Application Security Engineer

Описание вакансии

Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk. Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, who trust Veeam to keep their businesses running. Join us as we go fearlessly forward together, growing, learning, and making a real impact for some of the world’s biggest brands.

About the Role

We are looking for an Application Security Engineerto join our growing team of experts for our SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure or/and AWS, offering best-in-class Data Protection services.

What You’ll Do

• Embed security practices across the SDLC—from design to deployment—working hand-in-hand with engineering teams
• Contribute to the automation and continuous improvement of our SaaS Application Security program
• Review architectures, designs, and code to identify risks and recommend secure patterns
• Improve the security, reliability, and compliance posture of cloud-native applications running in Azure and AWS
• Support threat modeling activities for new features and services
• Help enforce internal security standards and contribute to documentation, guidance, and developer-friendly guardrails
• Work with Compliance and Security Engineering to ensure alignment to frameworks such as SOC 2, ISO 27001, FedRAMP, and similar standards

Technologies You’ll Work With

• Source control & CI/CD: Azure DevOps, GitHub, Git, Bitbucket
• Azure services: Entra ID, API Management, Storage, Cosmos DB, Functions, App Service, Networking, Security Center
• Infrastructure as Code: ARM, Terraform, CloudFormation, Serverless Framework
• Observability: Azure Monitor, AppInsights, Elastic/ELK
• Security tooling: CSPM, ASPM/SAST/SCA/IaC scanning, code review automation, secrets scanning

What You’ll Bring

• 2+ years in Application Security or Software Engineering roles with direct involvement in securing cloud-native or SaaS applications
• Strong understanding of secure design principles and the ability to apply them within a modern DevOps/SRE environment
• Hands-on experience with CI/CD pipelines and integrating security controls into automated workflows
• Experience with cloud security (Azure or AWS), including identity, networking, secrets management, and PaaS services
• Familiarity with modern AppSec tooling (SAST, SCA, IaC scanning, dependency management, container scanning)
• Ability to collaborate with engineering teams as an enabler—not a gatekeeper—providing practical guidance and empathetic support
• Threat modeling experience (e.g., STRIDE, attack path analysis)
• Comfortable working with distributed teams and communicating in English

Bonus Skills

• Experience bringing SaaS products through major compliance audits (SOC 2, FedRAMP, HITRUST, ISO 27001)
• Software development background in C#, .NET, Python, or similar languages
• Understanding of applied cryptography, key management, and secrets handling in cloud environments
• Knowledge of container security, Kubernetes, and serverless security

What You’ll Get

• 25 vacation days, 4 sick days, 21 paid medical leave days, plus 4 extra global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares
• Premium private medical insurance for employees and dependents
• Daily meal vouchers for restaurants and groceries (180 CZK per working day)
• Flexible cafeteria platform with thousands of lifestyle benefit options
• Multisport Card for gym and wellness, with family add-on options
• Annual public transport reimbursement up to a set limit
• Corporate mobile plan with optional family tariff
• Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops and learning events like our annual Global Day of Learning

Please note: If the applicant is permanently present outside of the Czech Republic, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in the Czech Republic.

#LI-EZ1

#Remote

Veeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.

Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.  

The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes. 

By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.

By submitting your application, you acknowledge that the information provided in your job application and any supporting documents is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification of information may result in disqualification from consideration for employment or, if discovered after employment begins, termination of employment.