Cloud Security Architect

Scalable Capital is a leading digital investment and banking platform with a full banking licence, empowering people across Europe to shape their own finances. Scalable Broker makes it easy and affordable for clients to invest professionally in stocks, ETFs, cryptocurrencies, and derivatives, as well as set up savings plans. Scalable Wealth, the digital wealth management service, offers clients professional investment in ETF portfolios, and is also adopted as a white-label solution by banks and other B2B partners. The company's offerings are rounded off by attractive interest rates, loans, and private equity. With the European Investor Exchange, Scalable Capital offers an exchange specifically for retail investors. Over one million clients have already entrusted more than €30 billion to the platform.

Founded in 2014, Scalable Capital now employs over 700 people across Munich, Berlin, Vienna, Milan, and London. Together with the founding and management team, including Erik Podzuweit and Florian Prucker, they are working on a new generation of financial services.

Visit our finance blog or check out our Social Media channels to find out what our Expert Teams have to say.

Our Company Values guide us every day in how we work and collaborate. To learn more about them, you can find our values here (English).

We're looking for a Senior Cloud Security Architect to own and evolve our AWS security architecture across a multi-account environment. You'll define guardrails, design secure patterns, and partner with platform and product teams to ship resilient, compliant services at speed.

What you'll do

• Architect Cloud Foundations: Support the strategy for our core AWS environment, including our multi-account structure, network security patterns (TGW, VPCs), and identity and access management (IAM) at scale.
• Secure the Software Development Lifecycle: Partner with engineering teams to embed security into every stage of development. This includes defining standards for container security (EKS), securing CI/CD pipelines with policy-as-code, and promoting secure Infrastructure-as-Code (IaC) modules.
• Lead Threat Detection and Response: Design and implement the strategy for cloud threat detection and monitoring. Serve as the primary technical expert during cloud security incidents to guide investigation and containment.
• Govern Data Protection and Encryption: Establish and oversee the enterprise strategy for data security in the cloud, defining standards and reference patterns for cryptographic services (KMS), data discovery, and service-specific encryption controls.
• Drive Governance, Risk, and Enablement: Translate compliance requirements (e.g., ISO 27001, SOC 2) into actionable cloud controls. Empower engineers by leading threat modeling sessions, facilitating architecture reviews, and publishing reusable security patterns.
• Evaluate and Integrate Security Tooling: Lead the evaluation, selection, and strategic integration of modern cloud security platforms (e.g., CNAPP, CSPM, CIEM) to provide measurable value and actionable insights.

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.​
• Extensive experience in security/infrastructure and in designing on AWS at multi-account scale.
• Proven ownership of AWS org-level controls: Organizations/Control Tower, SCPs, SSO/IAM Identity Center, CloudTrail org trails, Security Hub, GuardDuty.
• Deep hands-on with IAM (STS, permission boundaries, condition keys, role chaining), KMS, VPC/TGW/PrivateLink, Route 53, WAF/Shield, S3 security.
• Strong IaC (Terraform preferred; CloudFormation/CDK fine) and CI/CD integration (GitHub Actions/GitLab/Jenkins).
• Solid EKS security (IRSA, PSP/PSS, network policies, admission control via Kyverno/Gatekeeper) and container supply-chain fundamentals.
• Experience building policy-as-code and guardrails that block risky changes pre-merge without blocking delivery.
• Competent in at least one language (Python or Go) plus shell; capable of writing small tools and automations.
• Excellent stakeholder communication and documentation.

• Be part of one of the fastest-growing and most visible Fintech startups in Europe, creating innovative services that have a substantial impact on the lives of our customers
• Work with an international, diverse, inclusive, and ever-growing team that loves creating the best products for our clients
• Work from our centrally located offices in the heart of Munich or Berlin, nestled in lively neighborhoods filled with vibrant restaurants, cozy cafés, and a wide range of convenient amenities 
• Be productive with the latest hardware and tools
• Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget 
• Learn and experience German culture first hand by joining our free German language classes
• International relocation support is provided if required 
• Flexible vacation policy and the opportunity to work from abroad
• Benefit from an attractive compensation package and from the company pension scheme
• Monthly contribution of 50% for the 'Deutschland Jobticket'
• Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capital's PRIME+ Broker
• Enjoy flexible and discounted sports activities with Urban Sports Club

#LI-Hybrid