Offensive Security Engineer
Milan, Italy
6 gg fa

Klarna makes shopping smoooth. And we do it with flair because shopping is fun. Every day, we help customers, businesses, and partners explore just how smoooth the modern shopping experience can be.

It means we’re constantly changing the game. Always trying out new things. And we encourage our people to do the same. To grow.

To develop. Because we don’t believe roles have to stay fixed. Instead we inspire our people to take an irregular career path.

As a company of 350 dynamic start-ups, our whole business is built for it. So once you’re in, there’s no telling what will happen next.

Engineering at Klarna is an inspired, customer focused community, dedicated to crafting solutions that redefine our industry.

Working in small, highly collaborative Agile teams, you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers.

At Klarna we optimise for quality, flow, fast feedback, focussing on end-to-end ownership, continuous improvement, testing, monitoring and experimentation.

We aim for teams that are inclusive, helpful, and have a strong sense of ownership for the things they build.Our engineers make some of the most significant decisions for the company and we are looking for bold, open and curious developers.

As a Klarnaut, you’ll be inspired to contribute to the growth of Europe’s most highly valued fintech and your work will reach millions of users.

Want to be part of the change? We're expanding several of our engineering teams, including; teams working on our core checkout product, payment services, fraud prevention, or improving our billing service and shipping credentials to name a few.

You are a hacker. You love breaking stuff. You are also an engineer. We want to give you the freedom to work across the offensive space where it provides the most value.

What you'll get to do

  • Break all the things.
  • Conduct white-box and black-box penetration testing against internal and public-facing applications and assets.
  • Manage, triage, and investigate Bug Bounty submissions and external pentest findings.
  • Perform variant analysis on issues discovered through all channels.
  • Research and perform security analyses on Klarna’s 3rd-party solutions.
  • Develop tooling to support reconnaissance, automation, and metrics collection.
  • Provide expert guidance to developers, other product security teams, and the SOC in investigating issues.
  • Spread awareness of offensive security practices via demos, workshops and training.
  • Assess the security of our tech stack through whatever means are best suited.
  • Define what we focus on to provide the most value.
  • Help further mature Klarna’s security program.
  • Some of the technologies you'll get to work with

  • Python or
  • We also believe in contributing back to the open-source community. You can find some of our work here .

    To succeed in this role, we think you should have / be

  • Strong experience with penetration testing and other technical security assessments.
  • Experience identifying security issues in code, particularly within Java and
  • Experience with cloud environments, particularly AWS and modern micro-service design principles.
  • Comfortable communicating findings clearly and effectively, with concrete remediation recommendations beyond simple issue reporting.
  • Comfortable scripting and contributing to larger projects in Python.
  • Able to take initiative and be comfortable taking on projects that contribute to the larger security culture and posture at Klarna.
  • Industry recognised certifications, e.g. OSCP, OSWE, CREST, GIAC, AWS, et. al.
  • CTF Participation and active contributions to the cybersecurity community.
  • What we can offer you

  • Culture - You'll have an opportunity to work with talented people from 90+ different countries in our brand new English speaking offices.
  • Learning - We have a learning and development focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks, as well as a generous training budget.
  • Compensation - You’ll receive an attractive salary, pension, and insurance plans, plus we offer all of our employees an opportunity to invest in a RSU program and own a stake of the company.
  • You’ll also receive 30 days annual leave and since we recognise that life is about more than work, we also offer benefits for gym memberships and discounted lunch through Smunch.

    We also support our working parents, so you don’t have to choose between work and family.

    How to apply : please send us your CV or Linkedin profile in EnglishWe know diverse teams are strong teams, so we welcome those with alternative identities, backgrounds, and experiences.

    Our teams include women, men, mothers, fathers, the self-taught, the college-educated, and people from all over the world.

    Segnala questo annuncio

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Invia candidatura
    La mia Email
    Cliccando su “Continua”, autorizzo neuvoo ad utilizzare i miei dati ed inviarmi avvisi email come menzionato nella sezione Politica sulla Privacy di neuvoo. Posso ritirare il mio consenso e cancellare la registrazione in qualsiasi momento.
    Modulo di candidatura