On our path to becoming the world’s favorite way to shop, we’re assembling an unparalleled global talent network, accelerating individual careers, and disrupting entire industries. We are on a mission to liberate humanity from all the meaningless time spent managing their purchases and finances, so they can do more of what they love. We’re in search of global talent eager to embrace our atmosphere and defy their own expectations.
Engineering at Klarna is an inspired, customer-focused community, dedicated to crafting solutions that redefine our industry. Working in small, highly collaborative Agile teams, you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers.
At Klarna we optimise for quality, fast feedback, continuous improvement, testing, monitoring and experimentation. We aim for teams that are inclusive, helpful and have a strong sense of ownership for the things they build.
As a Senior Offensive Security Engineer at Klarna, you will be at the forefront of safeguarding our digital infrastructure and customer data. This role demands a blend of hacking skills, creativity, and a deep understanding of cyber threats. You will simulate sophisticated cyber attacks to identify vulnerabilities, ensuring Klarna's resilience against real-world threats. Collaborating with cross-functional teams, you will provide actionable insights to fortify our security posture.
What you'll get to do
- Break all the things
- Conduct white-box and black-box penetration testing against internal and public-facing applications and assets
- Manage, triage, and investigate Bug Bounty submissions and external pentest findings
- Perform variant analysis on issues discovered through all channels
- Research and perform security analyses on Klarna’s 3rd-party solutions
- Develop tooling to support reconnaissance, automation, and metrics collection
- Provide expert guidance to developers, other product security teams, and the SOC in investigating issues
- Spread awareness of offensive security practices via demos, workshops, and training
- Assess the security of our tech stack through whatever means are best suited
- Define what we focus on to provide the most value
- Help further mature Klarna’s security program
To succeed in this role, we think you should have/be:
- Strong experience with penetration testing and other technical security assessments
- Experience identifying security issues in code, particularly within Java and Node.js
- Experience with cloud environments, particularly AWS and modern micro-service design principles
- Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting
- Comfortable scripting and contributing to larger projects in Python
- Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna
- Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al
- CTF Participation and active contributions to the cybersecurity community
What we offer
- A role where you can make an impact from day one, with the opportunity to see the immediate effects of your work.
- Collaboration within a diverse team that values innovation and creativity.
- Culture - You'll have an opportunity to work with people from 90+ different countries in our English-speaking offices in Milan city center
- A challenging scope with the opportunity to work with latest technologies
We also believe in contributing back to the open-source community. You can find some of our work herehttps://github.com/klarna.
How to apply: Send your CV in English and we'll be in touch!
