(Senior) Application Security Architect (m/f/x) onsite / remote in Germany

Job Description

As an Application Security Architect, you will support embedding security into all phases of the SDLC. This includes collaborating with development teams to implement secure coding practices, performing threat modeling, and ensuring that applications are resilient against potential security threats. The role also involves staying abreast of emerging security threats and technologies to continuously enhance the organization's security posture.

Key Responsibilities

1. Develop and implement security architectures for applications, ensuring alignment with organizational security policies and compliance requirements.
2. Conduct threat modeling exercises to identify potential security vulnerabilities and recommend mitigation strategies.
3. Perform in-depth code and design reviews, delivering actionable remediation guidance.
4. Integrate security practices into the SDLC, including code reviews, static and dynamic analysis, and security testing.
5. Work closely with cross-functional teams, including developers, QA, and operations, to ensure security is considered at every stage of application development.
6. Develop and maintain application security standards, guidelines, and best practices.
7. Evaluate, implement, and manage application security tools such as SAST, DAST, and IAST solutions.
8. Participate in incident response activities related to application security breaches, including root cause analysis and remediation planning.
9. Provide training and guidance to development teams on secure coding practices and emerging security threats.

Qualifications

1. Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
2. Extensive experience in application security, software development, or related roles.
3. Proven experience with secure coding practices, security assessments, authentication/authorization design, cryptography, API protection, and integrating security into the SDLC.
4. Proven record of facilitating threat modeling and delivering risk-balanced solutions to engineering teams.
5. Experience integrating and tuning security-testing tools in CI/CD workflows.
6. Strong understanding of application security frameworks and standards (e.g., OWASP ASVS, SAMM, NIST).
7. Proficiency in programming languages such as Java, Kotlin, or Python.
8. Experience with cloud security principles and securing applications in cloud environments (AWS in particular).
9. Clear, persuasive communication skills for both technical and non-technical audiences.
10. Ability to work independently and manage multiple projects simultaneously.

Additional Information

• Join one of the fastest-growing and most visible Fintech startups in Europe, creating innovative services that impact our customers' lives.
• Work with an international, diverse, inclusive, and expanding team dedicated to creating the best products.
• Work from our centrally located offices in Berlin or Munich, or remotely within Germany if eligible.
• Access to the latest hardware and tools to be productive.
• Participate in knowledge sharing, career development sessions, and utilize your Education Budget.
• Enjoy German culture through free language classes.
• Relocation support available if needed.
• Flexible vacation policy and options to work abroad.
• Attractive compensation, company pension scheme, and benefits like the ‘Deutschland Jobticket’ and PRIME+ Broker subscription.
• Access to discounted sports activities with Urban Sports Club.