Application Security Engineer, VDC

Application Security Engineer, VDC
California, US RemoteExplore this location

Take a look at the map to discover what’s nearby.
Veeam, the #1 global market leader in data resilience, believes businesses should control all their data whenever and wherever they need it. Veeam provides data resilience through data backup, data recovery, data portability, data security, and data intelligence. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running. Join us as we move forward together, growing, learning, and making a real impact for some of the world’s biggest brands. The future of data resilience is here - go fearlessly forward with us.
We are looking for an Application Security Engineer to join our growing team of experts supporting our cloud-native SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure, delivering secure, scalable, and enterprise-grade data protection services. This role will focus on building and maturing our identity and access management (IAM) strategy across our Azure multi-tenant applications.
Your tasks will include:
- Designing and securing authentication and authorization flows across Azure multi-tenant enterprise applications
- Driving adoption of secure identity patterns, including OAuth2, OpenID Connect, and SAML
- Integrating and securing Azure Entra ID (formerly Azure AD), including App Registrations, App Roles, consent frameworks, and Graph API
- Implementing and refining Role-Based Access Control (RBAC), Just-in-Time access (PIM), and conditional access policies
- Conducting threat modeling and security reviews for IAM architecture and features
- Collaborating with engineering and platform teams to harden identity surfaces and enforce least privilege access
- Contributing to access management audit support for compliance frameworks such as FedRAMP, SOC 2, and ISO 27001
Technologies we work with:
- Azure Entra ID, Microsoft Graph API, Azure App Registrations, API Management
- Azure Functions, Cosmos DB, Azure Storage, Static Web Apps
- Atlassian Suite, Azure DevOps, GitHub
- IaC tools: Terraform, Azure ARM templates
- CI/CD: Azure DevOps Pipelines, GitHub Actions
- Observability: Azure Monitor, AppInsights, Elastic Cloud (ELK)
What we expect from you:
- 3+ years of experience in Application Security, Identity Engineering, or Cloud Security with a focus on IAM
- Demonstrated hands-on experience with Azure Entra ID, including multi-tenant SaaS identity integrations
- Strong understanding of modern identity standards: OAuth2, OIDC, SAML, SCIM
- Familiarity with Microsoft Graph API, App Permissions, and Azure RBAC models
- Experience designing and securing Azure PaaS applications
- Proven ability to support engineering and SRE teams with secure identity practices
- Experience working in CI/CD environments with integrated security tooling
- Fluent English, with the ability to collaborate with globally distributed teams
Will be an advantage:
- Experience leading or supporting SaaS compliance programs (FedRAMP, SOC 2, ISO 27001)
- Familiarity with threat modeling methodologies (STRIDE, LINDDUN)
- Experience with C#/.NET/GO and securing authentication flows in application code
- Working knowledge of AWS identity services (IAM, Cognito, STS) a plus
- Understanding of cryptography in application contexts (certificates, token signing, etc.)
We offer:
- Unlimited PTO
- Medical, dental, and vision benefits that start on day one
- Flexible spending accounts
- Life insurance and short-term and long-term disability coverage
- Family planning support benefits, along with 100% paid maternity and parental leave
- 401k match
- Veeam Care Days – additional 24 hours for your volunteering activities
- Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (Percipio, Athena, O’Reilly) and mentoring through our MentorLab program
Please note: If the applicant is permanently present outside of the United States, Veeam reserves the right to refuse to consider the application for a job. Remote work is only possible in case the employee is located in the United States.
#LI-Remote
The salary range posted is On Target Earnings (OTE), which is inclusive of base and variable pay. When making an offer of employment, Veeam will take into consideration the candidate’s expectations, experience, education, scope of responsibility for the role, and the current market demands.
Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.
The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes.
By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.

Sign up for job alerts
Don't see what you’re looking for? Sign up and we'll notify you when roles become available.
Sign Up