[Remote] Security Engineer III, Product AppSec
Note: The job is a remote job and is open to candidates in USA. Veeam Software is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient. They are seeking a Product Security Engineer to strengthen and scale secure software development practices across various product environments, working closely with multiple teams to identify and remediate vulnerabilities.
Responsibilities
- Monitor, assess, and manage security risks related to open-source software dependencies, CVEs, and third-party components
- Triage and validate vulnerabilities across applications, containers, infrastructure, and dependencies — prioritizing by exploitability, exposure, and business impact
- Coordinate patch management initiatives and support automated patch deployment workflows with Release Engineering and DevOps teams
- Support and expand the Security Champion program, partnering with developers to improve secure coding awareness and adoption
- Integrate security controls into CI/CD pipelines and automate vulnerability scanning, dependency analysis, and security reporting
- Develop playbooks, documentation, and educational materials that promote self-service security within engineering teams
- Contribute to threat modeling, secure architecture discussions, and continuous improvement of secure SDLC processes
Skills
- 5+ years of experience in Product Security, Application Security, DevSecOps, or Vulnerability Management
- 3+ years of hands-on experience with application security testing tools (SAST, DAST, SCA)
- 2+ years in vulnerability management, including triage, SLA tracking, and remediation coordination
- Familiarity with CVEs, CVSS scoring, SBOM concepts, and software supply chain security
- Experience with CI/CD platforms, modern DevOps workflows, and cloud-native technologies
- Bachelor's degree in Computer Science, Engineering, or equivalent experience
- Experience participating in or managing Security Champion programs
- Knowledge of OWASP Top 10 and secure coding practices for cloud-native and enterprise products
- Familiarity with IaC, regulated environments, and compliance-driven security activities
- Relevant certifications such as CSSLP, GWEB, CCSP, OSCP, or GPEN
Benefits
- Unlimited paid time off, 12 paid holidays including 4 global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares
- Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents
- Medical, dental, and vision coverage starting on your first day
- Mental health support, therapy sessions, and digital wellness tools via our Employee Assistance Program
- 401(k) retirement plan with company matching contributions
- Fertility, adoption, and surrogacy support through Maven, plus paid volunteer time
- AirVet: 24/7 virtual veterinary care at no cost
- Legal services, identity protection, and supplemental health insurance options
- Tax-advantaged spending accounts for healthcare, dependent care, and commuting
- Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events like our annual Global Day of Learning
Company Overview