View All Jobs 118380

Product & Application Security Engineer - Remote Eligible

Own building secure features and remediation workflows for Kubernetes-based data protection software
Remote
Senior
1 week ago
Veeam Software

Veeam Software

Delivers data backup, recovery, and intelligent data management solutions for virtual, physical, cloud, and hybrid IT environments.
11 Similar Jobs at Veeam Software

Product & Application Security Engineer

Veeam, the #1 global market leader in data resilience, believes businesses should control all their data whenever and wherever they need it. Veeam provides data resilience through data backup, data recovery, data portability, data security, and data intelligence. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running. Join us as we move forward together, growing, learning, and making a real impact for some of the world's biggest brands. The future of data resilience is here - go fearlessly forward with us.

About the Role

We are looking for a Senior Security Engineer who thinks like a product architect and codes like a software engineer. At Veeam Kasten, we release market-leading Kubernetes data protection software, which makes security critical to safeguarding our customers' environments and data. This role ensures security is embedded throughout the lifecycle, not just as a gate at the end. You will partner with engineering teams during the whiteboard phase to design secure features and dive into the codebase to find and fix vulnerabilities.

Your Impact

  • Design & Architecture: You will be the primary security voice in design reviews. You will perform threat modeling on new features, identifying architectural risks before a single line of code is written
  • Code-Level Security: You will actively review Pull Requests and conduct deep-dive code audits. You won't just run scanners; you will manually analyze logic in our code to find complex flaws that automated tools miss
  • Vulnerability Remediation: Unlike traditional security roles that only "report" bugs, you will help fix them. You will triage findings from our tooling and write production-ready patches to resolve vulnerabilities
  • Secure Software Supply Chain: You will oversee the integrity of our build dependencies, ensuring that the open-source libraries we import (and the tools we use to build them) are secure

What You'll Do

  • Triage and fix security alerts from tools like Grype, Cycode, and Wiz
  • Implement code fixes for security tech-debt across our stack
  • Conduct Threat Modeling sessions for upcoming epics and features in our two-week sprint cycles
  • Serve as a Subject Matter Expert on Kubernetes security primitives (RBAC, unprivileged containers, network policies) for the engineering team, owning metrics and definition of success, share best practices through workshops, reviews, and documentation
  • Lead audits, incidents, and compliance reviews representing the engineering team with the wider security community in Veeam

Technologies You'll Work With

Core: Go, Vue.js, Docker, Kubernetes Security Tooling: Grype, Syft, Checkmarx, Cycode, Wiz Environment: Public Cloud (Azure/AWS/GCP), On-Prem K8s distributions (OpenShift, Tanzu)

What You'll Bring

  • Developer DNA: You are a competent developer in Go (Golang) and have exposure to modern frontend frameworks like Vue.js.
  • Kubernetes Native: You've worked extensively with Kubernetes and understand its security primitives.
  • Shift-Left Mindset: You have experience integrating security into the early stages of the Software Development Life Cycle.
  • Tooling Familiarity: Experience with modern AppSec and Supply Chain tools (specifically Grype, Cycode, and Wiz) is a strong plus.
  • Pragmatism: You can balance theoretical security perfection with the practical reality of shipping software on a continuously frequent basis.

What You'll Get

  • Unlimited paid time off, plus 3 global VeeaMe Days for self-care
  • Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents
  • Medical, dental, and vision coverage from day one
  • Mental health support, therapy sessions, and digital wellness tools via SupportLinc EAP
  • 401(k) retirement plan with matching contributions up to annual limits
  • Fertility, adoption, and surrogacy support through Maven, plus paid volunteer time
  • AirVet: 24/7 virtual veterinary care at no cost
  • Legal services, identity protection, and supplemental health insurance options
  • Tax-advantaged spending accounts for healthcare, dependent care, and commuting
  • Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (LinkedIn Learning, Athena, O'Reilly) and mentoring through our MentorLab program
+ Show Original Job Post
Suggest a correction
























Product & Application Security Engineer - Remote Eligible
Remote
Engineering
Apply to job
About Veeam Software
Delivers data backup, recovery, and intelligent data management solutions for virtual, physical, cloud, and hybrid IT environments.