Arbetsbeskrivning

Senior Software Engineer - IAM & Security

We are on a mission to liberate humanity from all the meaningless time spent managing their purchases and finances, so they can do more of what they love. Klarna was founded on a bold belief: that people are capable of achieving the extraordinary, even when faced with the seemingly impossible. Our journey has been one of continuous learning, facing immense challenges head-on, dedicating countless hours of hard work, and never wavering in our commitment or resilience - and now we are looking for individuals to join us on our journey and contribute to our mission.

What You Will Do

As a Senior Offensive Security Engineer at Klarna, you will be at the forefront of safeguarding our digital infrastructure and customer data. This position demands a blend of hacking skills, creativity, and a deep understanding of cyber threats. You will simulate sophisticated cyber attacks to identify vulnerabilities, ensuring Klarna's resilience against real-world threats. Collaborating with cross-functional teams, you will provide actionable insights to fortify our security posture.

• Conduct white-box and black-box penetration testing against internal and public-facing applications and assets
• Manage, triage, and investigate Bug Bounty submissions and external pentest findings
• Perform variant analysis on issues discovered through all channels
• Research and perform security analyses on Klarna’s 3rd-party solutions
• Develop tooling to support reconnaissance, automation, and metrics collection
• Provide expert guidance to developers, other product security teams, and the SOC in investigating issues
• Spread awareness of offensive security practices via demos, workshops, and training
• Assess the security of our tech stack through whatever means are best suited
• Define what we focus on to provide the most value
• Help further mature Klarna’s security program

Who You Are

• Strong experience with penetration testing and other technical security assessments
• Experience identifying security issues in code, particularly within Java and Node.js
• Experience with cloud environments, particularly AWS and modern micro-service design principles
• Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting
• Comfortable scripting and contributing to larger projects in Python
• Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna
• Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al
• CTF Participation and active contributions to the cybersecurity community

What We Offer

• Collaboration within a diverse team that values innovation and creativity.
• Culture - You'll have an opportunity to work with people from 90+ different countries in our English-speaking offices in Milan city center
• A challenging scope with the opportunity to work with latest technologies

Closing

• Please include a CV in English.