AppSec Jobs
← Back to all jobs

Dassault Systèmes

Enterprise Application Security Engineer

New York, United StatesWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Dassault Systèmes

Dassault Systèmes SE (3DS) is a French multinational software corporation founded in 1981, specializing in 3D design, simulation, manufacturing, and product lifecycle management (PLM). The company originated from an internal project at Dassault Aviation, where it developed the CATIA software to enhance aircraft design. Headquartered in Vélizy-Villacoublay, France, Dassault Systèmes employs over 25,000 people and serves more than 370,000 customers across 12 industries worldwide. The company offers a diverse portfolio of 13 brands, including CATIA for advanced 3D design, SOLIDWORKS for product design, DELMIA for digital manufacturing, ENOVIA for lifecycle management, and SIMULIA for realistic simulation. These solutions support various sectors such as aerospace, automotive, consumer goods, and life sciences. Dassault Systèmes focuses on creating virtual twins and sustainable innovation, providing end-to-end solutions that enhance product development and manufacturing processes.

Industry

information technology & services

Employees

27,000

4440 engineers

Revenue

$6.5B

Website

Visit →

Security at Dassault Systèmes

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Dassault Systèmes' AppSec philosophy is grounded in industry-leading practices and standards from OWASP, NIST, and ISO.
  • Their 3DEXPERIENCE Platform Application Security Program consists of five pillars, with security controls embedded throughout their SDLC.
  • They emphasize training and security culture, taking a proactive approach through continuous threat monitoring, vulnerability management, and NIST-aligned protocols.
  • They deploy Static and Dynamic Application Security Testing (SAST and DAST) and Software Composition Analysis (SCA).

Security Team

The Information Security Application Architecture team at Dassault Systèmes is responsible for designing, evaluating, and enforcing application security throughout the SDLC. A role within this team reports to the Manager of Application Security & Sourcing department. Dr. Wojtek Swiatek is the VP, Chief Information Security Officer Dassault Systèmes. The team utilizes tools like Git, GitHub, Artifactory for source code and artifact management, and Travis, Jenkins, GitHubActions for CI/CD pipelines. Explicit team size and org-wide AppSec headcount are not publicly available.

Key Initiatives

Dassault Systèmes integrates OWASP, NIST SP 800-53, and ISO/IEC 27001 standards into their SSDLC and governance. They perform verification and testing using Static and Dynamic Application Security Testing (SAST and DAST) and Software Composition Analysis (SCA). They also commission independent agents for comprehensive audits and penetration tests. Vulnerability reporting is a key part of their security program, with a dedicated reporting process. Their CSIRT (3DS-CSIRT) acts under the authority of Dassault Systèmes SE and participates in cybersecurity-related events. Information regarding a Security Champions Program, detailed vulnerability management SLAs, or specific MTTR/ticketing ownership is not publicly available.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.