Senior Offensive Security Engineer

About Us

With over 150 million global active users and 2 million transactions per day, Klarna is on the way to becoming the world’s favorite way to shop. To help us get there, we’re assembling an unparalleled global talent team—accelerating individual careers, and disrupting entire industries. We’re looking for people ready to achieve the extraordinary and embrace our bold ambitions as we shape the future of payments and fintech.

What You Will Do

As a Senior Offensive Security Engineer at Klarna, you will be at the forefront of safeguarding our digital infrastructure and customer data. This position demands a blend of hacking skills, creativity, and a deep understanding of cyber threats. You will simulate sophisticated cyber attacks to identify vulnerabilities, ensuring Klarna's resilience against real-world threats. Collaborating with cross-functional teams, you will provide actionable insights to fortify our security posture.

Key Responsibilities

• Conduct white-box and black-box penetration testing against internal and public-facing applications and assets.
• Manage, triage, and investigate Bug Bounty submissions and external pentest findings.
• Perform variant analysis on issues discovered through all channels.
• Research and perform security analyses on Klarna’s 3rd-party solutions.
• Develop tooling to support reconnaissance, automation, and metrics collection.
• Provide expert guidance to developers, other product security teams, and the SOC in investigating issues.
• Spread awareness of offensive security practices via demos, workshops, and training.
• Assess the security of our tech stack through whatever means are best suited.
• Define what we focus on to provide the most value.
• Help further mature Klarna’s security program.

Who You Are

• Strong experience with penetration testing and other technical security assessments.
• Experience identifying security issues in code, particularly within Java and Node.js.
• Experience with cloud environments, particularly AWS and modern micro-service design principles.
• Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting.
• Comfortable scripting and contributing to larger projects in Python.
• Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna.
• Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, etc.
• CTF Participation and active contributions to the cybersecurity community.

What We Offer

• Collaboration within a diverse team that values innovation and creativity.
• Culture - You'll have an opportunity to work with people from 90+ different countries in our English-speaking offices in Milan city center.
• A challenging scope with the opportunity to work with latest technologies.

Closing

Please include a CV in English.

Since 2005 Klarna has been on a mission to revolutionize the retail banking industry. With over 150 million global active users and 2 million transactions per day, Klarna is meeting the changing demands of consumers by saving them time and money while helping them be informed and in control.

Over 450,000 global retail partners, including H&M, Saks, Sephora, Macys, IKEA, Expedia Group, and Nike have integrated Klarna's innovative technology to deliver a seamless shopping experience online and in-store. Klarna has over 3,500 employees and is active in 45 markets.