Publicerad: 2024-09-05
Senior Offensive Security Engineer
Senior Software Engineer - IAM & Security
We are on a mission to liberate humanity from all the meaningless time spent managing their purchases and finances, so they can do more of what they love. Klarna was founded on a bold belief: that people are capable of achieving the extraordinary, even when faced with the seemingly impossible. Our journey has been one of continuous learning, facing immense challenges head-on, dedicating countless hours of hard work, and never wavering in our commitment or resilience - and now we are looking for individuals to join us on our journey and contribute to our mission.
What You Will Do
As a Senior Offensive Security Engineer at Klarna, you will be at the forefront of safeguarding our digital infrastructure and customer data. This position demands a blend of hacking skills, creativity, and a deep understanding of cyber threats. You will simulate sophisticated cyber attacks to identify vulnerabilities, ensuring Klarna's resilience against real-world threats. Collaborating with cross-functional teams, you will provide actionable insights to fortify our security posture.
- Conduct white-box and black-box penetration testing against internal and public-facing applications and assets
- Manage, triage, and investigate Bug Bounty submissions and external pentest findings
- Perform variant analysis on issues discovered through all channels
- Research and perform security analyses on Klarna’s 3rd-party solutions
- Develop tooling to support reconnaissance, automation, and metrics collection
- Provide expert guidance to developers, other product security teams, and the SOC in investigating issues
- Spread awareness of offensive security practices via demos, workshops, and training
- Assess the security of our tech stack through whatever means are best suited
- Define what we focus on to provide the most value
- Help further mature Klarna’s security program
Who You Are
- Strong experience with penetration testing and other technical security assessments
- Experience identifying security issues in code, particularly within Java and Node.js
- Experience with cloud environments, particularly AWS and modern micro-service design principles
- Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting
- Comfortable scripting and contributing to larger projects in Python
- Able to take the initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna
- Industry recognized certifications, e.g., OSCP, OSWE, CREST, GIAC, AWS, et. al
- CTF Participation and active contributions to the cybersecurity community
What We Offer
- Collaboration within a diverse team that values innovation and creativity.
- Culture - You'll have an opportunity to work with people from 90+ different countries in our English-speaking offices in Milan city center
- A challenging scope with the opportunity to work with latest technologies
Closing
- Please include a CV in English.