Senior Security Engineer, Product AppSec

About The Position

Requirements

• 8+ years of experience in Application Security, Product Security, DevSecOps, or Security Engineering
• 3+ years of hands-on experience with SAST, DAST, SCA, and IAST tooling integrated into CI/CD pipelines
• 3+ years in vulnerability management, including triage, risk scoring, and remediation coordination across engineering teams
• Strong experience with Secure SDLC, threat modeling, and software supply chain security
• Experience building API integrations and workflow automation across security platforms
• Bachelor's degree in Computer Science, Engineering, or equivalent experience

Nice To Haves

• Experience in regulated or compliance-driven environments, including policy-as-code and OPA/Gatekeeper
• Familiarity with AI/ML security risks and emerging AI application security practices
• Demonstrated experience leading cross-functional security initiatives and influencing without direct authority
• Relevant certifications such as CISSP, CISM, CSSLP, or cloud security certifications

Responsibilities

• Evaluate, deploy, integrate, and optimize security tooling — including SAST, DAST, SCA, IAST, container scanning, SBOM generation, secrets detection, and API security testing — across CI/CD pipelines and developer workflows
• Build automated workflows for vulnerability ingestion, prioritization, remediation tracking, and reporting, integrating with platforms such as GitHub Actions, Azure DevOps, Jenkins, Jira, and SIEM tools
• Drive enterprise vulnerability management initiatives, including prioritization frameworks, SLA tracking, remediation velocity improvements, and security posture dashboards
• Embed security-by-design principles into the SDLC, developing security guardrails and policy-as-code capabilities for cloud and application environments
• Partner with DevOps and CI/CD teams to improve automated security validation, release governance, and software supply chain security
• Serve as a senior technical advisor on application security, influencing engineering and product roadmaps to improve platform security and operational resilience
• Mentor engineers and security practitioners on secure development and DevSecOps best practices

Benefits

• Unlimited paid time off
• 12 paid holidays including 4 global VeeaMe Days for self-care
• 24 paid volunteer hours annually through Veeam Cares
• Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents
• Medical, dental, and vision coverage starting on your first day
• Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program
• 401(k) retirement plan with company matching contributions
• Fertility, adoption, and surrogacy support through Maven
• AirVet: 24/7 virtual veterinary care at no cost
• Legal services, identity protection, and supplemental health insurance options
• Tax-advantaged spending accounts for healthcare, dependent care, and commuting
• Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning