Security Engineer III, Product AppSec

This is a fully remote position, open to applicants in Texas.

📋 Description

• Oversee, evaluate, and mitigate security risks associated with open-source software dependencies, CVEs, and third-party components.

• Assess and confirm vulnerabilities across applications, containers, infrastructure, and dependencies, prioritizing based on exploitability, exposure, and business impact.

• Facilitate patch management efforts and assist with automated patch deployment processes in collaboration with Release Engineering and DevOps teams.

• Enhance and support the Security Champion program by partnering with developers to foster secure coding awareness and practices.

• Integrate security measures into CI/CD pipelines while automating vulnerability scanning, dependency analysis, and security reporting.

• Create playbooks, documentation, and educational resources that encourage self-service security within engineering teams.

• Participate in threat modeling, secure architecture discussions, and the ongoing improvement of secure SDLC processes.

⛳️ Requirements

• A minimum of 5 years of experience in Product Security, Application Security, DevSecOps, or Vulnerability Management.

• At least 3 years of practical experience with application security testing tools (SAST, DAST, SCA).

• Over 2 years of experience in vulnerability management, encompassing triage, SLA tracking, and remediation coordination.

• Knowledge of CVEs, CVSS scoring, SBOM concepts, and software supply chain security.

• Proficient with CI/CD platforms, contemporary DevOps workflows, and cloud-native technologies.

• Bachelor's degree in Computer Science, Engineering, or equivalent professional experience.

🏝️ Benefits

• Unlimited paid time off, 12 paid holidays including 4 global VeeaMe Days for self-care, and 24 paid volunteer hours annually through Veeam Cares.

• Paid parental leave: 8 weeks for all parents, 16 weeks for birthing parents.

• Medical, dental, and vision coverage commencing on your first day.

• Mental health support, therapy sessions, and digital wellness tools available through our Employee Assistance Program.

• 401(k) retirement plan featuring company matching contributions.

• Fertility, adoption, and surrogacy support via Maven, along with paid volunteer time.

• AirVet: 24/7 virtual veterinary services at no cost.

• Legal services, identity protection, and additional health insurance options.

• Tax-advantaged spending accounts for healthcare, dependent care, and commuting.

• Opportunities for professional growth and development through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops, and learning events such as our annual Global Day of Learning.