Application Security Engineer

Veeam is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale. As the market leader in both data resilience and data security posture management, Veeam is built for the convergence of identity, data, security, and AI risk. Headquartered in Seattle with offices in more than 30 countries, Veeam protects over 550,000 customers worldwide, who trust Veeam to keep their businesses running. Join us as we go fearlessly forward together, growing, learning, and making a real impact for some of the world’s biggest brands. About the Role We are looking for an Applicatio n Security Engineer to join our growing team of experts for our SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure or/and AWS, offering best-in-class Data Protection services. What You’ll Do Embed security practices across the SDLC—from design to deployment—working hand-in-hand with engineering teams Contribute to the automation and continuous improvement of our SaaS Application Security program Review architectures, designs, and code to identify risks and recommend secure patterns Improve the security, reliability, and compliance posture of cloud-native applications running in Azure and AWS Support threat modeling activities for new features and services Help enforce internal security standards and contribute to documentation, guidance, and developer-friendly guardrails Work with Compliance and Security Engineering to ensure alignment to frameworks such as SOC 2, ISO 27001, FedRAMP, and similar standards Technologies You’ll Work With Source control CI/CD: Azure DevOps, GitHub, Git, Bitbucket Azure services: Entra ID, API Management, Storage, Cosmos DB, Functions, App Service, Networking, Security Center Infrastructure as Code: ARM, Terraform, CloudFormation, Serverless Framework Observability: Azure Monitor, AppInsights, Elastic/ELK Security tooling: CSPM, ASPM/SAST/SCA/IaC scanning, code review automation, secrets scanning What You’ll Bring 2+ years in Application Security or Software Engineering roles with direct involvement in securing cloud-native or SaaS applications Strong understanding of secure design principles and the ability to apply them within a modern DevOps/SRE environment Hands-on experience with CI/CD pipelines and integrating security controls into automated workflows Experience with cloud security (Azure or AWS), including identity, networking, secrets management, and PaaS services Familiarity with modern AppSec tooling (SAST, SCA, IaC scanning, dependency management, container scanning) Ability to collaborate with engineering teams as an enabler—not a gatekeeper—providing practical guidance and empathetic support Threat modeling experience (e.g., STRIDE, attack path analysis) Comfortable working with distributed teams and communicating in English Bonus Skills Experience bringing SaaS products through major compliance audits (SOC 2, FedRAMP, HITRUST, ISO 27001) Software development background in C#, .NET, Python, or similar languages Understanding of applied cryptography, key management, and secrets handling in cloud environments Knowledge of container security, Kubernetes, and serverless security What You’ll Get 25 vacation days, 4 sick days, 21 paid medical leave days, plus 4 extra global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares Premium private medical insurance for employees and dependents Daily meal vouchers for restaurants and groceries (180 CZK per working day) Flexible cafeteria platform with thousands of lifestyle benefit options Multisport Card for gym and wellness, with family add-on options Annual public transport reimbursement up to a set limit Corporate mobile plan with optional family tariff Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reill ... (truncated, view full listing at source)