Senior Product Security Manager

Summary

Join Scalable Capital, a leading European digital investment platform, as their Product Security Manager. You will build and lead the Product Security program, shaping the secure-by-design strategy for all customer-facing products and services. Key responsibilities include defining and executing the product security roadmap, mentoring a security team, conducting risk assessments, and ensuring alignment with regulations. The ideal candidate possesses 6+ years of application or product security experience, including 2+ years leading teams, and a strong understanding of cloud and application architectures. Excellent communication skills are essential for conveying risk to both technical and non-technical audiences. This role offers the opportunity to work in Munich or Berlin, with remote work options within Germany, along with a comprehensive benefits package.

Requirements

• 6+ years of application or product-security experience, with 2+ years leading teams
• Proven track-record establishing secure development life-cycle practices, threat-modelling, penetration testing and vulnerability-management workflows
• Solid understanding of modern cloud and application architectures, CI/CD pipelines, and offensive-security testing techniques
• Hands‑on experience in code review, threat modelling, and penetration testing
• Strong leadership, project‑management, and stakeholder‑communication skills
• Excellent written and verbal communication skills, capable of conveying risk to technical and non-technical audiences
• Familiarity with common threat‑modelling frameworks, secure‑coding standards, and industry compliance requirements

Responsibilities

• Define and execute the product-security roadmap covering design reviews, threat modelling, penetration tests, secure-coding standards, and testing automation
• Lead and mentor a multidisciplinary team of security experts
• Conduct risk assessments and threat modelling workshops
• Establish and maintain product-security playbooks, review checklists, and engagement models for engineering squads
• Coordinate and track vulnerability remediation, providing clear risk and status updates to product, engineering, and executive leadership
• Serve as single point of contact for product squads, ensuring timely security reviews and pragmatic guidance
• Champion a security champion network, organising workshops and sharing best‑practice playbooks to embed security‑by‑design throughout the SDLC
• Ensure product security processes align with relevant regulations and industry frameworks

Preferred Qualifications

Relevant credentials (CISSP, CSSLP, OSWE/OSCP, or comparable) are advantageous

Benefits

• Work from our centrally located offices in the heart of Munich or Berlin, nestled in lively neighborhoods filled with vibrant restaurants, cozy cafés, and a wide range of convenient amenities or choose to work remotely within Germany (if eligible for the job)
• Be productive with the latest hardware and tools
• Learn and grow by joining our in-house knowledge sharing sessions and spending your individual Education Budget
• Learn and experience German culture first hand by joining our free German language classes
• (International) relocation support
• Flexible vacation policy and the opportunity to work from abroad
• Benefit from an attractive compensation package and from the company pension scheme
• Monthly contribution of 25% for the ‘Deutschland Jobticket’
• Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capital's PRIME+ Broker