Head of Product Security

We are looking for a Head of Product Security to join our teams!

Requirements:

- 8+ years of experience in Product Security, Application Security, or DevSecOps
- Proven experience building or scaling a Product Security function in a product-based organization
- Strong expertise in Secure SDLC and security integration into modern development workflows
- Hands-on experience with application security testing, threat modeling, and secure architecture reviews
- Strong understanding of cloud-native architectures and product-related cloud security risks
- Experience managing multi-disciplinary security teams across AppSec, Pentest, DevSecOps, and Cloud Security
- Experience owning vulnerability lifecycle management with risk-based prioritization
- Ability to translate technical security risks into business impact and decisions
- Strong written and verbal communication skills in English

Will be a plus:

- Experience in iGaming, FinTech, SaaS, or other regulated industries
- Hands-on experience with Kubernetes and containerized environments
Exposure to red teaming or adversary simulation
- Familiarity with security-related compliance frameworks (e.g. ISO 27001, PCI DSS, SOC 2)

Responsibilities:

- Build and own the end-to-end Product Security lifecycle across all company products
- Define, implement, and enforce Secure SDLC, embedding security from design through production
- Lead and manage Product Security teams including Pentesting, Application Security, Application Security Architecture, DevSecOps, and Cloud Security Operations
- Drive security architecture reviews and threat modeling for new and existing products
- Own product vulnerability management, including discovery, triage, prioritization, remediation tracking, and verification
- Define and oversee pentesting and offensive security strategy, scope, cadence, and remediation follow-up
- Ensure secure usage of cloud-native services, APIs, and third-party dependencies within products
- Partner with Engineering, Product, and Infrastructure leadership to align security with business objectives
- Lead product-related security incidents, including root cause analysis and long-term corrective actions
- Define and report Product Security KPIs and metrics to executive stakeholders

Technical Stack:

- Application & Product Security: SAST, DAST, SCA, secrets scanning, secure code review, threat modeling
- Cloud Security: AWS, GCP; cloud-native services, IAM, least-privilege models; zero trust tools and approach.
- DevSecOps & CI/CD: CI/CD pipelines, security automation, Infrastructure as Code, secrets management
- Container & Platform Security: Docker, Kubernetes, container image and runtime security
- Pentesting & Offensive Security: Web, API, mobile, and cloud pentesting, remediation validation
- Monitoring & Incident Response: Centralized logging, product-level detection, SOC integration

Our benefits to you:

☘️An exciting and challenging job in a fast-growing holding, the opportunity to be part of a multicultural team of top professionals in Development, Architecture, Management, Operations, Marketing, Legal, Finance and more
🤝🏻Great working atmosphere with passionate experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed
🧑🏻‍💻Modern corporate equipment based on macOS or Windows and additional equipment are provided
🏖Paid vacations, sick leave, personal events days, days off
💵Referral program — enjoy cooperation with your colleagues and get the bonus
📚Educational programs: regular internal training sessions, compensation for external education, attendance of specialized global conferences
🎯Rewards program for mentoring and coaching colleagues
🗣Free internal English courses
✈️In-house Travel Service 
🦄Multiple internal activities: online platform for employees with quests, gamification, presents and news, PIN-UP clubs for movie / book / pets lovers and more
🎳Other benefits could be added based on your location