From Backend Lead to Product Owner: Jorge Costa (CYAN Security Group GmbH) on Clarity, Communication, and Building Security That Matters

Why this devstory stands out

At DevJobs.at, we pay special attention when a seasoned engineer walks us through a shift from coding to product ownership. That transition—from “I’ll fix it” to “I’ll enable others to fix it”—cuts to the core of how modern tech organizations operate. In “Jorge Costa, Product Manager bei cyan Digital Security,” speaker Jorge Costa (CYAN Security Group GmbH) offers a concise, candid look into that pivot: from Portugal to Vienna, from developer to backend team lead, and—since January 2025—to Product Owner. His driving force is simple and powerful: don’t let things stay the same; make them better.

This article traces Jorge’s journey, the mechanics of his work across product, sales, and engineering, and the operating principles he now champions: transparency, end-state clarity, and communication. The takeaway: technical depth doesn’t hold you back in a product role—it becomes a springboard for impact.

Portugal to Vienna: a path into product

Jorge’s story starts in Portugal. He studied to become a software developer, then moved to Vienna, initially working as a developer “in other fields.” Around six years ago he began his journey with cyan—first as a developer, then as a backend team lead, and now as a Product Owner (since January 2025).

The thread running through his choices is unmistakable: “I have this mentality of trying to fix things, trying to make them better. I don’t like that things stay the same.” That fixer mindset isn’t about control; it’s about outcomes. It’s why management saw his potential for product ownership—and why he embraced the change despite its scarier parts: he would no longer write code himself, but instead enable others to deliver.

The leap: from fixing yourself to organizing impact

Jorge calls the move “a scary decision.” It’s honest—and relatable. As a developer or team lead, you can spot a problem and patch it immediately. As a Product Owner, your lever shifts:

That shift brings two realities: more work, and a different kind of reward. “It’s more work because you need to lean on other people,” he says. But when teams deliver against a clear goal, the outcome is satisfying in a way that individual fixes cannot match. That’s where Jorge locates his role: sharpen goals, make priorities explicit, broaden context—so implementation clicks into place.

CYAN Security Group GmbH: building between a core product and telco white-label

Jorge’s product world runs in two tempos: an in-house product and white-label solutions for telecommunications companies. That requires careful prioritization—and persistence under deadlines.

• With the product team: identify the most important improvements and new developments for the product.
• With sales and customer-facing colleagues: capture market needs, especially from telco clients.
• With engineering: turn inputs into stories, guide the teams, explain the why, and drive delivery.

Method: Scrum. Reality: “tight deadlines”—particularly in the context of large telco customers. The tension: balancing long-term product investments with client-specific features that must land quickly. Jorge frames it as a constant: “We need to always push for our product, but also then figure out a way for the features that the telcos want.”

Stories, end states, and persuasion: how Jorge turns inputs into output

Jorge does not describe his role as a passive mailbox for requirements. He “materializes” the inputs from product and sales by shaping clear user stories and walking them through with engineering. His verbs are telling: guide, talk, convince—why we need to do this, and in this way.

What matters most to him is that the team understands the end state. Developers should know why they’re building something, who interacts with it, and how it will be used.

There’s a practical reason behind that stance: when teams just “do what they’re told,” without context, they don’t think outside the box. They remain stuck at the micro-level of implementation. Lack of context degrades product quality. That’s why transparency is his core principle: “We should not contain information at all.”

Security that hits home: why the product matters

Jorge likes the product—and grounds that in something personal. He thinks of his parents, who repeatedly get close to being scammed. That’s where the relevance of security becomes tangible: phishing and fraud aren’t abstractions; they happen to the people we care about.

This lens influences daily product decisions: a security product has value when it protects in everyday life. That’s why Jorge doesn’t treat feature requests like checkboxes; he evaluates them through the lens of utility—clear, effective, and reliable.

Evolution over stasis: from hardware to mobile, Windows, and DOH

Another point Jorge highlights is the company’s refusal to stand still. The product line evolved—from a hardware solution (before his time) to a mobile application, Windows clients, and DOH clients.

This is more than a list of endpoints. It showcases Jorge’s impulse to broaden reach and deepen integration. If security is to help more people, it must show up where they are. Mobile, desktop, and network-level clients—all of it underscores a pattern consistent with his “fixer” mentality: optimize where users actually feel the difference.

Small team, big telcos: culture and execution make it possible

Jorge speaks warmly about the environment: “The office is great—and the people.” Team dynamics, collaboration, and a shared desire to “make it work” are the invisible assets he highlights.

What he finds remarkable is that a relatively small company can deliver services to very large telco customers: “It’s fantastic that with this small group of people, we can still manage to provide services for these big telcos.” That statement captures a culture that doesn’t rely on scale, but on competence, focus, and teamwork.

