Senior Product Security Engineer

Veo is a global leader in AI-based sports camera technology. Our innovative, fully automatic camera solution enables sports teams to record matches and training sessions without a camera operator. We’re democratizing the world of sports by granting video analysis for teams on all levels—a privilege that used to be only for the few. More than 40,000 clubs in 90+ countries record their games every week.

But what truly sets us apart? Our people. We’re a diverse group of innovative thinkers, creators, and problem-solvers who believe in delivering an incredible product—and having fun while doing it.

The Opportunity
Veo processes thousands of hours of sports video daily, powering AI analysis for teams from grassroots to professional levels. The infrastructure you build will directly enable coaches and athletes worldwide to analyze, train, and compete better.
We're building KickOff, our next-generation GitOps platform. You'll join during a pivotal moment: we're actively migrating services to KickOff, establishing new platform patterns and enabling 100+ engineers to ship faster and more reliably. We also maintain separate on-premises Kubernetes clusters running model training and video processing workloads.
This isn't a "keep the lights on" role. You'll shape platform architecture, drive technical decisions, and directly impact engineering velocity across both cloud and on-prem environments.

What You Will Do

You'll join the Security Enablement Team with shared ownership of the team’s mission and clear focus on product security. You’ll work closely with product teams, pair on complex problems, and build reusable solutions that help teams own security in their own systems.

• Build lightweight SDLC checks for unsafe queries, secrets in code, and credential handling, wired into the developer workflow


• Establish patterns for safe data access, browser-side credential handling, and memory-safe handling of sensitive data


• Build automated checks that surface drift when previously secured surfaces (for example, playgrounds and internal tooling) regress, so the owning teams get a signal and can act on it


• Build the intake and tracking system that classifies penetration test findings on the product and surfaces them to owning teams with tracked SLAs


• Create clear documentation and self-service tooling that help product engineers make secure choices without needing security expertise.


• Help automate product-security control evidence for GRC, reducing manual follow-up and making controls easier to prove.

As the team matures, you'll have opportunities to shape the company's secure-by-default patterns, threat modeling practices, and the security review process for new product surfaces.

What You Could Bring

You likely have several years of production software engineering experience and have applied security thinking in real engineering workflows, not only in reviews or audits. In practice, that looks like:

• Full SDLC understanding: You've shipped product code in production and understand how security fits into real engineering workflows


• Practical security experience: You've surfaced and fixed issues like SQL injection, unsafe query patterns, secrets in code, and unsafe handling of credentials in the browser


• Generalist depth: You're comfortable across backend, frontend, and the integration points where most security issues live.


• Platform-as-product mindset: You've built or contributed to internal tooling that real teams use, gathered feedback, and measured impact on developer productivity


• CI/CD familiarity: You know how to add security feedback to build and deployment pipelines without creating unnecessary friction, including checks for dependencies, secrets, static analysis, and pipeline identity.


• Carrot-not-stick instinct: You build guard rails into tools developers already use, and reach for manual review only as a last resort


• Collaboration: You work through discussion and feedback, share context effectively, and write things down

Nice to have: experience with SAST/DAST tooling, dependency scanning, supply chain security (SLSA, signing), and security review for cloud-native applications.

How We Work

You'll join a Copenhagen-based Security Enablement Team of three engineers plus a manager. We operate as an enablement function: we build shared tooling and golden paths, and we step in for focused, high-leverage missions where no other team is positioned to deliver. We do not run a SOC and we do not carry a security pager.

You'll collaborate regularly with the Platform, Product, IT, Firmware, and GRC teams. We work pragmatically and iterate quickly. We document decisions, favor simple solutions where possible, and focus on tooling and platform patterns that help teams move faster with confidence.

We value diversity and inclusion and welcome applicants from all backgrounds. If your experience does not match every qualification exactly, we still encourage you to apply. What matters most is strong problem-solving, learning mindset, and the ability to contribute meaningfully.

Dette opslag er fra ats_lever. Se originalopslag ↗