Senior Security Engineer, Product AppSec

United States

Apply now

Function Tech Team Engineering Role Type Permanent Work Location Remote Date Posted 06/24/2026

Explore this location

Take a look at the map to discover what’s nearby.

Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk. Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, who trust Veeam to keep their businesses running. Join us as we go fearlessly forward together, growing, learning, and making a real impact for some of the world’s biggest brands.

#LI-REMOTE #LI-JC2

About the Role

We're looking for a Senior Product Security Engineer to advance the integration and operational maturity of enterprise application security tooling and vulnerability management across a modern software delivery environment. You'll serve as a senior technical contributor responsible for embedding security into the SDLC, improving developer security enablement, and driving scalable vulnerability management programs across cloud-native, enterprise, and AI-enabled products. This role works closely with Engineering, DevOps, Platform Engineering, Security Operations, and Compliance teams to improve visibility, automation, governance, and remediation workflows at scale.

Due to the fact that this position will deal with highly sensitive data and will support federal customers, we are only considering US citizens at this time. Security clearance is not required, but there is a slight chance it maybe requested in the future

What You’ll Do

Evaluate, deploy, integrate, and optimize security tooling — including SAST, DAST, SCA, IAST, container scanning, SBOM generation, secrets detection, and API security testing — across CI/CD pipelines and developer workflows
Build automated workflows for vulnerability ingestion, prioritization, remediation tracking, and reporting, integrating with platforms such as GitHub Actions, Azure DevOps, Jenkins, Jira, and SIEM tools
Drive enterprise vulnerability management initiatives, including prioritization frameworks, SLA tracking, remediation velocity improvements, and security posture dashboards
Embed security-by-design principles into the SDLC, developing security guardrails and policy-as-code capabilities for cloud and application environments
Partner with DevOps and CI/CD teams to improve automated security validation, release governance, and software supply chain security
Serve as a senior technical advisor on application security, influencing engineering and product roadmaps to improve platform security and operational resilience
Mentor engineers and security practitioners on secure development and DevSecOps best practices

Technologies You’ll Work With

CI/CD platforms: GitHub Actions, Azure DevOps, Jenkins, GitLab CI
Security tooling: SAST, DAST, SCA, IAST, CSPM tools, container scanning platforms
Cloud providers: Azure (primary), AWS, or GCP
IaC and containerization: Terraform, Kubernetes, Docker
Supply chain security: SLSA, Sigstore, SBOM tooling
Scripting and automation: Python, Bash, PowerShell

What You’ll Bring

8+ years of experience in Application Security, Product Security, DevSecOps, or Security Engineering
3+ years of hands-on experience with SAST, DAST, SCA, and IAST tooling integrated into CI/CD pipelines
3+ years in vulnerability management, including triage, risk scoring, and remediation coordination across engineering teams
Strong experience with Secure SDLC, threat modeling, and software supply chain security
Experience building API integrations and workflow automation across security platforms
Bachelor's degree in Computer Science, Engineering, or equivalent experience

Bonus Skills

Experience in regulated or compliance-driven environments, including policy-as-code and OPA/Gatekeeper
Familiarity with AI/ML security risks and emerging AI application security practices
Demonstrated experience leading cross-functional security initiatives and influencing without direct authority
Relevant certifications such as CISSP, CISM, CSSLP, or cloud security certifications

What you'll get

Unlimited paid time off, 12 paid holidays including 4 global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares
Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents
Medical, dental, and vision coverage starting on your first day
Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program
401(k) retirement plan with company matching contributions
Fertility, adoption, and surrogacy support through Maven, plus paid volunteer time
AirVet: 24/7 virtual veterinary care at no cost
Legal services, identity protection, and supplemental health insurance options
Tax-advantaged spending accounts for healthcare, dependent care, and commuting
Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning

Compensation Transparency

Veeam is committed to pay transparency and equitable compensation. For this role, the compensation range below reflects the expected total target compensation (TTC), inclusive of base pay and a competitive performance-based bonus. For roles with a commission plan, the compensation range represents On Target Earnings (OTE), which includes base salary plus variable commission. When determining compensation, Veeam takes into consideration factors such as experience, education, skills, and geographic zone. Offers are typically made below the midpoint of the range.

In addition to compensation, Veeam provides a comprehensive benefits package, including health coverage, retirement plans, and unlimited time off.

U.S. Geographic Zones & Compensation Ranges (TTC / OTE)

Zone 1: San Francisco Bay Area, New York City Boroughs

$237,800—$441,500 USD

Zone 2: Washington, California (excluding San Francisco Bay Area)

$218,000—$404,700 USD

Zone 3: Texas, Illinois, North Carolina, Colorado, Massachusetts, Pennsylvania, Virginia, Oregon, Nevada, Hawaii, New York (excluding NYC boroughs); Sales roles located in Georgia, Ohio, and Arizona

$198,100—$367,900 USD

Zone 4: All other US locations

$172,400—$320,100 USD

Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Personal data collected during the recruitment process will be processed in accordance with our Recruiting Privacy Notice, which explains how your information is collected, used, and handled in connection with hiring activities. By applying for this position, you consent to this processing.

By submitting your application, you confirm that the information provided, including any supporting documents, is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification may result in disqualification from consideration or, if discovered after employment begins, termination of employment.

Apply