We are on a mission to liberate humanity from all the meaningless time spent managing their purchases and finances, so they can do more of what they love. Klarna was founded on a bold belief: that people are capable of achieving the extraordinary, even when faced with the seemingly impossible. Our journey has been one of continuous learning, facing immense challenges head-on, dedicating countless hours of hard work, and never wavering in our commitment or resilience - and now we are looking for individuals to join us on our journey and contribute to our mission.

What You Will Do

As a Senior Offensive Security Engineer at Klarna, you will be at the forefront of safeguarding our digital infrastructure and customer data. This position demands a blend of hacking skills, creativity, and a deep understanding of cyber threats. You will simulate sophisticated cyber attacks to identify vulnerabilities, ensuring Klarna's resilience against real-world threats. Collaborating with cross-functional teams, you will provide actionable insights to fortify our security posture.

Conduct white-box and black-box penetration testing against internal and public-facing applications and assets
Manage, triage, and investigate Bug Bounty submissions and external pentest findings
Perform variant analysis on issues discovered through all channels
Research and perform security analyses on Klarna’s 3rd-party solutions
Develop tooling to support reconnaissance, automation, and metrics collection
Provide expert guidance to developers, other product security teams, and the SOC in investigating issues
Spread awareness of offensive security practices via demos, workshops, and training
Assess the security of our tech stack through whatever means are best suited
Define what we focus on to provide the most value
Help further mature Klarna’s security program

Who You Are

Strong experience with penetration testing and other technical security assessments
Experience identifying security issues in code, particularly within Java and Node.js
Experience with cloud environments, particularly AWS and modern micro-service design principles
Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting
Comfortable scripting and contributing to larger projects in Python
Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna
Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al
CTF Participation and active contributions to the cybersecurity community

What We Offer

Collaboration within a diverse team that values innovation and creativity.
Culture - You'll have an opportunity to work with people from 90+ different countries in our English-speaking offices in Milan city center
A challenging scope with the opportunity to work with latest technologies

Closing