Overview

Klarna makes shopping smoooth. And we do it with flair because shopping is fun. Every day, we help customers, businesses, and partners explore just how smoooth the modern shopping experience can be.
It means we’re constantly changing the game. Always trying out new things. And we encourage our people to do the same. To grow. To develop. Because we don’t believe roles have to stay fixed. Instead we inspire our people to take an irregular career path. As a company of 350 dynamic start-ups, our whole business is built for it. So once you’re in, there’s no telling what will happen next.
Security lies at the core of all the things we do at Klarna and we’re looking for people passionate about taking our security operations in a highly dynamic environment to the next level. In the Application Security / Vulnerability Management team, we’re assessing the security of everything that is built and run in Klarna’s IT environments through both manual and automated assessments. To help us do this at scale, we’re also building tools and mechanisms for giving us a continuous real-time view of identified security issues.  We constantly challenge our ways of working to make sure we’re keeping up with Klarna’s fast-paced development progress. In order to achieve that, we’re focusing heavily on automating all things that can be automated. We see an ever growing need to ensure the solutions we build are secure, and are therefore now looking for security engineers with solid experience of identifying and remediating vulnerabilities in today’s common technologies as well as the ability and passion to quickly take on tomorrow’s technologies.
Equally as important to be able to break things is to be able to communicate to developers and other stakeholders how you broke it, why you were able to break it and how to make sure it’s not possible to break again. We therefore expect you to have excellent verbal and written communication skills and the ability to help developers do the right thing by explaining issues from their point of view. If you have previous software development experience that’s a huge plus. If you have previous experience with “shifting left” by embedding with software development teams and help them build security into solutions early on in the development process that’s also a huge plus. Our team is looking to make sure our findings from security assessments can benefit all of Klarna, and we therefore share our time between performing assessments and building solutions that enable us to automatically catch issues in the build process.
If you feel at home when breaking solutions using the latest technologies in cloud environments and are passionate about creating solutions that scale security assessment processes through automation, this is a position for you. You will get a lot of opportunities to shape how we best secure our environments on all levels of our tech stack today and in the future – networks, systems,  containers, orchestration layers, CI/CD pipelines, and more.

You will:

    • Help engineering teams by performing security assessments of their products where you identify, quantify and help mitigate security flaws early in all phases of the product development process
    • Provide tooling that supports engineering teams in writing secure code as well as training in secure development practices
    • Build tools to handle everything that’s better suited for automating than doing manually
    • Work with engineering teams to drive security improvements
    • Take an active role in architectural decisions
    • Work with software development and enjoy finding and fixing security bugs
    • You’re pragmatic and likes to use metrics to prove value
    • Working as a team is part of your DNA; we respect and support each other

You have several of the following:

    • Experience in providing practical solutions that enable development teams to meet business goals while controlling security risk
    • Experience within penetration testing and other forms of technical security assessments
    • Experience in securing a micro-service architecture
    • Experience with building your own tools, preferably in Python or NodeJS
    • Experience and understanding of modern tech stacks and dynamic environments – containers, CI/CD pipelines, cloud environments
    • A pragmatic approach to solving security issues in ways that achieve the best effect within the organization

What we offer:

    • Competitive salary
    • 30 days of annual leave every year
    • Generous occupational pension and insurance plans
    • Flexible work schedule
    • International working environment in central Berlin
    • Learning and development focused environment with an emphasis on knowledge sharing, training and regular internal technical talks
    • Relocation support
This is an exciting time to join our Application Security / Vulnerability Management team as we are growing and exploring new areas within the security domain.
How to apply
Send your CV in English and we will get in touch with you.