Sr. Security Engineer

Overview

As a Sr. Security Engineer, you will play a key role in advancing our secure-by-design and privacy-by-design practices. You will collaborate closely with Engineering, DevOps, and SRE teams to embed security throughout the development lifecycle, manage security tooling, identify and mitigate risks, and ensure compliance with industry standards. This is a hands-on technical role requiring both depth in security engineering and strong collaboration across teams.

Key Responsibilities

Application & Cloud Security

• Define and monitor standards for the operation, administration, and continuous improvement of AppSec and CloudSec tools, including WAFs, SAST, DAST, SCA, IaC / container scanners, and CNAPP platforms.
• Perform threat modeling, architecture reviews, and source code assessments to identify and mitigate risks.
• Drive secure-by-design patterns across services, APIs, and infrastructure - including encryption, key management, secrets handling, and secure protocol design.
• Partner with product and engineering teams to review plans, designs, and code for security considerations.
• Guide cloud hardening across AWS (and optionally Azure / GCP) environments using IaC templates, guardrails, and CSPM / CNAPP controls.
• Maintain and update dependencies, container images, and libraries to reduce exposure.

DevSecOps Enablement

Vulnerability & Incident Management

Security Architecture & Program Maturity

Qualifications

Minimum

Preferred

The compensation for this role depends on several factors such as the candidate's skills, qualifications, experience, and work location. For candidates offered a position at the posted job level, the provided range is the expected base salary. This does not include any additional variable compensation, such as commission.

Compensation Disclosure

$154,000-$210,000 USD

Our Culture

We're driven to build a strong company culture and are looking for individuals with solid alignment with the following :

At Veza, your base pay is one part of your total compensation package. For this position, the reasonably expected pay range can be discussed with your recruiter for the level at which this job has been scoped. Your base pay will depend on several factors, including your experience, qualifications, education, location, and skills. In the event that you are considered for a different level, a higher or lower pay range would apply. This position is also eligible for equity and a competitive benefits package.

Veza is proud to be an equal opportunity employer. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, or other applicable legally protected characteristics. We also consider qualified applicants according to applicable federal, state, and local laws. If a candidate with a disability requires an accommodation during the recruitment process, please email recruiting@veza.com

About Veza

Veza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Authorization Graph. Global enterprises like Blackstone, Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations. Founded in 2020, Veza is headquartered in Redwood City, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.