Application Security Engineer, VDC

We are looking for an Application Security Engineer to join our growing team of experts supporting our cloud-native SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure, delivering secure, scalable, and enterprise-grade data protection services. This role will focus on building and maturing our identity and access management (IAM) strategy across our Azure multi-tenant applications.

Your tasks will include:

• Designing and securing authentication and authorization flows across Azure multi-tenant enterprise applications
• Driving adoption of secure identity patterns, including OAuth2, OpenID Connect, and SAML
• Integrating and securing Azure Entra ID (formerly Azure AD), including App Registrations, App Roles, consent frameworks, and Graph API
• Implementing and refining Role-Based Access Control (RBAC), Just-in-Time access (PIM), and conditional access policies
• Conducting threat modeling and security reviews for IAM architecture and features
• Collaborating with engineering and platform teams to harden identity surfaces and enforce least privilege access
• Contributing to access management audit support for compliance frameworks such as FedRAMP, SOC 2, and ISO 27001

Technologies we work with:

• Azure Entra ID, Microsoft Graph API, Azure App Registrations, API Management
• Azure Functions, Cosmos DB, Azure Storage, Static Web Apps
• Atlassian Suite, Azure DevOps, GitHub
• IaC tools: Terraform, Azure ARM templates
• CI/CD: Azure DevOps Pipelines, GitHub Actions
• Observability: Azure Monitor, AppInsights, Elastic Cloud (ELK)

What we expect from you:

• 3+ years of experience in Application Security, Identity Engineering, or Cloud Security with a focus on IAM
• Demonstrated hands-on experience with Azure Entra ID, including multi-tenant SaaS identity integrations
• Strong understanding of modern identity standards: OAuth2, OIDC, SAML, SCIM
• Familiarity with Microsoft Graph API, App Permissions, and Azure RBAC models
• Experience designing and securing Azure PaaS applications
• Proven ability to support engineering and SRE teams with secure identity practices
• Experience working in CI/CD environments with integrated security tooling
• Fluent English, with the ability to collaborate with globally distributed teams

Will be an advantage:

• Experience leading or supporting SaaS compliance programs (FedRAMP, SOC 2, ISO 27001)
• Familiarity with threat modeling methodologies (STRIDE, LINDDUN)
• Experience with C#/.NET/GO and securing authentication flows in application code
• Working knowledge of AWS identity services (IAM, Cognito, STS) a plus
• Understanding of cryptography in application contexts (certificates, token signing, etc.)

We offer:

• Unlimited PTO
• Medical, dental, and vision benefits that start on day one
• Flexible spending accounts
• Life insurance and short-term and long-term disability coverage
• Family planning support benefits, along with 100% paid maternity and parental leave
• 401k match
• Veeam Care Days – additional 24 hours for your volunteering activities
• Professional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (Percipio, Athena, O’Reilly) and mentoring through our MentorLab program

Please note: If the applicant is permanently present outside of the United States, Veeam reserves the right to refuse to consider the application for a job. Remote work is only possible in case the employee is located in the United States.

#LI-Remote