Product Security Architect

Overview:

SOFTSWISS continues to expand the team and is looking for a Product Security Architect to help design and scale secure architecture for our fintech platform. This role combines strategic ownership of product security with hands-on involvement in the secure development lifecycle. You’ll work closely with engineering, product, and compliance teams to ensure security is embedded into our platform from design to release.

About Product:

FinteqHub

А PCI DSS certified payment gateway for online businesses, providing integration with payment systems via a single software platform.
Learn more

Key responsibilities:

• Design and evolve the security architecture for a modern fintech platform 
• Act as a security partner in product and infrastructure design reviews 
• Drive secure design consultations by partnering with product architects and developers on new feature development, architecture reviews, and major refactors
• Lead threat modelling, define secure-by-default design patterns 
• Oversee the remediation lifecycle of application vulnerabilities from different sources (SAST, DAST, SCA, penetration testing, etc.) – collaborate with the triage team, track fix implementation, and ensure resolution meets SLAs and compliance expectations 
• Contribute to internal secure coding awareness initiatives Support audits and compliance processes (e.g. PCI DSS, DORA, GDPR)

Requirements:

• 5+ years of experience in Application Security, Product Security, or Security Architecture roles 
• Strong knowledge of modern application architectures (e.g., microservices, containerised deployments, cloud-native apps) 
• Experience participating in or leading security design reviews for products and infrastructure 
• Hands-on experience with secure SDLC, threat modelling, and design of secure-by-default systems 
• Proven experience working with SAST, DAST, SCA tools and managing the full vulnerability lifecycle 
• Familiarity with secure coding practices and the ability to influence engineering teams Strong understanding of at least one major cloud provider (GCP, AWS or Azure)
• Experience supporting security audits and compliance efforts (e.g. PCI DSS, DORA, ISO 27001) 
• Excellent communication skills and ability to partner with cross-functional teams (engineering, product, compliance)
• Intermediate or higher English and Russian (B1+)

Nice to have:

• Knowledge of CI/CD pipelines and how to embed security controls 
• Programming skills in Golang, Python 
• Experience with containers and Kubernetes security 
• Background in fintech, banking, or other regulated environments 
• Relevant certifications (e.g. CSSLP, OSWE, CISSP, AWS Certified Security – Speciality, Google Professional Cloud Security Engineer) 
• Proficiency in PostgreSQL security mechanisms (encryption, auditing, access control)

Learn more about our hiring process here – what to expect, how to prepare, and what makes SOFTSWISS different.

What we offer:

• Full-time remote work opportunities and flexible working hours
• Comprehensive Mental Health Programme
• Private insurance
• Sports program compensation
• Free online English lessons
• An additional 1 Day off per calendar year
• Generous referral program
• Training, internal workshops, and participation in international professional conferences and corporate events

About Us:

SOFTSWISS is an international company, and an iGaming software expert. We don’t only follow iGaming market trends, we create them! SOFTSWISS is a recognised industry leader in iGaming software solutions development, covering almost all aspects of the iGaming industry. The company has an international team and an official presence in several countries. Projects powered by SOFTSWISS receive numerous awards and accolades from industry media.

Our Mission:

Changing the iGaming industry through technological innovation.