Product and Application Security Engineer

Veeam Software is the Data and AI Trust Company, specializing in helping organizations secure their data and AI. The Senior Security Engineer role focuses on embedding security throughout the software lifecycle, partnering with engineering teams to design secure features and address vulnerabilities in code.

Responsibilities:

• Triage and fix security alerts from tools like Grype, Cycode, and Wiz
• Implement code fixes for security tech-debt across our stack
• Conduct Threat Modeling sessions for upcoming epics and features in our two-week sprint cycles
• Serve as a Subject Matter Expert (SME) on Kubernetes security primitives (RBAC, unprivileged containers, network policies) for the engineering team, owning metrics and definition of success, share best practices through workshops, reviews, and documentation
• Lead audits, incidents and compliance reviews representing the engineering team with the wider security community in Veeam

Requirements:

• Competent developer in Go (Golang)
• Exposure to modern frontend frameworks like Vue.js
• Extensive experience with Kubernetes and understanding of its security primitives
• Experience integrating security into the early stages of the Software Development Life Cycle
• Familiarity with modern AppSec and Supply Chain tools (specifically Grype, Cycode, and Wiz)
• Ability to balance theoretical security perfection with the practical reality of shipping software on a continuously frequent basis