Communication principles from a tech-rooted Product Owner

Perhaps the strongest lesson in Jorge’s talk concerns communication and context. He carries the perspective of a former team lead “who wanted a product owner.” From that vantage point, he distills what matters in the role:

• Clarity about the end state: know what the outcome will be—and for whom.
• Full-context visibility: which teams interact, for what purpose, and with what dependencies.
• Radical openness: don’t hold back information. Teams need context to make good decisions.
• Audience-savvy communication: “You need to know who to talk to if you want to fix one thing or develop another.”

These principles are both craft and culture. They define how trust is built and how teams take ownership.

The day-to-day: Scrum, deadlines, and prioritization

The theory is clear; practice is a matter of rhythm: sprint by sprint, deadline by deadline. When large telco requirements collide with the product backlog, prioritization happens along two axes:

1) What advances the product in the long run?

2) What is business-critical for the customer in the short term?

Jorge describes that balance as a constant, and he’s explicit that persuasion is part of the job. A Product Owner who merely passes messages will be pulled apart by reality. A Product Owner who prioritizes, explains, and makes trade-offs transparent strengthens delivery.

Guidance for developers who consider becoming Product Owners

Jorge’s insights translate into practical guidance—without stepping beyond what he shared:

• Keep the end in mind: never enter a sprint without a clear understanding of why something is being built.
• Translate before you drive: requirements are raw material; craft them into stories with a clear outcome and recognizable user impact.
• Trust—and demand: you no longer fix issues yourself; set the conditions for others to fix them, and hold the line on results.
• Open the info valves: prevent island knowledge; put context into teams, not just into a product board.
• Know your counterparts: product, sales, engineering—and, in cyan’s case, telcos. The right message to the right person saves time and friction.

Quotable lines from the session

These lines outline a Product Owner who comes from engineering—and turns that background into an advantage.

What we learned from “Jorge Costa, Product Manager bei cyan Digital Security”

• Product work is relationship work: product, sales, customer-facing teams, engineering—better linkage accelerates everything.
• Context beats control: teams deliver better when they grasp the purpose.
• Technical roots are an asset: former engineers translate requirements precisely and spot risks early.
• Evolution is a principle: from hardware to mobile, Windows, and DOH clients—products stay relevant when they move.

The ethics of security product work: protection for real people

The moment Jorge mentions his parents is more than a personal note. It explains why security products matter beyond industry needs. Fraud attempts are commonplace and not always obvious to spot—especially for those less steeped in technology. A product is good when it protects where vulnerability is highest.

That perspective sharpens how a Product Owner prioritizes: a complex feature is justified only if it removes complexity from users’ lives. Jorge’s focus on utility over showcase presentations acts like a compass.

A practical checklist for the role transition (derived from Jorge’s experiences)

• Define the end state: what outcome will be visible—and for whom?
• Surface dependencies: who needs to be involved (product, sales, telco, engineering)?
• Ensure story readiness: tight scope, clear benefit, and unambiguous acceptance.
• Clarify communication paths: who needs to know what, and when?
• Protect the delivery rhythm: respect the Scrum cadence, negotiate deadlines honestly, defend focus.
• Keep the balance: long-term product roadmap vs. client-specific features—prioritize both deliberately.

Conclusion: redefining responsibility—from fixer to enabler

“Jorge Costa, Product Manager bei cyan Digital Security” tells the story of an engineer who doesn’t lose responsibility in a product role—he redefines it. As a Product Owner at CYAN Security Group GmbH, Jorge nudges the organization from quick fixes toward durable outcomes. He prizes transparency, communicates with context, and stays true to an engineer’s instinct: make things better, don’t let them stand still.

Especially in security, with large telco customers and tight deadlines, that isn’t the easy road. But Jorge’s story is encouraging: change the vantage point, organize impact, and you’ll move more—For teams, for products, and for people who need protection.

• 

  

  Alexander Zlatnik, Head of Product & Technology von cyan Digital Security

  Alexander Zlatnik von cyan Digital Security gibt im Interview Einblicke in die Developer Teams, die Technologien die dort zum Einsatz kommen und wie das Recruiting im Unternehmen gestaltet ist.

  Watch now
• 

  

  Milen, Teamlead Project Managemtn at CYAN Security Group

  Watch now
• 

  

  Alexander Zlatnik, Head of Product and Development at CYAN Security Group

  Watch now
• 

  

  Markus Cserna, CTO von cyan Digital Security

  Markus Cserna von cyan Digital Security umreißt im Interview die Organisation des Cybersecurity Unternehmens, mit welchen Technologien dort gearbeitet wird und gibt Einblicke in das Recruiting und Onboarding neuer Mitarbeiter.

  Watch now

• 

  

  René Bürke, Technical Product Manager bei cyan Digital Security

  René Bürke von cyan Digital Security erzählt im Interview über seinen Karriereweg bis hin zur aktuellen Arbeit im Technical Product Management und gibt Tipps für Neueinsteiger.

  Watch now
• 

  

  Mislav Findrik, Research Engineering Lead bei cyan Digital Security

  Mislav Findrik von cyan Digital Security spricht im Interview über seinen Werdegang – angefangen von der Schule bis hin zu seiner aktuellen Arbeit – und gibt Tipps für Beginner.

  Watch now