Veeam is a global leader in data resilience, providing solutions for data backup, recovery, and security. They are seeking a Senior Security Engineer to embed security throughout the software development lifecycle, ensuring secure features and addressing vulnerabilities in their Kubernetes data protection software.
Responsibilities:
- Triage and fix security alerts from tools like Grype, Cycode, and Wiz
- Implement code fixes for security tech-debt across our stack
- Conduct Threat Modeling sessions for upcoming epics and features in our two-week sprint cycles
- Serve as a Subject Matter Expert on Kubernetes security primitives (RBAC, unprivileged containers, network policies) for the engineering team, owning metrics and definition of success, share best practices through workshops, reviews, and documentation
- Lead audits, incidents, and compliance reviews representing the engineering team with the wider security community in Veeam
Requirements:
- Competent developer in Go (Golang)
- Exposure to modern frontend frameworks like Vue.js
- Extensive experience with Kubernetes and understanding of its security primitives
- Experience integrating security into the early stages of the Software Development Life Cycle
- Familiarity with modern AppSec and Supply Chain tools (specifically Grype, Cycode, and Wiz)
- Ability to balance theoretical security perfection with the practical reality of shipping software on a continuously frequent basis