Senior Product Security Engineer (Fintech)

TL;DR

Senior Product Security Engineer (Fintech): Owning and driving all product security activities, including establishing secure development practices and ensuring compliance with regulations and standards. Focus on building security testing frameworks and collaborating cross-functionally to strengthen product security across the entire lifecycle.

Location: Hybrid options (remote within the EU)

Company

hirify.global is the market leader in Workforce Management Software, helping companies work more intelligently, creatively, and humanely.

What you will do

• Establish and enhance secure development practices (Secure SDLC, DevSecOps), lead threat modeling, architecture and code reviews, and oversee vulnerability management and product‑related incident response.
• Build and operate security testing frameworks, covering regular, occasion‑based, and continuous testing, and monitor product‑related threat intelligence.
• Ensure compliance with relevant regulations and standards (Cyber Resilience Act, EU AI Act, GDPR, ISO 27001, SOC 2), embed required controls into development workflows, and maintain audit‑ready evidence such as SBOMs and documentation.
• Act as the primary product security contact for presales, audits, customer inquiries, and product security incidents, communicating transparently with technical and non‑technical stakeholders.
• Collaborate cross‑functionally with Legal, Information Security & Infrastructure Compliance, IT, Cloud Operations, and Product Management to align on regulatory interpretation, certification needs, and incident processes.
• Use security metrics and threat insights to continuously strengthen product security across the entire lifecycle.

Requirements

• A degree from a reputed university in computer science, information security, engineering or a related field; a Master’s or PhD is preferred.
• Extensive experience in product security, application security engineering or secure software development, including secure coding and cloud architectures.
• A proven ability to build and operationalize security frameworks and controls across complex product environments.
• Strong understanding of regulatory and certification landscapes and the ability to translate legal requirements into concrete product measures.
• English: negotiation‑ready and effective across technical and non‑technical stakeholders

Culture & Benefits

• Flexible Work Culture: Hybrid options (remote within the EU), 30 days of vacation, and a strong commitment to diversity & inclusion.
• Engaging Team Environment: Seasonal company events, team retreats, and an in-house barista.
• Health & Wellbeing: Including regular check-ups, corporate wellness programs, and Wellhub membership.
• Stability & Growth: Company listed on SDAX & TecDAX, with 20+ years of record-breaking revenue and a 30%+ EBIT margin.
• Competitive Rewards: Including profit-sharing and employee stock program.
• Structured Onboarding & Continuous Leadership Development: Clear career paths onboarding through Expert & Leadership Tracks, plus access to ATOSS Academy.