Security Engineer III, Product AppSec
Product
United States · Remote
Posted on Jun 25, 2026
<div class="content-intro"><div class="elementToProof"> <p>Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk. Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, who trust Veeam to keep their businesses running. Join us as we go fearlessly forward together, growing, learning, and making a real impact for some of the world’s biggest brands.</p> </div></div><h4><span style="color: rgb(255, 255, 255);"><strong>#LI-JC2 #LI-REMOTE</strong></span></h4> <h4><strong>About the Role</strong></h4> <p><span class="NormalTextRun SCXW165329371 BCX0">We're looking for a Product Security Engineer to strengthen and scale secure software development practices across cloud-native, enterprise, and AI-enabled product environments. </span><span class="NormalTextRun SCXW165329371 BCX0">You'll</span><span class="NormalTextRun SCXW165329371 BCX0"> work closely with Product Security, Engineering, DevOps, and Platform teams to </span><span class="NormalTextRun SCXW165329371 BCX0">identify</span><span class="NormalTextRun SCXW165329371 BCX0">, prioritize, and remediate vulnerabilities throughout the software development lifecycle. This role is ideal for someone passionate about application security, developer enablement, and building scalable security processes that integrate naturally into engineering workflows.</span></p> <p><span class="NormalTextRun SCXW165329371 BCX0"><span style="text-decoration: underline;"><em><span class="EOP SCXW141537624 BCX0" data-ccp-props="{"201341983":0,"335559739":160,"335559740":278}"><span class="TextRun SCXW83299879 BCX0" lang="EN-US" data-contrast="auto"><span class="NormalTextRun AdvancedProofingIssueV2Themed SCXW83299879 BCX0">Due to the fact that</span><span class="NormalTextRun SCXW83299879 BCX0"> this position will deal with </span><span class="NormalTextRun SCXW83299879 BCX0">highly sensitive</span><span class="NormalTextRun SCXW83299879 BCX0"> data and will support federal customers, we are only considering US citizens at this time. Security clearance is not </span><span class="NormalTextRun SCXW83299879 BCX0">required</span><span class="NormalTextRun SCXW83299879 BCX0">, but there is a slight chance it </span><span class="NormalTextRun ContextualSpellingAndGrammarErrorV2Themed SCXW83299879 BCX0">maybe</span><span class="NormalTextRun SCXW83299879 BCX0"> requested in the future</span></span><span class="EOP Selected SCXW83299879 BCX0" data-ccp-props="{"134233117":false,"134233118":false,"335559738":0,"335559739":0}"> </span></span></em></span></span></p> <h4 id="id-📝JobDescription&JobPostGuidelines-WhatYou’llDo.1"><strong>What You’ll Do</strong></h4> <ul> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Monitor, assess, and manage security risks related to open-source software dependencies, CVEs, and third-party components</span></li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Triage and validate vulnerabilities across applications, containers, infrastructure, and dependencies — prioritizing by exploitability, exposure, and business impact</li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Coordinate patch management initiatives and support automated patch deployment workflows with Release Engineering and DevOps teams</li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Support and expand the Security Champion program, partnering with developers to improve secure coding awareness and adoption</li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Integrate security controls into CI/CD pipelines and automate vulnerability scanning, dependency analysis, and security reporting</li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Develop playbooks, documentation, and educational materials that promote self-service security within engineering teams</li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Contribute to threat modeling, secure architecture discussions, and continuous improvement of secure SDLC processes</li> </ul> <h4 id="id-📝JobDescription&JobPostGuidelines-TechnologiesYou’llWorkWith.1"><strong>Technologies You’ll Work With</strong></h4> <ul> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">SCA and vulnerability scanning platforms: Snyk, Mend, Dependabot, GitHub Advanced Security, Veracode, Checkmarx</span></li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Cloud and container security: Wiz, Prisma Cloud, Docker, Azure</li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">CI/CD platforms and DevOps toolchains</li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">SBOM generation tools, artifact repositories, and package signing technologies</li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Scripting and automation: Python, Bash, PowerShell, YAML<span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":278}"> </span></li> </ul> <h4 id="id-📝JobDescription&JobPostGuidelines-WhatYou’llDo.1"><strong>What You’ll Bring</strong></h4> <ul> <li data-leveltext="" data-font="Symbol" data-listid="11" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">5+ years of experience in Product Security, Application Security, DevSecOps, or Vulnerability Management</span></li> <li data-leveltext="" data-font="Symbol" data-listid="11" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">3+ years of hands-on experience with application security testing tools (SAST, DAST, SCA)</li> <li data-leveltext="" data-font="Symbol" data-listid="11" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">2+ years in vulnerability management, including triage, SLA tracking, and remediation coordination</li> <li data-leveltext="" data-font="Symbol" data-listid="11" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Familiarity with CVEs, CVSS scoring, SBOM concepts, and software supply chain security</li> <li data-leveltext="" data-font="Symbol" data-listid="11" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Experience with CI/CD platforms, modern DevOps workflows, and cloud-native technologies<span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":278}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="11" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1"><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":278}"><span class="TextRun SCXW190790712 BCX0" lang="EN-US" data-contrast="auto"><span class="NormalTextRun ContextualSpellingAndGrammarErrorV2Themed SCXW190790712 BCX0">Bachelor's