Veeam Software is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient. They are seeking a Senior Product Security Engineer to advance enterprise application security tooling and vulnerability management, working closely with various teams to improve security practices and operational resilience.
Responsibilities:
- Evaluate, deploy, integrate, and optimize security tooling — including SAST, DAST, SCA, IAST, container scanning, SBOM generation, secrets detection, and API security testing — across CI/CD pipelines and developer workflows
- Build automated workflows for vulnerability ingestion, prioritization, remediation tracking, and reporting, integrating with platforms such as GitHub Actions, Azure DevOps, Jenkins, Jira, and SIEM tools
- Drive enterprise vulnerability management initiatives, including prioritization frameworks, SLA tracking, remediation velocity improvements, and security posture dashboards
- Embed security-by-design principles into the SDLC, developing security guardrails and policy-as-code capabilities for cloud and application environments
- Partner with DevOps and CI/CD teams to improve automated security validation, release governance, and software supply chain security
- Serve as a senior technical advisor on application security, influencing engineering and product roadmaps to improve platform security and operational resilience
- Mentor engineers and security practitioners on secure development and DevSecOps best practices
Requirements:
- 8+ years of experience in Application Security, Product Security, DevSecOps, or Security Engineering
- 3+ years of hands-on experience with SAST, DAST, SCA, and IAST tooling integrated into CI/CD pipelines
- 3+ years in vulnerability management, including triage, risk scoring, and remediation coordination across engineering teams
- Strong experience with Secure SDLC, threat modeling, and software supply chain security
- Experience building API integrations and workflow automation across security platforms
- Bachelor's degree in Computer Science, Engineering, or equivalent experience
- Experience in regulated or compliance-driven environments, including policy-as-code and OPA/Gatekeeper
- Familiarity with AI/ML security risks and emerging AI application security practices
- Demonstrated experience leading cross-functional security initiatives and influencing without direct authority
- Relevant certifications such as CISSP, CISM, CSSLP, or cloud security certifications