• Attack and defend Bentley’s cloud platform and other products (server, desktop, mobile, etc.).

• Identify concerns and propose options to address threats.

• Exploit vulnerabilities in the form of PoC.

• Implement defenses and/or help the product teams to implement defenses.

• Coordinate with a network of security champions to improve the security of our products.

• Help colleagues in software development to improve coding with regards to security issues, this includes: software architecture review, threat-modeling, code review, security requirements definition, and other secure development topics.

• Develop automations and internal tools to support the team goals.

• Improve security integration into the DevOps pipelines.

• Improve the SDLC.

• Monitor and respond to security incident and event and investigate when require.