Application Security Engineer

Veeam, the #1 global market leader in data resilience, believes businesses should control all their data whenever and wherever they need it. Veeam provides data resilience through data backup, data recovery, data portability, data security, and data intelligence. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running. Join us as we move forward together, growing, learning, and making a real impact for some of the world’s biggest brands. The future of data resilience is here - go fearlessly forward with us.

About the Role

We are looking for an Application Security Engineer to join our growing team of experts for our SaaS platform. The SaaS solutions we develop and offer to our customers are built on Microsoft Azure or/and AWS, offering best-in-class Data Protection services.

What You’ll Do

• Embed security practices across the SDLC—from design to deployment—working hand-in-hand with engineering teams
• Contribute to the automation and continuous improvement of our SaaS Application Security program
• Review architectures, designs, and code to identify risks and recommend secure patterns
• Improve the security, reliability, and compliance posture of cloud-native applications running in Azure and AWS
• Support threat modeling activities for new features and services
• Help enforce internal security standards and contribute to documentation, guidance, and developer-friendly guardrails
• Work with Compliance and Security Engineering to ensure alignment to frameworks such as SOC 2, ISO 27001, FedRAMP, and similar standards

Technologies You’ll Work With

• Source control & CI/CD: Azure DevOps, GitHub, Git, Bitbucket
• Azure services: Entra ID, API Management, Storage, Cosmos DB, Functions, App Service, Networking, Security Center
• Infrastructure as Code: ARM, Terraform, CloudFormation, Serverless Framework
• Observability: Azure Monitor, AppInsights, Elastic/ELK
• Security tooling: CSPM, ASPM/SAST/SCA/IaC scanning, code review automation, secrets scanning

What You’ll Bring

• 2+ years in Application Security or Software Engineering roles with direct involvement in securing cloud-native or SaaS applications
• Strong understanding of secure design principles and the ability to apply them within a modern DevOps/SRE environment
• Hands-on experience with CI/CD pipelines and integrating security controls into automated workflows
• Experience with cloud security (Azure or AWS), including identity, networking, secrets management, and PaaS services
• Familiarity with modern AppSec tooling (SAST, SCA, IaC scanning, dependency management, container scanning)
• Ability to collaborate with engineering teams as an enabler—not a gatekeeper—providing practical guidance and empathetic support
• Threat modeling experience (e.g., STRIDE, attack path analysis)
• Comfortable working with distributed teams and communicating in English

Bonus Skills

• Experience bringing SaaS products through major compliance audits (SOC 2, FedRAMP, HITRUST, ISO 27001)
• Software development background in C#, .NET, Python, or similar languages
• Understanding of applied cryptography, key management, and secrets handling in cloud environments
• Knowledge of container security, Kubernetes, and serverless security

What You’ll Get

• 25 vacation days, 4 sick days, 21 paid medical leave days, plus 4 extra global VeeaMe Days for self-care and 24 paid volunteer hours annually through Veeam Cares
• Premium private medical insurance for employees and dependents
• Daily meal vouchers for restaurants and groceries (180 CZK per working day)
• Flexible cafeteria platform with thousands of lifestyle benefit options
• Multisport Card for gym and wellness, with family add-on options
• Annual public transport reimbursement up to a set limit
• Corporate mobile plan with optional family tariff
• Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops and learning events like our annual Global Day of Learning

Please note: If the applicant is permanently present outside of the Czech Republic, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in the Czech Republic.