Product Security Manager(m/w/x)

## Job Description We are looking for an experienced security leader to build and drive our Product Security program. As Product Security Manager you will shape the secure-by-design strategy for all customer-facing products and services, oversee architecture reviews and penetration testing, and partner closely with engineering and DevOps to embed security controls throughout the development life-cycle. You will own roadmap planning, people development, and cross-functional communication. Key responsibilities * Define and execute the product-security roadmap covering design reviews, threat modelling, penetration tests, secure-coding standards, and testing automation * Lead and mentor a multidisciplinary team of security experts * Conduct risk assessments and threat modelling workshops * Establish and maintain product-security playbooks, review checklists, and engagement models for engineering squads * Coordinate and track vulnerability remediation, providing clear risk and status updates to product, engineering, and executive leadership * Serve as single point of contact for product squads, ensuring timely security reviews and pragmatic guidance. * Champion a security champion network, organising workshops and sharing best‑practice playbooks to embed security‑by‑design throughout the SDLC * Ensure product security processes align with relevant regulations and industry frameworks ## Qualifications * 6+ years of application or product-security experience, with 2+ years leading teams * Proven track-record establishing secure development life-cycle practices, threat-modelling, penetration testing and vulnerability-management workflows * Solid understanding of modern cloud and application architectures, CI/CD pipelines, and offensive-security testing techniques * Hands‑on experience in code review, threat modelling, and penetration testing. * Strong leadership, project‑management, and stakeholder‑communication skills * Excellent written and verbal communication skills, capable of conveying risk to technical and non-technical audiences * Familiarity with common threat‑modelling frameworks, secure‑coding standards, and industry compliance requirements * Relevant credentials (CISSP, CSSLP, OSWE/OSCP, or comparable) are advantageous ## Additional Information * Be part of one of the fastest-growing and most visible Fintech startups in Europe, creating innovative services that have a substantial impact on the lives of our customers * Work with an international, diverse, inclusive, and ever-growing team that loves creating the best products for our clients * Work from our centrally located offices in the heart of Munich or Berlin, nestled in lively neighborhoods filled with vibrant restaurants, cozy cafés, and a wide range of convenient amenities or choose to work remotely within Germany (if eligible for the job) * Be productive with the latest hardware and tools * Learn and grow by joining our in-house knowledge sharing sessions and spending your individual Education Budget * Learn and experience German culture first hand by joining our free German language classes * (International) relocation support * Flexible vacation policy and the opportunity to work from abroad * Benefit from an attractive compensation package and from the company pension scheme * Monthly contribution of 25% for the ‘Deutschland Jobticket’ * Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capital's PRIME+ Broker