Application Security Architect

Scalable Capital is a leading digital investment and banking platform with a full banking licence, empowering people across Europe to shape their own finances. Scalable Broker makes it easy and affordable for clients to invest professionally in stocks, ETFs, cryptocurrencies, and derivatives, as well as set up savings plans. Scalable Wealth, the digital wealth management service, offers clients professional investment in ETF portfolios, and is also adopted as a white-label solution by banks and other B2B partners. The company's offerings are rounded off by attractive interest rates, loans, and private equity. With the European Investor Exchange, Scalable Capital offers an exchange specifically for retail investors. Over one million clients have already entrusted more than €30 billion to the platform.

Founded in 2014, Scalable Capital now employs over 700 people across Munich, Berlin, Vienna, Milan, and London. Together with the founding and management team, including Erik Podzuweit and Florian Prucker, they are working on a new generation of financial services.

Visit our finance blog or check out our Social Media channels to find out what our Expert Teams have to say.

Our Company Values guide us every day in how we work and collaborate. To learn more about them, you can find our values here (English).

As Application Security Architect you will support the embedding of security into all phases of the SDLC. This includes collaborating with development teams to implement secure coding practices, performing threat modeling, and ensuring that applications are resilient against potential security threats. The role also involves staying abreast of emerging security threats and technologies to continuously enhance the organization's security posture.​

Key responsibilities

• Develop and implement security architectures for applications, ensuring alignment with organizational security policies and compliance requirements.​
• Conduct threat modeling exercises to identify potential security vulnerabilities and recommend mitigation strategies.​
• Perform in‑depth code and design reviews, delivering actionable remediation guidance.
• Integrate security practices into the SDLC, including code reviews, static and dynamic analysis, and security testing.​
• Work closely with cross-functional teams, including developers, QA, and operations, to ensure security is considered at every stage of application development.​
• Develop and maintain application security standards, guidelines, and best practices.​
• Evaluate, implement, and manage application security tools such as SAST, DAST, and IAST solutions.​
• Participate in incident response activities related to application security breaches, including root cause analysis and remediation planning.​
• Provide training and guidance to development teams on secure coding practices and emerging security threats.​

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.​
• Extensive experience in application security, software development, or related roles.​
• Proven experience with secure coding practices, security assessments, authentication/authorisation design, cryptography, API protection and integrating security into the SDLC.
• Proven record of facilitating threat‑modelling and delivering risk‑balanced solutions to engineering teams.
• Experience integrating and tuning security‑testing tools in CI/CD workflows.
• Strong understanding of application security frameworks and standards (e.g., OWASP ASVS, SAMM, NIST).​
• Proficiency in programming languages such as Java, Kotlin, or Python.​
• Exoerience with cloud security principles and securing applications in cloud environments (AWS in particular).​
• Clear, persuasive communication skills for both technical and non‑technical audiences.
• Ability to work independently and manage multiple projects simultaneously.​

• Be part of one of the fastest-growing and most visible Fintech startups in Europe, creating innovative services that have a substantial impact on the lives of our customers
• Work with an international, diverse, inclusive, and ever-growing team that loves creating the best products for our clients
• Work from our centrally located offices in the heart of Munich or Berlin, nestled in lively neighborhoods filled with vibrant restaurants, cozy cafés, and a wide range of convenient amenities or choose to work remotely within Germany
• Be productive with the latest hardware and tools
• Learn and grow by joining our in-house knowledge sharing or career development sessions and spending your individual Education Budget 
• Learn and experience German culture first hand by joining our free German language classes
• International relocation support is provided if required 
• Flexible vacation policy and the opportunity to work from abroad
• Benefit from an attractive compensation package and from the company pension scheme
• Monthly contribution of 50% for the 'Deutschland Jobticket'
• Say goodbye to order commissions and say hello to your complimentary subscription of Scalable Capital's PRIME+ Broker
• Enjoy flexible and discounted sports activities with Urban Sports Club

#LI-Hybrid