Senior Offensive Security Engineer

About Us

With over 85 million global active users and 2,5 million transactions per day, Klarna is on the way to becoming the world’s favorite way to shop. To help us get there, we’re assembling an unparalleled global talent team—accelerating individual careers, and disrupting entire industries. We’re looking for people ready to achieve the extraordinary and embrace our bold ambitions as we shape the future of payments and fintech. Will you join us?

What You Will Do

As a Senior Offensive Security Engineer at Klarna, you will be at the forefront of safeguarding our digital infrastructure and customer data. This position demands a blend of hacking skills, creativity, and a deep understanding of cyber threats. You will simulate sophisticated cyber attacks to identify vulnerabilities, ensuring Klarna's resilience against real-world threats. Collaborating with cross-functional teams, you will provide actionable insights to fortify our security posture.

• Conduct white-box and black-box penetration testing against internal and public-facing applications and assets
• Manage, triage, and investigate Bug Bounty submissions and external pentest findings
• Perform variant analysis on issues discovered through all channels
• Research and perform security analyses on Klarna’s 3rd-party solutions
• Develop tooling to support reconnaissance, automation, and metrics collection
• Provide expert guidance to developers, other product security teams, and the SOC in investigating issues
• Spread awareness of offensive security practices via demos, workshops, and training
• Assess the security of our tech stack through whatever means are best suited
• Define what we focus on to provide the most value
• Help further mature Klarna’s security program
  

Who You Are

• Strong experience with penetration testing and other technical security assessments
• Experience identifying security issues in code, particularly within Java and Node.js
• Experience with cloud environments, particularly AWS and modern micro-service design principles
• Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting
• Comfortable scripting and contributing to larger projects in Python
• Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna
• Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al
• CTF Participation and active contributions to the cybersecurity community

What We Offer

• Collaboration within a diverse team that values innovation and creativity.
• Culture - You'll have an opportunity to work with people from 90+ different countries in our English-speaking offices in Milan city center
• A challenging scope with the opportunity to work with latest technologies

Klarna's Compensation model and Equity Offering
At Klarna, our compensation package includes a base salary and Restricted Stock Units (RSUs). To ensure fairness and maintain global market competitiveness, each role in a specific location has a set base salary. During the recruitment process, we will assess your skills and experience to determine which role is the best fit for you.
Our RSU program features a 4-year vesting schedule, allowing you to gradually become a shareholder in Klarna. Additionally, you may qualify for our Contribution-Based Reward (CBR) program, which recognizes and rewards significant contributions to our success.

Closing 
Please include a CV in English.