDAQ Private Market.



Application Security (AppSec) Senior Defender

Bentley Systems is seeking a talented individual to become a valued member of our dedicated software security team (AppSec) Senior Defender. The product security team’s main responsibility is the security of software created by Bentley.  This includes a wide variety of technologies: C#, JavaScript, Node.js, single-page and Electron applications, Azure cloud services, Java web applications, and more. The successful candidate will have the opportunity to learn skills such as cloud, Agile, DevOps, etc. and will work as part of a multinational, diverse team of remotely placed experts.

Location: Global corporate headquarters in Exton, PA or Quebec City, Canada


  • Perform technical security assessments, code audits and design reviews of web, cloud, mobile and desktop applications.
  • Conduct research to identify and mitigate potential vulnerabilities.
  • Develop technical solutions to help mitigate security vulnerabilities
  • Build tooling to help developers deploy secure software.
  • Advocate security and secure practices throughout the company.


Qualifications- Required

  • Strong interest in software security and software development.
  • More than 5 years of software development or application security experience.
  • Software engineering experience in at least one of the following languages: C++, C#, Java, Typescript or JavaScript.
  • Strong knowledge of secure coding best practices, the OWASP Top 10 or SANS Top 25.



  • Knowledge of web technologies (JavaScript, HTML5, HTTP, REST, SOAP, etc.)  and frameworks.
  • Experience with web security or debugging tools (ex: capture with Fiddler, Wireshark, etc.).
  • Experience with fuzzing: configuring, setting up and automation.
  • Experience with static code analysis tools.
  • Experience with pentesting tools like Burp Suite Pro, OWASP Zed Attack Proxy.
  • Experience with exploit creation for native (C/C++) vulnerabilities.


Equal Opportunity Employer/Minorities/Females/Veterans/Disabled

Bentley is an equal opportunity employer and considers for employment all qualified applicants without regard to race, color, sex, disability, protected veteran status, religion, national origin, age or any other protected characteristic.  Additional information about your rights as an applicant under the law may be found by clicking here and here.


Bentley participates in e-Verify / Bentley participa en e-Verify


Right to Work / Derecho a Trabajar

We encourage you to request a reasonable accommodation  if you are not able to fully use or access our online application system.   You can make an accommodation request by calling 610-458-5000 or sending us an email at


Search Firm Disclosure:
Please be aware Bentley is not accepting unsolicited assistance from search firms for this employment opportunity. This includes any phone calls or emails. All resumes submitted by search firms to any employee at Bentley via-email, the Internet (including social media) or in any form and/or method for this specific position in the absence of a written recruiting agreement executed by both you and/or your firm and Bentley will be deemed the sole property of Bentley and no fee will be paid in the event the candidate is hired by Bentley.


Job Segment: Engineer, Software Engineer, R&D Engineer, Engineering