Senior Security Engineer - Security Operations Center
London, UK
Engineering /
Full-time /
Hybrid
We are on a mission to liberate humanity from all the meaningless time spent managing their purchases and finances, so they can do more of what they love. Klarna was founded on a bold belief: that people are capable of achieving the extraordinary, even when faced with the seemingly impossible. Our journey has been one of continuous learning, facing immense challenges head-on, dedicating countless hours of hard work, and never wavering in our commitment or resilience - and now we are looking for individuals to join us on our journey and contribute to our mission.
Our Global Trust Center is rapidly growing and we are looking for new talent to join our Security Operation Center (SOC) team. If your background is within Managed Security Services, Inhouse SOC or Computer Incident Response Team we will offer you an environment that challenges the status quo and builds something different.
Our dedicated team has two focus areas; Threat Monitoring & Detection and Incident Response, with support from our Cyber Threat Intel partners. The SOC team tries to use the best-of-breed tools for monitoring and detection as well as make the best use of traditional security platforms. With a focus on automation and applying analytics to our signals, we have an objective to be highly efficient in our operations with very few false positives.
Our goal is to improve our capabilities in cyber response, to develop the most effective ways of evaluating and triaging security events and invoking appropriate response plans to events. We work in a continuously evolving business environment, therefore the technologies and processes we use are continuously changing as well. This means that this role requires people with great minds and brilliant ideas able and willing to challenge the traditional ways of operating a SOC function and try out new things.
What you'll get to do
- Onboard data sources and manage our new SaaS platform for log ingestion.
- Play a key part for correlation rules and dashboard creation and support the rest of the team and our internal customers.
- Work in a team with an investigative spirit, good perception, and judgment of the security landscape
- Develop our strategy for finding innovative ways to monitor our infrastructure, customers, partners, and employees
- Be the target of security attacks and take mitigation measures
- Provide in-depth cybersecurity analysis and trending of logs, event data, and alerts from a diverse range of log sources
- Be part of building security functions for native cloud-based environments
- Since cybercriminals do not keep business hours the job includes on-call duties on a scheduled and rotating basis (approximately every four weeks)
To succeed in this role, we think you should have
- Past experience from a Managed Security Services Provider or in-house Security Operations Center
- Developed and implemented new cybersecurity use cases for SIEM
- Experience in working with AWS, Google Cloud Platform, or Azure security services
- Experience in endpoint protection and response solutions
- Experience in networking and network security, such as firewalls, IDS/IPS, and network traffic analysis tools
- Skills in incident and stakeholder management from preparation to post-mortems
- Comfortably works in Mac, Linux, and Windows OS
- Continuous Integration / Continuous Deployment knowledge
- Can build serverless functions, messaging, queues, and data storage solutions
- Can work with Web APIs and develop integration pipelines
- Coding /Scripting experience (software development, infrastructure as code) All coding or scripting languages welcome
- Tune and filter alerts
- Customize detection rules
- Configure and manage policy for EDR and Network Tools
- Use case development
- Detection and correlation analysis fidelity of IoCs and IoAs ("Spider Sense")
- Extensive security domain knowledge
- Comfortable working in high-stress environments
- Coordination skills
- Strong written and verbal communication skills
- Stakeholder management
DevOps and Cloud Skills
Security Operations Skills
General Skills
Nice to have but not essential
- Experience with SOAR and task automation
- Containment and eradication activities
- Cyber threat intelligence knowledge
- Advanced SOC Skills (Malware Analysis, Reverse Engineering, etc.)
- Digital Forensics experience with cloud services and traditional endpoints
We also believe in contributing back to the open-source community. You can find some of our work here https://github.com/klarna.
How to apply: please send us your CV or Linkedin profile in English
About Klarna
Since 2005 Klarna has been on a mission to revolutionize the retail banking industry. With over 150 million global active users and 2 million transactions per day, Klarna is meeting the changing demands of consumers by saving them time and money while helping them be informed and in control. Over 450,000 global retail partners, including H&M, Saks, Sephora, Macys, IKEA, Expedia Group, and Nike have integrated Klarna's innovative technology to deliver a seamless shopping experience online and in-store. For more information, visit Klarna.com
It is our commitment that every qualified person will be evaluated according to skills regardless of age, gender, identity, ethnicity, sexual orientation, disability status or religion. Please refrain from including your picture and age with the application.
About Engineering at Klarna
Engineering at Klarna is an inspired, customer focused community, dedicated to crafting solutions that redefine our industry. Working in small, highly collaborative Agile teams, you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers. At Klarna we optimise for quality, flow, fast feedback, focusing on end-to-end ownership, continuous improvement, testing, monitoring, and experimentation. We aim for teams that are inclusive, helpful, and have a strong sense of ownership for the things they build.
