Application Security Engineer

Veeam®, the #1 global market leader in data protection and ransomware recovery, is on a mission to empower every organization to not just bounce back from a data outage or loss but bounce forward.

With Veeam, organizations achieve radical resilience through data security, data recovery, and data freedom for their hybrid cloud. 

The Veeam Data Platform delivers a single solution for cloud, virtual, physical, SaaS, and Kubernetes environments that gives IT and security leaders peace of mind that their apps 
and data are protected and always available.

Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 450,000 customers worldwide, including 74% of the Global 2000, who trust Veeam to keep their businesses running.

 

We are looking for an Application Security Engineer to join our growing team of experts for our SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure offering best-in-class Data Protection services.    

Your tasks will include:  

• Integrate security throughout all steps of the SDLC 
• Automation of the deployments, and maintenance of a SaaS Application Security program and platform 
• Working with engineering teams to build upon Secure SDLC deployments 
• Continuous evaluation and improvement of the reliability, security and compliance of our systems and code 
• Proactively meet standards for information security and compliance, such as FedRAMP,  ISO (International Standards Organization), SOX (Sarbanes Oxley), SSAE (Standards for Attestation Engagements) 16, etc.  
• Shepherd the definition, documentation, and improvement of our internal standards security and resiliency 

Technologies we work with:    

• Atlassian Suite, Azure DevOps, Git 
• Azure (Entra ID, API Management, Cosmos Db, Storage services, Azure Functions, static website hosting, Azure security, etc.)  
• IaC tools (Azure ARM templates, AWS CloudFormation, Terraform, the Serverless Framework, etc.)  
• Observability (Azure Monitor, AppInsights, Elastic Cloud [ELK])  

What we expect from you:   

• 3+ years of experience implementing secure design principles within a modern SDLC framework, directly supporting the security and compliance of Engineering and SRE teams 
• A partner mindset. You do not see security engineering as a gatekeeper but someone who comes along side and enables teams through hand on engineering 
• Demonstrating a team-oriented attitude, with a willingness to actively support and collaborate with all teams to achieve our goals 
• Deep understanding of Software Development practices and standards 
• Experience with Security and Compliance Native and Off-the-Shelf toolsets (Sentinel, SAST, DAST, CNAPP and Cloud Security PaaS tools) 
• Experience managing Azure IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) solutions  
• Strong problem-solving skills and the ability to troubleshoot complex issues in a distributed, multi-tenant environments 
• Experience with implementation, maintenance, and support of CI/CD practices and tools (Azure DevOps, GitHub Actions or similar)  
• English proficiency level sufficient to communicate with international teams   

Will be an advantage:   

• Experience with taking cloud-based SaaS Products through various Compliance frameworks (FedRAMP, HiTRUST, Soc2) 
• Experience with threat modeling  
• Experience with AWS (ECS, RDS, DynamoDb, VPCs, Step Functions, Lambda, IAM, EC2, S3, etc.)  
• Understanding of cryptography in applications and environments 
• Experience with C# and .NET   

We offer:

• Premium healthcare program for you, your spouse, and your children
• Annual vacation and sick days
• Meal vouchers
• Subscription for public transportation
• Mobile phone plan
• MultiSport card
• Cafeteria Benefit Plan allowing you to customize your benefit package with an annual budget to spend on a variety of benefits such as travel, sport, wellness, and education
• Veeam Care Days – additional 24 hours for your volunteering activities
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (Percipio, Athena, O’Reilly) and mentoring through our MentorLab program

Please note: If the applicant is permanently present outside of the Czech Republic, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in the Czech Republic.

#LI-EZ1
#LI-Remote

Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.  

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. 

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.