(Senior) Product Security Manager (m/f/x) onsite / remote in Germany

We are looking for an experienced security leader to build and drive our Product Security program. As Product Security Manager, you will shape the secure-by-design strategy for all customer-facing products and services, oversee architecture reviews and penetration testing, and partner closely with engineering and DevOps to embed security controls throughout the development lifecycle. You will own roadmap planning, people development, and cross-functional communication.

1. Define and execute the product-security roadmap covering design reviews, threat modelling, penetration tests, secure-coding standards, and testing automation
2. Lead and mentor a multidisciplinary team of security experts
3. Conduct risk assessments and threat modelling workshops
4. Establish and maintain product-security playbooks, review checklists, and engagement models for engineering squads
5. Coordinate and track vulnerability remediation, providing clear risk and status updates to product, engineering, and executive leadership
6. Serve as single point of contact for product squads, ensuring timely security reviews and pragmatic guidance
7. Champion a security champion network, organising workshops and sharing best-practice playbooks to embed security-by-design throughout the SDLC
8. Ensure product security processes align with relevant regulations and industry frameworks

• 6+ years of application or product-security experience, with 2+ years leading teams
• Proven track-record establishing secure development lifecycle practices, threat-modelling, penetration testing, and vulnerability management workflows
• Solid understanding of modern cloud and application architectures, CI/CD pipelines, and offensive-security testing techniques
• Hands-on experience in code review, threat modelling, and penetration testing
• Strong leadership, project management, and stakeholder communication skills
• Excellent written and verbal communication skills, capable of conveying risk to technical and non-technical audiences
• Familiarity with common threat-modelling frameworks, secure coding standards, and industry compliance requirements
• Relevant credentials (CISSP, CSSLP, OSWE/OSCP, or comparable) are advantageous

• Be part of one of the fastest-growing and most visible Fintech startups in Europe, creating innovative services that impact our customers' lives
• Work with an international, diverse, and inclusive team that loves creating the best products for our clients
• Work from our centrally located offices in Munich or Berlin, or remotely within Germany (if eligible)
• Benefit from the latest hardware and tools to stay productive
• Participate in knowledge sharing sessions and use your Education Budget to learn and grow
• Join our free German language classes to experience German culture
• International relocation support available
• Enjoy flexible vacation policies and the option to work from abroad
• Receive an attractive compensation package and company pension scheme
• Monthly contribution of 25% for the ‘Deutschland Jobticket’
• Access to Scalable Capital's PRIME+ Broker subscription

Please note: If you are not a passport holder of the country for the vacancy, you might need a work permit. Check our Blog for more information. Avoid including bank or payment details in your application. All applications should be submitted via the 'Apply now' button.