Security Engineer III, Product AppSec

About The Position

Requirements

• 5+ years of experience in Product Security, Application Security, DevSecOps, or Vulnerability Management
• 3+ years of hands-on experience with application security testing tools (SAST, DAST, SCA)
• 2+ years in vulnerability management, including triage, SLA tracking, and remediation coordination
• Familiarity with CVEs, CVSS scoring, SBOM concepts, and software supply chain security
• Experience with CI/CD platforms, modern DevOps workflows, and cloud-native technologies
• Bachelor's degree in Computer Science, Engineering, or equivalent experience

Nice To Haves

• Experience participating in or managing Security Champion programs
• Knowledge of OWASP Top 10 and secure coding practices for cloud-native and enterprise products
• Familiarity with IaC, regulated environments, and compliance-driven security activities
• Relevant certifications such as CSSLP, GWEB, CCSP, OSCP, or GPEN

Responsibilities

• Monitor, assess, and manage security risks related to open-source software dependencies, CVEs, and third-party components
• Triage and validate vulnerabilities across applications, containers, infrastructure, and dependencies — prioritizing by exploitability, exposure, and business impact
• Coordinate patch management initiatives and support automated patch deployment workflows with Release Engineering and DevOps teams
• Support and expand the Security Champion program, partnering with developers to improve secure coding awareness and adoption
• Integrate security controls into CI/CD pipelines and automate vulnerability scanning, dependency analysis, and security reporting
• Develop playbooks, documentation, and educational materials that promote self-service security within engineering teams
• Contribute to threat modeling, secure architecture discussions, and continuous improvement of secure SDLC processes

Benefits

• Unlimited paid time off
• 12 paid holidays including 4 global VeeaMe Days for self-care
• 24 paid volunteer hours annually through Veeam Cares
• Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents
• Medical, dental, and vision coverage starting on your first day
• Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program
• 401(k) retirement plan with company matching contributions
• Fertility, adoption, and surrogacy support through Maven
• AirVet: 24/7 virtual veterinary care at no cost
• Legal services, identity protection, and supplemental health insurance options
• Tax-advantaged spending accounts for healthcare, dependent care, and commuting
• Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning