Application Security Engineer

Netherlands, 's-Hertogenbosch


As an Application Security Engineer you will play a key role in assessing our Secure Software Development Lifecycle maturity, defining a security roadmap and driving the implementation and improvement of cybersecurity activities. 

This is a full-time, permanent role based in the DELMIA R&D Lab in `s-Hertogenbosch, the Netherlands. We expect you to work inside this office for at least 3 days a week.


  • Lead our “shift left” security efforts to build security into the software development lifecycle.
  • Conduct secure design reviews and threat modeling sessions. Identify and prioritize risks, attack surfaces, and vulnerabilities.
  • Be available to conduct security code reviews and advise developers on remediating vulnerabilities and following secure coding practices.
  • Take charge of our vulnerability management program. Triage and prioritize vulnerabilities from scans, audits, and bug bounty submissions. Track remediation and validate fixes.
  • Research and recommend security tools and technologies to strengthen defenses against emerging threats targeting machine learning systems.
  • Develop and document security policies, standards, and playbooks. Conduct security awareness training sessions for engineers.
  • Collaborate closely with product engineers and researchers to instill security best practices. Advocate for secure architecture, design, and development.
  • Be the main DELMIA Quintiq R&D contact for security related subjects, such as answering questions related to our security development practices, tools and processes.


  • Have 3+ years of hands-on experience in application and infrastructure security, including securing cloud-based and containerized environments.
  • Have empathy, collaboration skills, and a learning mindset to be able to work cross-functionally with engineers of all levels towards building security into the product life cycle.
  • Be able to use creative and strategic thinking to reduce risks through secure design and simplicity, not just controls.
  • Possess broad security knowledge to connect the dots across domains and identify holistic ways to lower the overall attack surface.
  • Have the ability to distill complex security concepts into clear actions and drive consensus without direct authority.
  • Have a proactive mindset to thread security throughout the product lifecycle through activities like threat modeling, secure code review, and security-related education.
  • Have a strong grasp of offensive security to be able to anticipate risks from an adversary's perspective, not just check compliance boxes.
  • Have experience with modern application stacks, infrastructure, and security tools to implement pragmatic defenses.
  • Be passionate for security fundamentals like least privilege, defense-in-depth, and eliminating complexity that could sub-linearly scale security through smart design.

Diversity statement

As a game-changer in sustainable technology and innovation, Dassault Systèmes is striving to build more inclusive and diverse teams across the globe. We believe that our people are our number one asset and we want all employees to feel empowered to bring their whole selves to work every day. It is our goal that our people feel a sense of pride and a passion for belonging. As a company leading change, it’s our responsibility to foster opportunities for all people to participate in a harmonized Workforce of the Future.
DELMIA Logo > Dassault Systèmes

DELMIA helps industries and service providers connect the virtual and real worlds of global operations to re-imagine business for achieving sustainable excellence and delivering orchestration across value networks.