Cloud Application Security Engineer (Middle/Senior)

Veeam®, the #1 global market leader in data resilience, believes every business should be able to bounce forward after a disruption with the confidence and control of all their data whenever and wherever they need it. Veeam calls this radical resilience, and we’re obsessed with creating innovative ways to help our customers achieve it.
Veeam solutions are purpose-built for powering data resilience by providing data backup, data recovery, data freedom, data security, and data intelligence. With Veeam, IT and security leaders rest easy knowing that their apps and data are protected and always available across their cloud, virtual, physical, SaaS, and Kubernetes environments.
Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, including 74% of the Global 2000, that trust Veeam to keep their businesses running. Radical resilience starts with Veeam.

Veeam Quality Assurance team invites you to work on Veeam products with Veeam QA professionals in the Lisbon R&D office.

Your tasks will include:

• Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and services
• Work with development teams to integrate secure development practices into the software development lifecycle
• Collaborate on the design and implementation of security within public cloud environments
• Threat modeling and design reviews for new and existing Veeam products
• Conducting manual source code security audits
• Using automated application-analysis tools

What we expect from you:

• 3-5 years of experience in application security
• Familiarity with cloud platforms, preferably Azure, or AWS
• Experience with multiple programming languages (such as C/C++/C#/JavaScript)
• Experience with Infrastructure as Code, such as ARM/Bicep, Terraform or Ansible
• Experience with CI/CD tools, preferably Jenkins
• A good understanding of the principles of secure software development
• A desire to develop in the field of application security
• A lively and flexible mind, clear logic, and analytical skills
• The desire and ability to work as part of a team
• Good verbal and written communication skills in English

Will be an advantage:

• Knowledge of scripting languages (Python, PowerShell, Bash, Ruby, etc.)
• Knowledge of modern cryptographic algorithms
• Experience with DAST and SAST tools
• Skills using OWASP ZAP, Burp Suite, Kali Linux tools
• Certifications such as OSCP, CEH, CSSLP, CCSP, AWS Certified Security, Azure Cybersecurity Architect, etc

We offer:

• Medical insurance for you, your spouse and your children (up to the age of 18)
• Annual vacation days
• Meal allowance
• Statutory insurances: Veeam covers employee’s healthcare, nursing care and unemployment insurances contributions. Maximum insurance contributions are capped as stipulated by the law
• Accident insurance: Worldwide 24/7 coverage of accident cases including invalidity benefit, rescue costs coverage, death and disability coverage
• Veeam Care Days – additional 24 hours for your volunteering activities
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (Percipio, Athena, O’Reilly) and mentoring through our MentorLab program

Please note: If the applicant is permanently present outside of Portugal, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in Portugal. 

#LI-AR1
#LI-Hybrid

Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.  

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. 

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.