Senior Secure Development Engineer
2024-02-19
Engineering at Klarna is an inspired, customer focused community, dedicated to crafting solutions that redefine our industry. Working in small, highly collaborative Agile teams, you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers. At Klarna we optimise for quality, flow, fast feedback, focussing on end-to-end ownership, continuous improvement, testing, monitoring and experimentation. We aim for teams that are inclusive, helpful, and have a strong sense of ownership for the things they build.
Our engineers make some of the most significant decisions for the company and we are looking for bold, open and curious developers. As a Klarnaut, you'll be inspired to contribute to the growth of Europe's most highly valued fintech and your work will reach millions of users.
If your background is in software engineering and you want to lean into architecting and working with engineering teams to provide early input and hands-on code development to address the application security aspects when building web services and APIs, this role is for you.
Join our Secure Development team
The team is missioned to empower engineers to design, build, and deliver secure software swiftly through standardized tools and processes, continuous learning, and fostering a security-focused culture within Klarna's engineering division. We help engineering prevent and solve flaws that arise in the planning and development phases through architecture reviews, threat modeling, and various automated tools and processes.
What you'll get to do
Perform threat modeling, architecture and design reviews. Help design hard-to-break applications and services.
Take an active role in architectural decisions. Work with engineering teams and drive security improvements.
Continuously build and improve our security tooling, automation and processes.
Perform security assessment (code reviews and penetration testing) of Klarna services.
Contribute to the internal engineering security community.
To succeed in this role, we think you should have
A pragmatic approach to solving security issues in ways that achieve the best effect
Great problem-solving abilities
Experience in writing and reviewing code in at least one of the following programming languages: JavaScript (NodeJS), Python, Go, Erlang, Java or Scala
Advanced knowledge and understanding in various disciplines: web application security, mobile app security, network security, operating system internals and hardening, applied cryptography, cloud computing. You're expected to be an expert in at least one of these areas.
Strong communication skills in English
Nice to have
Experience in penetration testing, source code review, design review, threat modeling, security mitigation development, or security tooling development
Participating in BugBounty and CTF
Effective communication skills that engage your audience
We do not offer relocation support for this role.
