(Senior) Application Security Architect (m/f/x) onsite / remote in Germany

Company Description

Scalable Capital is a leading digital investment platform in Europe, empowering individuals to shape their financial future. Our services include:

• Scalable Broker: Facilitates professional investment in stocks, ETFs, and other exchange-traded products, along with savings plans.
• Scalable Wealth: A digital wealth management service offering ETF portfolios, also available as a white-label solution for B2B partners.
• European Investor Exchange (EIX): Provides a stock exchange platform for retail investors across Europe.

Founded in 2014, we employ over 500 staff across Munich, Berlin, Vienna, and London, working on innovative financial services. Over 27 billion euros are managed on our platform by more than one million clients.

Learn more through our finance blog and follow us on social media channels.

Our Company Values guide our daily work and collaboration. More about our values can be found here.

As an Application Security Architect, you will embed security into all phases of the SDLC. Your role includes:

• Collaborating with development teams to implement secure coding practices.
• Performing threat modeling exercises.
• Ensuring applications are resilient against security threats.
• Staying updated on emerging security threats and technologies.

Key Responsibilities

1. Develop and implement security architectures aligned with policies and compliance.
2. Conduct threat modeling and recommend mitigation strategies.
3. Perform code and design reviews, providing remediation guidance.
4. Integrate security into the SDLC, including testing and analysis.
5. Work with cross-functional teams to prioritize security.
6. Maintain security standards, guidelines, and best practices.
7. Manage application security tools like SAST, DAST, and IAST.
8. Participate in incident response related to application security breaches.
9. Train development teams on secure coding and emerging threats.

Qualifications

1. Bachelor's or Master's in Computer Science, Information Security, or related field.
2. At least 5 years in application security or related roles.
3. Experience with secure coding, security assessments, authentication, cryptography, API protection, and SDLC security integration.
4. Proven ability in threat modeling and delivering risk solutions.
5. Experience with security testing tools in CI/CD workflows.
6. Knowledge of security frameworks (OWASP, SAMM, NIST).
7. Proficiency in Java, Kotlin, or Python.
8. Understanding of cloud security, especially AWS.
9. Strong communication skills for technical and non-technical audiences.
10. Ability to work independently and manage multiple projects.

Additional Information

• Join a fast-growing fintech startup impacting customers' lives.
• Work with an international, diverse team in Munich or Berlin, or remotely within Germany.
• Utilize the latest hardware and tools.
• Participate in knowledge sharing, training, and German language classes.
• Support for international relocation.
• Flexible vacations and remote work options.
• Attractive compensation, pension scheme, and other benefits.
• Monthly 25% contribution to 'Deutschland Jobticket'.
• Enjoy a complimentary PRIME+ Broker subscription from Scalable Capital.