Senior Product Security Engineer

Veo is a global leader in AI-based sports camera technology. Our innovative, fully automatic camera solution enables sports teams to record matches and training sessions without a camera operator. We’re democratizing the world of sports by granting video analysis for teams on all levels—a privilege that used to be only for the few. More than 40,000 clubs in 90+ countries record their games every week.
But what truly sets us apart? Our people. We’re a diverse group of innovative thinkers, creators, and problem-solvers who believe in delivering an incredible product—and having fun while doing it.

The Opportunity

We're forming a Security Enablement Team that makes it easy for every engineering team at Veo to build, ship, and operate secure systems. You'll focus on the product security slice, partnering with product teams to bake security into how we build rather than bolting it on at the end. As an enablement function, the team does not own product components day to day. We build the paved roads, tooling, and patterns that let product teams ship secure code by default. You'll join during a pivotal moment: we're standing the team up, defining what "secure by default" looks like at Veo, and rolling out the first paved roads for SDLC checks, secret handling, and safe data access patterns. You'll have direct impact on how 100+ engineers write, review and ship code. This isn't a gatekeeping or red-team role. The Security Enablement Team is enablement-first: we build paved roads and shared tooling that other teams adopt, not run components on their behalf.

What You Will Do

You'll join the Security Enablement Team with shared ownership of the team’s mission and clear focus on product security. You’ll work closely with product teams, pair on complex problems, and build reusable solutions that help teams own security in their own systems.

• Build lightweight SDLC checks for unsafe queries, secrets in code, and credential handling, wired into the developer workflow

• Establish patterns for safe data access, browser-side credential handling, and memory-safe handling of sensitive data

• Build automated checks that surface drift when previously secured surfaces (for example, playgrounds and internal tooling) regress, so the owning teams get a signal and can act on it

• Build the intake and tracking system that classifies penetration test findings on the product and surfaces them to owning teams with tracked SLAs

• Create clear documentation and self-service tooling that help product engineers make secure choices without needing security expertise.

• Help automate product-security control evidence for GRC, reducing manual follow-up and making controls easier to prove.

As the team matures, you'll have opportunities to shape the company's secure-by-default patterns, threat modeling practices, and the security review process for new product surfaces.

What You Could Bring

You likely have several years of production software engineering experience and have applied security thinking in real engineering workflows, not only in reviews or audits. In practice, that looks like:

• Full SDLC understanding: You've shipped product code in production and understand how security fits into real engineering workflows

• Practical security experience: You've surfaced and fixed issues like SQL injection, unsafe query patterns, secrets in code, and unsafe handling of credentials in the browser

• Generalist depth: You're comfortable across backend, frontend, and the integration points where most security issues live.

• Platform-as-product mindset: You've built or contributed to internal tooling that real teams use, gathered feedback, and measured impact on developer productivity

• CI/CD familiarity: You know how to add security feedback to build and deployment pipelines without creating unnecessary friction, including checks for dependencies, secrets, static analysis, and pipeline identity.

• Carrot-not-stick instinct: You build guard rails into tools developers already use, and reach for manual review only as a last resort

• Collaboration: You work through discussion and feedback, share context effectively, and write things down

Nice to have: experience with SAST/DAST tooling, dependency scanning, supply chain security (SLSA, signing), and security review for cloud-native applications.

How We Work

You'll join a Copenhagen-based Security Enablement Team of three engineers plus a manager. We operate as an enablement function: we build shared tooling and golden paths, and we step in for focused, high-leverage missions where no other team is positioned to deliver. We do not run a SOC and we do not carry a security pager.

You'll collaborate regularly with the Platform, Product, IT, Firmware, and GRC teams. We work pragmatically and iterate quickly. We document decisions, favor simple solutions where possible, and focus on tooling and platform patterns that help teams move faster with confidence.

We value diversity and inclusion and welcome applicants from all backgrounds. If your experience does not match every qualification exactly, we still encourage you to apply. What matters most is strong problem-solving, learning mindset, and the ability to contribute meaningfully.