Application Security Architect (Software)

Position Summary

We are seeking a visionary Application Security Architect to elevate our software security strategy across a global portfolio of cutting-edge products. As a key member of our Product Security team, you’ll define and drive secure architecture practices, influence engineering decisions, and help shape the future of secure software development.

This is a high-impact role where your expertise will directly contribute to protecting mission-critical infrastructure software used worldwide. You’ll collaborate with talented engineers across Europe and beyond, working with modern technologies like Azure, Kubernetes, Electron, and a wide range of programming languages.

If you're passionate about building secure systems, influencing technical direction, and mentoring others, this is your opportunity to make a lasting impact.

• Lead the adoption and evolution of Secure Software Development Lifecycle (SSDLC) practices and standards across teams and projects.
• Conduct security architecture and design reviews to ensure robust protection of applications and systems.
• Drive and mature threat modeling practices across the organization, identifying and mitigating risks early in the development process.
• Collaborate with empowered, cross-functional teams to embed security into the design, development, implementation, and verification of software.
• Provide clear, actionable remediation guidance to developers and system administrators.
• Support stakeholders in making informed, risk-based decisions that balance technical and business priorities.
• Deliver training sessions and educational content to upskill developers and promote a security-first mindset.
• Build and maintain tools and automation that enhance security workflows and reduce manual effort.

• Approximately 7+ years of experience in software, with 4+ years focused on Application Security Architecture.
• Strong proficiency in securing cloud environments, ideally with hands-on experience in Azure.
• Proven expertise in threat modeling complex software systems.
• Solid foundation in software development, with the ability to read, write, and audit code across multiple languages.
• Deep understanding of OWASP Top 10, SANS Top 25, and common security vulnerabilities.
• Experience with containerization and orchestration tools such as Kubernetes, Docker, and Istio.
• Ability to deconstruct complex systems to identify potential threats and weaknesses.
• Exceptional communication skills—able to clearly articulate technical risks to developers, engineers, administrators, and leadership.
• Demonstrated ability to learn quickly, research new topics, and adapt to evolving technologies.
• Strong problem-solving skills and a proactive approach to tackling security challenges.
• Ability to make balanced, unbiased decisions that consider both technical risks and business impact.

• Knowledge of OAuth / OpenID Connect and modern authentication protocols.
• Familiarity with web technologies including JavaScript, HTML5, HTTP, REST, and related protocols.
• Proficiency in one or more programming languages / platforms such as .NET Core, C#, Java, TypeScript, C/C++.
• Certifications such as CISSP or CCSP are a strong plus.

• A great Team and culture – please see ourcolleague video.
• An exciting career as an integral part of a world-leading software company providing solutions for architecture, engineering, and construction - watch thisshort documentaryabout how we got our start.
• An attractive salary and benefits package.
• A commitment to inclusion, belonging, and colleague wellbeing through global initiatives and resource groups.
• A company committed to making a real difference by advancing the world’s infrastructure for a better quality of life, where your contributions help build a more sustainable, connected, and resilient world. Discover our latest user successstoriesfor an insight into our global impact.
• Please note that this information applies only to Lithuania. If you are employed full-time, the salary for this position ranges from 4000 EUR gross (before taxes, applicable only in Lithuania), depending on your knowledge and experience.

Around the world, infrastructure professionals rely on software from Bentley Systems to help them design, build, and operate better and more resilient infrastructure for transportation, water, energy, cities, and more. Founded in 1984 by engineers for engineers, Bentley is the partner of choice for engineering firms and owner-operators worldwide, with software that spans engineering disciplines, industry sectors, and all phases of the infrastructure lifecycle. Through our digital twin solutions, we help infrastructure professionals unlock the value of their data to transform project delivery and asset performance.