degree in Computer Science</span><span class="NormalTextRun SCXW190790712 BCX0">, Engineering, or equivalent experience</span></span><span class="EOP Selected SCXW190790712 BCX0" data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335559738":0,"335559739":0,"335559740":278}"> </span></span></li> </ul> <h4 id="id-📝JobDescription&JobPostGuidelines-WhatYou’llDo.1"><strong>Bonus Skills</strong></h4> <ul> <li data-leveltext="" data-font="Symbol" data-listid="12" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Experience participating in or managing Security Champion programs</span></li> <li data-leveltext="" data-font="Symbol" data-listid="12" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Knowledge of OWASP Top 10 and secure coding practices for cloud-native and enterprise products</li> <li data-leveltext="" data-font="Symbol" data-listid="12" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Familiarity with IaC, regulated environments, and compliance-driven security activities</li> <li data-leveltext="" data-font="Symbol" data-listid="12" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Relevant certifications such as CSSLP, GWEB, CCSP, OSCP, or GPEN</li> </ul><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p><span style="font-size: 16px;"><strong>What you'll get</strong></span></p> <ul> <li><span style="font-size: 16px;"><span data-teams="true">Unlimited paid time off, 12 paid holidays including 4 global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares</span></span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="a78978dc-ac89-45cb-90d8-046512111001"><span style="font-size: 16px;">Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="c1532033-276f-4e8a-a3b5-e95a41390077"><span style="font-size: 16px;">Medical, dental, and vision coverage starting on your first day</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="269bfa66-2d60-4598-8e5b-4cca247a02cd"><span style="font-size: 16px;">Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="5f78a25b-2b13-4e0c-8a27-7b2f06f8af85"><span style="font-size: 16px;">401(k) retirement plan with company matching contributions</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="72318735-b901-4780-8fd3-4c5b19dc96de"><span style="font-size: 16px;">Fertility, adoption, and surrogacy support through Maven, plus paid volunteer time</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="ab8637f1-df99-4bd9-ac2a-1038c17e946d"><span style="font-size: 16px;">AirVet: 24/7 virtual veterinary care at no cost</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="acc447d4-7091-44ec-85c6-7041bf41a6c9"><span style="font-size: 16px;">Legal services, identity protection, and supplemental health insurance options</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="f1cae164-1753-4613-9116-6f6cbaa77f39"><span style="font-size: 16px;">Tax-advantaged spending accounts for healthcare, dependent care, and commuting</span></li> <li class="___ccc16d0 fje8fi8 f1ng9h0j f1bwykku f18jd3zf" style="font-size: 16px;" data-uuid="2b56323b-b405-4551-b6ce-3aaf737adb5a"><span style="font-size: 16px;">Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning</span></li> </ul> <p><span style="font-size: 16px;"><strong>Compensation Transparency</strong></span></p> <p><span style="font-size: 16px;">Veeam is committed to pay transparency and equitable compensation. For this role, the compensation range below reflects the expected total target compensation (TTC), inclusive of base pay and a competitive performance-based bonus. For roles with a commission plan, the compensation range represents On Target Earnings (OTE), which includes base salary plus variable commission. When determining compensation, Veeam takes into consideration factors such as experience, education, skills, and geographic zone. Offers are typically made below the midpoint of the range.</span></p> <p><span style="font-size: 16px;">In addition to compensation, Veeam provides a comprehensive benefits package, including health coverage, retirement plans, and unlimited time off.</span></p> <div><span style="font-size: 16px;"><strong>U.S. Geographic Zones & Compensation Ranges (TTC / OTE)</strong></span></div></div><div class="title">Zone 1: San Francisco Bay Area, New York City Boroughs</div><div class="pay-range"><span>$208,500</span><span class="divider">—</span><span>$347,500 USD</span></div></div><div class="pay-input"><div class="title">Zone 2: Washington, California (excluding San Francisco Bay Area)</div><div class="pay-range"><span>$191,100</span><span class="divider">—</span><span>$318,500 USD</span></div></div><div class="pay-input"><div class="title">Zone 3: Texas, Illinois, North Carolina, Colorado, Massachusetts, Pennsylvania, Virginia, Oregon, Nevada, Hawaii, New York (excluding NYC boroughs); Sales roles located in Georgia, Ohio, and Arizona</div><div class="pay-range"><span>$173,800</span><span class="divider">—</span><span>$289,700 USD</span></div></div><div class="pay-input"><div class="title">Zone 4: All other US locations</div><div class="pay-range"><span>$151,200</span><span class="divider">—</span><span>$251,900 USD</span></div></div></div><div class="content-conclusion"><div data-pm-slice="1 1 ["ul",null,"li",{"style":null,"checked":null,"value":null,"displayValue":null,"backgroundColor":null,"color":null,"listStyleType":null}]" data-en-clipboard="true"> <p data-local-id="56095010243a" data-prosemirror-content-type="node" data-prosemirror-node-name="paragraph" data-prosemirror-node-block="true" data-pm-slice="1 1 []"><strong data-prosemirror-content-type="mark" data-prosemirror-mark-name="strong">Veeam Software is an equal opportunity employer</strong> and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.</p> <p>Personal data collected during the recruitment process will be processed in accordance with our <a href="https://www.veeam.com/legal/recruiting-privacy-notice.html">Recruiting Privacy Notice</a>, which explains how your information is collected, used, and handled in connection with hiring activities. By applying for this position, you consent to this processing. </p> <p>By submitting your application, you confirm that the information provided, including any supporting documents, is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification may result in disqualification from consideration or, if discovered after employment begins, termination of employment.</p> </div> <p><a id="app"></a></p></div>