Product & Application Security Engineer

Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk. Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, who trust Veeam to keep their businesses running. Join us as we go fearlessly forward together, growing, learning, and making a real impact for some of the world’s biggest brands. About the Role We are looking for a Senior Security Engineer who thinks like a product architect and codes like a software engineer. At Veeam Kasten, we release market‑leading Kubernetes data protection software, which makes security critical to safeguarding our customers' environments and data. This role ensures security is embedded throughout the lifecycle, not just as a gate at the end. You will partner with engineering teams during the whiteboard phase to design secure features and dive into the codebase to find and fix vulnerabilities. Your Impact Design & Architecture: You will be the primary security voice in design reviews. You will perform threat modeling on new features, identifying architectural risks before a single line of code is written. Code‑Level Security: You will actively review Pull Requests and conduct deep‑dive code audits. You won't just run scanners; you will manually analyze logic in our code to find complex flaws that automated tools miss. Vulnerability Remediation: Unlike traditional security roles that only "report" bugs, you will help fix them. You will triage findings from our tooling and write production‑ready patches to resolve vulnerabilities. Secure Software Supply Chain: You will oversee the integrity of our build dependencies, ensuring that the open‑source libraries we import (and the tools we use to build them) are secure. What You’ll Do Triage and fix security alerts from tools like Grype, Cycode, and Wiz. Implement code fixes for security tech‑debt across our stack. Conduct Threat Modeling sessions for upcoming epics and features in our two‑week sprint cycles. Serve as a Subject Matter Expert on Kubernetes security primitives (RBAC, unprivileged containers, network policies) for the engineering team, owning metrics and definition of success, share best practices through workshops, reviews, and documentation. Lead audits, incidents, and compliance reviews representing the engineering team with the wider security community in Veeam. Technologies You’ll Work With Core: Go, Vue.js, Docker, Kubernetes Security Tooling: Grype, Syft, Checkmarx, Cycode, Wiz Environment: Public Cloud (Azure/AWS/GCP), On‑Prem K8s distributions (OpenShift, Tanzu) What You’ll Bring Developer DNA: You are a competent developer in Go (Golang) and have exposure to modern frontend frameworks like Vue.js. Kubernetes Native: You’ve worked extensively with Kubernetes and understand it’s security primitives. Shift‑Left Mindset: You have experience integrating security into the early stages of the Software Development Life Cycle. Tooling Familiarity: Experience with modern AppSec and Supply Chain tools (specifically Grype, Cycode, and Wiz) is a strong plus. Pragmatism: You can balance theoretical security perfection with the practical reality of shipping software on a continuously frequent basis. What you’ll get Unlimited paid time off, 12 paid holidays including 4 global Veeam Days for self‑care and 24 paid volunteer hours annually through Veeam Cares. Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents. Medical, dental, and vision coverage starting on your first day. Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program. 401(k) retirement plan with company matching contributions. Fertility, adoption, and surrogacy support through Maven, plus paid volunteer time. AirVet: 24/7 virtual veterinary care at no cost. Legal services, identity protection, and supplemental health insurance options. Tax‑advantaged spending accounts for healthcare, dependent care, and commuting. Opportunities to learn and grow through on‑demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning. Compensation Transparency Veeam is committed to pay transparency and equitable compensation. For this role, the compensation range below reflects the expected total target compensation (TTC), inclusive of base pay and a competitive performance‑based bonus. For roles with a commission plan, the compensation range represents On Target Earnings (OTE), which includes base salary plus variable commission. When determining compensation, Veeam takes into consideration factors such as experience, education, skills, and geographic zone. Offers are typically made below the midpoint of the range. In addition to compensation, Veeam provides a comprehensive benefits package, including health coverage, retirement plans, and unlimited time off. U.S. Geographic Zones & Compensation Ranges (TTC / OTE) Zone 1: San Francisco Bay Area, New York City Boroughs – $237,800 – $441,500 USD Zone 2: Washington, California (excluding San Francisco Bay Area) – $218,000 – $404,700 USD Zone 3: Texas, Illinois, North Carolina, Colorado, Massachusetts, Pennsylvania, Virginia, Oregon, Nevada, Hawaii, New York (excluding NYC boroughs); Sales roles located in Georgia, Ohio, and Arizona – $198,100 – $367,900 USD Zone 4: All other US locations – $172,400 – $320,100 USD Equal Opportunity Employment Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential. Personal data collected during the recruitment process will be processed in accordance with our Recruiting Privacy Notice, which explains how your information is collected, used, and handled in connection with hiring activities. By applying for this position, you consent to this processing. By submitting your application, you confirm that the information provided, including any supporting documents, is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification may result in disqualification from consideration or, if discovered after employment begins, termination of employment. #J-18808-Ljbffr Veeam