Cloud Application Security Engineer (Middle/Senior)

Veeam, the #1 global market leader in data resilience, believes businesses should control all their data whenever and wherever they need it. Veeam provides data resilience through data backup, data recovery, data portability, data security, and data intelligence. Based in Seattle, Veeam protects over 550,000 customers worldwide who trust Veeam to keep their businesses running. Join us as we move forward together, growing, learning, and making a real impact for some of the world’s biggest brands. The future of data resilience is here - go fearlessly forward with us.About The RoleJoin us as a Cloud Application Security Engineer and help shape the security of Veeam products, enhancing data protection and driving business resilience.What You’ll DoConduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products and servicesWork with development teams to integrate secure development practices into the software development lifecycleCollaborate on the design and implementation of security within public cloud environmentsThreat modelling and design reviews for new and existing Veeam productsConducting manual source code security auditsUsing automated application-analysis toolsWhat You’ll Bring3-5 years of experience in application securityFamiliarity with cloud platforms, preferably Azure, or AWSExperience with multiple programming languages (such as C/C++/C#/JavaScript)Experience with Infrastructure as Code, such as ARM/Bicep, Terraform or AnsibleExperience with CI/CD tools, preferably JenkinsA good understanding of the principles of secure software developmentA desire to develop in the field of application securityA lively and flexible mind, clear logic, and analytical skillsThe desire and ability to work as part of a teamEnglish proficiency for daily communication within international teamsBonus SkillsKnowledge of scripting languages (Python, PowerShell, Bash, Ruby, etc.)Knowledge of modern cryptographic algorithmsExperience with DAST and SAST toolsSkills using OWASP ZAP, Burp Suite, Kali Linux toolsCertifications such as OSCP, CEH, CSSLP, CCSP, AWS Certified Security, Azure Cybersecurity Architect, etcWhat You’ll Get29 paid days off annually plus three global VeeaMe Days for self-care and paid volunteer timePaid parental, maternity, and paternity leaveFully covered family medical plan, dental, rehab, and vaccinationsLife, critical illness, and disability insuranceEmployer pension contribution via PPKMonthly lunch and wellness benefitsSix free therapy sessions, plus legal and financial adviceProfessional training and education, including courses and workshops, internal meetups, and unlimited access to our online learning platforms (LinkedIn Learning, Athena, O’Reilly) and mentoring through our MentorLab programPlease note: If the applicant is permanently present outside of Poland, Veeam reserves the right to refuse to consider the application for a job. Remote job is only possible in case the employee is located in Poland.#RemoteVeeam Software is an equal opportunity employer and does not tolerate discrimination in any form on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state or local law. All your information will be kept confidential.Please note that any personal data collected from you during the recruitment process will be processed in accordance with our Recruiting Privacy Notice.The Privacy Notice sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us in connection with our recruitment processes.By applying for this position, you consent to the processing of your personal data in accordance with our Recruiting Privacy Notice.By submitting your application, you acknowledge that the information provided in your job application and any supporting documents is complete and accurate to the best of your knowledge. Any misrepresentation, omission, or falsification of information may result in disqualification from consideration for employment or, if discovered after employment begins, termination of employment.