Division Security Champion

Apply now »

Date: Jun 23, 2026

Location: Exton, PA, US

Company: Bentley Systems

Division Security Champion – Asset Analytics

Bentley Systems | Location: Flexible / Global


Role Summary

Bentley Systems is seeking a director level, Division Security Champion to lead application security across the Asset Analytics division, encompassing cloud-native web applications and AI/ML-driven platforms. This senior leadership role drives Secure Software Development Lifecycle (SSDLC) practices, improves product risk posture, and ensures secure delivery across SaaS and AI systems.


Responsibilities

  • Act as the division’s Security Champion, leading a distributed network of security champions
  • Define and execute AppSec strategy aligned with Bentley’s enterprise program
  • Measure and reduce application risk across the portfolio
  • Lead DevSecOps and SSDLC practices including threat modeling, architecture reviews, and vulnerability management
  • Secure AI/ML systems including model lifecycle, data protection, and MLOps integration
  • Oversee incident response, vulnerability remediation, forensics, post-mortems, and bug bounty processes
  • Manage third-party and open-source security risk
  • Build a security-first engineering culture across teams


What Success Looks Like

  • Consistent SSDLC adoption across all products
  • Reduced risk and faster remediation timelines
  • Effective security champion network
  • Secure delivery of cloud-native and AI-powered applications
  • Becoming the trusted security advisor for the division


Qualifications

Required

  • 10+ years of experience in application or development security roles
  • Security certifications such as CISSP, GIAC, or OSCP
  • Expertise in secure development, threat modeling, and cloud-native security including assessing security impact of PRs and using tools such as Burp Suite Pro to assess vulnerabilities
  • DevSecOps and CI/CD security experience
  • Strong cross-functional leadership and communication skills


Preferred

  • Experience securing AI/ML systems or MLOps pipelines
  • Experience in container hardening or K8s security best practices
  • Experience with multi-tenant SaaS platforms
  • Experience with ISO27001, FedRAMP, SOC2, or similar frameworks


Nearest Major Market: Philadelphia
Job Segment: Engineer, Engineering