What you will do

The Red Team operator will perform dedicated Red Team activities simulating known threat actors, to help strengthen Klarna's overall security posture and determine the impact and likelihood of threat actors to accomplish objectives across the Kill Chain and MITRE ATT&CK Framework.

In this role, you’ll emulate both internal and external threat actors to uncover weaknesses across our most critical products and infrastructure. Everything from designing real-world attack scenarios to conducting deep technical assessments.

• Break into (and out of) all the things.

• Conduct red team assessments against internal, public-facing, and cloud assets.

• Perform Initial access campaigns such as Phishing and other Social Engineering activities.

• Move laterally between endpoints, cloud, IoT, and whatever else stands between you and the engagement goal.

• Develop offensive security tools for internal and public use.

• Provide expert guidance to developers, other security teams, and the SOC in investigating issues.

• pread awareness of offensive security practices via demos, workshops, and training.

Who you are

• Strong experience red teaming and performing other technical security assessments, with and without automated tools.

• Strong Opsec focus.

• Strong experience of testing Cloud Native environments and CI/CD pipelines using a mix of macOS, Linux, and Windows endpoints.

• Comfortable communicating findings clearly and effectively to both technical and nontechnical audiences, with concrete remediation recommendations beyond simple issue reporting.

• Experience with programming and contributing to large and small projects in C, Go, Perl, or whatever other language is best suited to the task.
  

Awesome to have

• Industry recognized certifications

• A degree in Computer Science or Computer Engineering

• Contributions to the larger cybersecurity community
  

Please include a CV in English.

Curious to learn more about Klarna and what it’s like to work here? Explore our career site!