Application Security Analyst

Veeam®, the #1 global market leader in data protection and ransomware recovery, is on a mission to empower every organization to not just bounce back from a data outage or loss but bounce forward.

With Veeam, organizations achieve radical resilience through data security, data recovery, and data freedom for their hybrid cloud. 

The Veeam Data Platform delivers a single solution for cloud, virtual, physical, SaaS, and Kubernetes environments that gives IT and security leaders peace of mind that their apps 
and data are protected and always available.

Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 450,000 customers worldwide, including 74% of the Global 2000, who trust Veeam to keep their businesses running.

 

Job Description Summary – GIS Application Security Analyst 

The Application Security Analyst will play a critical role in protecting our software applications by identifying potential threats, performing security testing, and collaborating with development teams to remediate vulnerabilities. The ideal candidate will have at least 5 years of experience in application security and be familiar with various security testing methodologies, secure coding practices, and vulnerability management processes. 

Responsibilities 

1. Security Testing: 

• • Conduct comprehensive security tests on applications, including product penetration testing, static and dynamic code analysis, and vulnerability scanning. 
  • Utilize various security tools and techniques to identify and address security weaknesses in our software products. 

2. Threat Modeling: 

• Analyze applications to identify potential threats and vulnerabilities. 
• Develop and prioritize areas for security testing based on identified threats and potential impact. 

3. Vulnerability Management: 

• Identify, document, and track vulnerabilities discovered during security testing. 
• Communicate vulnerabilities to development teams and work collaboratively to remediate identified issues. 
• Own the patch release process 

4. Secure Code Review: 

• Perform secure code reviews to detect security flaws, backdoors, and other vulnerabilities in application code. 
• Provide actionable feedback to development teams for improving code security.

5. Automated Security Testing: 

• Integrate and maintain automated security tools within the CI/CD pipeline. 
• Ensure continuous monitoring and testing of applications for security vulnerabilities. 

6. Reporting and Documentation: 

• Provide detailed reports on security testing efforts, including findings, metrics, and remediation recommendations. 
• Maintain comprehensive documentation of security assessments and remediation activities. 

7. Collaboration with Veeam R&D: 

• Partner with the Research and Development (R&D) team to develop and integrate security processes into the Software Development Lifecycle (SDLC). 
• Work closely with R&D to ensure security best practices are embedded in the development process. 

Qualifications 

• Bachelor’s degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CEH, CISSP, OSEE, OSED, OSCP) are a plus. 
• Minimum of 5 years of experience in application security, including security testing, threat modeling, and vulnerability management. 
• Ability to obtain and maintain a US Government TS/SCI security clearance. 
• Strong knowledge of secure coding practices, software development, and security assessment tools. 
• In-depth understanding of the Secure DEVOPS process 
• Familiarity with multiple languages including: C#, .NET, C++, python 
• Experience with automated security testing tools and integrating security into CI/CD pipelines. 
• Familiarity with common security frameworks and standards, such as OWASP, NIST, and ISO 27001. 
• Familiar with different threat modeling methodologies such as PASTA, STRIDE, etc 
• Able to perform detailed secure code reviews and provide constructive feedback. 
• Excellent communication and interpersonal skills, with the ability to work collaboratively with cross-functional teams. 
• Strong analytical and problem-solving skills, with attention to detail. 
• Ability to stay current with the latest security trends, vulnerabilities, and threat landscapes. 

Benefits

• Unlimited PTO
• Medical, dental, and vision benefits that start on day one
• Flexible spending accounts
• Life insurance and short-term and long-term disability coverage
• Family planning support benefits, along with 100% paid maternity and parental leave
• 401k match
• Veeam Care Days – additional 24 hours for your volunteering activities
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (Percipio, Athena, O’Reilly) and mentoring through our MentorLab program.

#LI-Remote

#LI-JW1

The salary range posted is On Target Earnings (OTE), which is inclusive of base and variable pay. When making an offer of employment, Veeam will take into consideration the candidate’s expectations, experience, education, scope of responsibility for the role, and the current market demands.

United States of America Pay Range$133,000—$190,000 USD Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.  

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. 

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.