Product Security Architect
Overview:
FinteqHub is looking for a Product Security Architect to help design and scale secure architecture for our fintech platform. This role combines strategic ownership of product security with hands-on involvement in the secure development lifecycle. You’ll work closely with engineering, product, and compliance teams to ensure security is embedded into our platform from design to release.
Key responsibilities:
- Design and evolve the security architecture for a modern fintech platform.
- Act as a security partner in product and infrastructure design reviews.
- Drive secure design consultations by partnering with product architects and developers on new feature development, architecture reviews, and major refactors.
- Lead threat modelling, define secure-by-default design patterns.
- Oversee the remediation lifecycle of application vulnerabilities from different sources (SAST, DAST, SCA, penetration testing, etc.) – collaborate with the triage team, track fix implementation, and ensure resolution meets SLAs and compliance expectations.
- Contribute to internal secure coding awareness initiatives.
- Support audits and compliance processes (e.g. PCI DSS, DORA, GDPR).
Requirements:
- 5+ years of experience in Application Security, Product Security, or Security Architecture roles.
- Strong knowledge of modern application architectures (e.g., microservices, containerised deployments, cloud-native apps).
- Experience participating in or leading security design reviews for products and infrastructure.
- Hands-on experience with secure SDLC, threat modelling, and design of secure-by-default systems.
- Proven experience working with SAST, DAST, SCA tools and managing the full vulnerability lifecycle.
- Familiarity with secure coding practices and the ability to influence engineering teams.
- Strong understanding of at least one major cloud provider (GCP, AWS or Azure).
- Experience supporting security audits and compliance efforts (e.g. PCI DSS, DORA, ISO 27001).
- Excellent communication skills and ability to partner with cross-functional teams (engineering, product, compliance).
Nice to have:
- Knowledge of CI/CD pipelines and how to embed security controls.
- Programming skills in Golang, Python.
- Experience with containers and Kubernetes security.
- Background in fintech, banking, or other regulated environments.
- Relevant certifications (e.g. CSSLP, OSWE, CISSP, AWS Certified Security – Speciality, Google Professional Cloud Security Engineer).
- Proficiency in PostgreSQL security mechanisms (encryption, auditing, access control).
Our benefits:
- Flexible Work Options
Enjoy the freedom to choose your ideal work setting – whether it’s remote work with flexible hours or joining our vibrant offices in Poland, Georgia, Malta or Cyprus. Work where you feel most productive and inspired. - Health & Well-being Support
We prioritize your well-being. Our benefits include private health insurance, access to sports activities, and a comprehensive mental health support program to help you stay balanced and energized. - Professional Growth & Community
Join a team of experienced professionals and become part of a community of top specialists. We support your growth through free online English lessons, internal and external training, workshops, and opportunities to attend professional conferences. Here, you can develop, realize your potential, and contribute to the creation of a high-quality product that brings real value to users and businesses. - Generous Leave Benefits
Enjoy fully paid vacations, one additional personal day off, and four sick days per year – because your well-being matters. - Attractive Referral Program
Work alongside the best! Recommend skilled professionals you’d love to collaborate with and receive generous bonuses for every successful referral.