RemoteLeaf Logo
Log in Sign up

Security Engineer III, Product AppSec

13 hours, 4 minutes ago
United States
Full-time
Senior
Application Security Engineer
DevOps and Infrastructure
Azure Bash CI/CD DevSecOps Docker PowerShell Python YAML
Apply Now
Veeam Software

Veeam Software

Veeam Software is the global leader in Backup that delivers Modern Data Protection, offering solutions for virtual environments, enterprises, small businesses, and service providers worldwide.

Internet Software & Services
1K-5K
Founded 2006
$500M raised
View All Jobs 162

Description

  • Monitor, assess, and manage security risks related to open-source dependencies, CVEs, and third-party components.
  • Triage and validate vulnerabilities across applications, containers, infrastructure, and dependencies, prioritizing by exploitability, exposure, and business impact.
  • Coordinate patch management initiatives and support automated patch deployment workflows with Release Engineering and DevOps teams.
  • Support and expand the Security Champion program by partnering with developers to improve secure coding awareness and adoption.
  • Integrate security controls into CI/CD pipelines and automate vulnerability scanning, dependency analysis, and security reporting.
  • Develop playbooks, documentation, and educational materials that enable self-service security within engineering teams.
  • Contribute to threat modeling, secure architecture discussions, and continuous improvement of secure SDLC processes.

Requirements

  • 5+ years of experience in Product Security, Application Security, DevSecOps, or Vulnerability Management.
  • 3+ years of hands-on experience with application security testing tools such as SAST, DAST, and SCA.
  • 2+ years in vulnerability management, including triage, SLA tracking, and remediation coordination.
  • Familiarity with CVEs, CVSS scoring, SBOM concepts, and software supply chain security.
  • Experience with CI/CD platforms, modern DevOps workflows, and cloud-native technologies.
  • Bachelor's degree in Computer Science, Engineering, or equivalent experience.
  • Experience participating in or managing Security Champion programs (preferred).
  • Knowledge of OWASP Top 10 and secure coding practices for cloud-native and enterprise products (preferred).
  • Familiarity with IaC, regulated environments, and compliance-driven security activities (preferred).
  • Relevant certifications such as CSSLP, GWEB, CCSP, OSCP, or GPEN (preferred).
  • US citizenship is required; security clearance is not currently required but may be requested in the future.

Benefits

  • Unlimited paid time off, 12 paid holidays, 4 global VeeaMe Days for self-care, and 24 paid volunteer hours annually.
  • Paid parental leave: 8 weeks for all parents and 16 weeks for birthing parents.
  • Medical, dental, and vision coverage starting on the first day.
  • Mental health support, therapy sessions, and digital wellness tools through the Employee Assistance Program.
  • 401(k) retirement plan with company matching contributions.
  • Fertility, adoption, and surrogacy support through Maven.
  • Tax-advantaged spending accounts for healthcare, dependent care, and commuting.
  • Learning and development support through LinkedIn Learning, O’Reilly, mentoring, workshops, and Global Day of Learning.
  • Competitive total target compensation with a performance-based bonus, with U.S. ranges from $151,200 to $347,500 depending on location.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Trail of Bits

Security Engineer 1, Application Security - Remote US

Trail of Bits 51-250 Internet Software & Services

Trail of Bits is hiring a Security Engineer 1 to support software assurance work by assessing client software, finding vulnerabilities, and delivering actionable security findings for engineering teams.

United States Full-time Entry Level Application Security Engineer
$100k-$160k
Android Ansible AWS Azure C C++ Cybersecurity GCP GitHub Go Helm iOS JavaScript Kubernetes Python Rust Terraform TypeScript
12 hours, 49 minutes ago
Greenlight

Staff Product Security Engineer

Greenlight 251-1K Capital Markets

Greenlight is hiring a Staff Product Security Engineer to secure its consumer products, digital platform, and emerging hardware devices within a regulated financial services environment.

United States Full-time Lead Application Security Engineer
$165k-$200k
AWS Burp Suite CI/CD DynamoDB GCP Helm IoT Java Kotlin Kubernetes Metasploit MySQL Node.js Penetration Testing Postman React Redis Swift SwiftUI
13 hours, 4 minutes ago
GuidePoint Security

Senior Application Security Engineer - Northeast region

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring an Application Security consultant to help clients operationalize, assess, and improve their application security programs and tooling across diverse environments.

United States Full-time Senior Application Security Engineer
AWS Azure Burp Suite C# C++ GCP Java JavaScript Jenkins PHP Python Serverless
1 day, 12 hours ago
GuidePoint Security

Senior Application Security Consultant, Strategic Services- Remote (Anywhere in the U.S.)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Senior Application Security Consultant to deliver client-facing application security assessments and advisory services across industries.

United States Full-time Senior Application Security Engineer
C# C++ DevSecOps Encryption Generative AI Java JavaScript PHP Python
2 days, 13 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers