Principal Cybersecurity Engineer

About Us

At Klarna, our mission is to smooth commerce and make it easier and safer for people to shop and pay for their purchases. With our focus on customer obsession and commitment to transparency and accountability at the heart of everything we do, we are proud to be a trusted partner to 85 million consumers and 575,000 retailers across 45 markets.

Our amazing talented people and innovative technologies enable us to deliver this mission and we believe that we are making a positive impact on society and helping to drive the global economy forward.

What You'Ll Get To Do:

• Threat Intelligence: Monitor and challenge the effectiveness of the threat intelligence activities performed by the 1st line (e.g., Security Operations Center), ensuring intelligence gathering, analysis, and dissemination processes are adequate. Conduct independent, thematic analyses on threat trends and emerging risks to identify potential blind spots or systemic vulnerabilities.
• Vulnerability Management: Oversee the 1st line’s vulnerability management processes by regularly reviewing scan results, remediation timelines, and risk assessments. Challenge delays, exceptions, or inadequate remediation efforts. Evaluate the adequacy of the 1st line’s control environment for patching, configuration management, and vulnerability remediation. Make recommendations for improvement and track progress on remediation actions.
• Penetration Testing: Plan and perform independent 2nd line-led or commission externally sourced penetration tests or deep dives into critical controls, business processes, or technology assets. Validate the thoroughness of 1st line testing by performing targeted assurance testing, focusing on areas of heightened risk, high-impact change, or previous findings.
• Cyber Risk Oversight: Independently assess effectiveness of 1st line controls related to cyber and technology risks, challenge business and IT functions on their cyber risk decisions.
• Incident Response Support: Review incident response plans, test scenarios, and help refine procedures based on emerging threats and best practice guidance.
• Policy & Compliance: Contribute to development and review of cyber risk policies, standards and frameworks; ensure alignment with regulatory expectations (e.g., FCA, GDPR).
• Reporting: Prepare clear, actionable reports and dashboards for management and board-level risk committees.

Who You Are

• Advanced degree in Cybersecurity, Information Security, Computer Science, or related field (or equivalent experience).
• 10 years’ experience in cybersecurity, preferably in a regulated financial services or fintech environment.
• Strong understanding of external threats, vulnerability/patch management, and penetration testing methodologies.
• Familiarity with frameworks such as NIST, ISO 27001, MITRE ATT&CK, CIS, etc.
• Knowledge of current cyber threat landscape and trends.
• Excellent analytical, communication, and stakeholder management skills.
• Certifications such as CISSP, CISM, CEH, OSCP, GIAC or similar (preferred).

Klarna's Compensation model and Equity Offering

At Klarna, our compensation package includes a base salary and Restricted Stock Units (RSUs). To ensure fairness and maintain global market competitiveness, each role in a specific location has a set base salary. During the recruitment process, we will assess your skills and experience to determine which role is the best fit for you.
Our RSU program features a 4-year vesting schedule, allowing you to gradually become a shareholder in Klarna. Additionally, you may qualify for our Contribution-Based Reward (CBR) program, which recognizes and rewards significant contributions to our success.

Total compensation: 63.236€ - 70.824€

Closing

Please include a CV in English.