Application Security Engineer

Veeam, the #1 global market leader in data resilience, believes businesses should control all their data whenever and wherever they need it. Veeam provides data resilience through data backup, data recovery, data portability, data security, and data intelligence. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running. Join us as we move forward together, growing, learning, and making a real impact for some of the world’s biggest brands. The future of data resilience is here - go fearlessly forward with us.

About the Role

We are looking for an Application Security Engineer to join our growing team of experts for our SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure or/and AWS, offering best-in-class Data Protection services. What You’ll Do

• Embed security practices across the SDLC—from design to deployment—working hand-in-hand with engineering teams
• Contribute to the automation and continuous improvement of our SaaS Application Security program
• Review architectures, designs, and code to identify risks and recommend secure patterns
• Improve the security, reliability, and compliance posture of cloud-native applications running in Azure and AWS
• Support threat modeling activities for new features and services
• Help enforce internal security standards and contribute to documentation, guidance, and developer-friendly guardrails
• Work with Compliance and Security Engineering to ensure alignment to frameworks such as SOC 2, ISO 27001, FedRAMP, and similar standards

Technologies You’ll Work With

• Source control & CI/CD: Azure DevOps, GitHub, Git, Bitbucket
• Azure services: Entra ID, API Management, Storage, Cosmos DB, Functions, App Service, Networking, Security Center
• Infrastructure as Code: ARM, Terraform, CloudFormation, Serverless Framework
• Observability: Azure Monitor, AppInsights, Elastic/ELK
• Security tooling: CSPM, ASPM/SAST/SCA/IaC scanning, code review automation, secrets scanning

What You’ll Bring

• 2+ years in Application Security or Software Engineering roles with direct involvement in securing cloud-native or SaaS applications
• Strong understanding of secure design principles and the ability to apply them within a modern DevOps/SRE environment
• Hands-on experience with CI/CD pipelines and integrating security controls into automated workflows
• Experience with cloud security (Azure or AWS), including identity, networking, secrets management, and PaaS services
• Familiarity with modern AppSec tooling (SAST, SCA, IaC scanning, dependency management, container scanning)
• Ability to collaborate with engineering teams as an enabler—not a gatekeeper—providing practical guidance and empathetic support
• Threat modeling experience (e.g., STRIDE, attack path analysis)
• Comfortable working with distributed teams and communicating in English

Bonus Skills

• Experience bringing SaaS products through major compliance audits (SOC 2, FedRAMP, HITRUST, ISO 27001)
• Software development background in C#, .NET, Python, or similar languages
• Understanding of applied cryptography, key management, and secrets handling in cloud environments
• Knowledge of container security, Kubernetes, and serverless security

What You’ll Get

• 25 vacation days, four sick days, 21 paid medical leave days, plus 4 extra global VeeaMe Days for self-care
• Premium private medical insurance for employees and dependents
• Daily meal vouchers for restaurants and groceries
• Flexible cafeteria platform with thousands of lifestyle benefit options
• Multisport Card for gym and wellness, with family add-on options
• Annual public transport reimbursement up to a set limit
• Corporate mobile plan with optional family tariff
• 24 paid volunteer hours annually through Veeam Cares
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (LinkedIn Learning, Athena, O’Reilly) and mentoring through our MentorLab program

Please note: If the applicant is permanently present outside of the Czech Republic, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in the Czech Republic. #LI-EZ1 #Remote Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential. Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice. The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice. By submitting your application, you acknowledge that the information provided in your job application and any supporting documents is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification of information may result in disqualification from consideration for employment or, if discovered after employment begins, termination of employment. Apply tot his job Apply To this Job