Senior Information Security Manager - Germany

Gießen, Germany /
Engineering /
Full-time
/ Hybrid
Engineering at Klarna is an inspired, customer-focused community, dedicated to crafting solutions that redefine our industry. Working in small, highly collaborative agile teams, you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers. At Klarna we optimise for speed, quality, fast feedback, focussing on customers, end-to-end ownership, continuous improvement and experimentation. We aim for teams that are inclusive, helpful, and have a strong sense of ownership for the things they build.

What you'll do

    • Take part in creating a next-generation information security management system (ISMS) focusing on highly automated controls and a smoooth compliance experience.
    • Maintain and improve the building blocks of our ISMS such as strategies, processes, governing documents, and controls.
    • With an agile approach, analyze and integrate new statutory and regulatory rules.
    • Design novel frameworks and approaches to information security to challenge established best practices.
    • Collaborate with Klarnas engineers and security teams within the Engineering Assurance domain, and guide them in applying controls in an efficient and effective manner.
    • Engage in knowledge sharing and cross-team learning within the Engineering Assurance domain.
    • Spread security awareness in the organization and provide support in daily security compliance questions.
    • Perform efficient control testing and investigations.
    • Represent the security team during on-site visits and audits.
    • Support the local Information Security Officer and act as deputy in his absence.

To succeed in this role, we think you should have

    • Business-fluent written and spoken English and German. You can read and understand regulatory requirements and contracts without issues, and you can lead meetings in an efficient way.
    • A deep understanding of how information security assurance works in practice, and ideas on how you want to optimize and simplify its application.5+ years of experience as an information security professional with a technical background, managing an ISMS or parts of it.
    • Created ISMS policies and procedures with a firm understanding of their impact on the organization, especially developers.
    • Firm understanding of how security governance needs to be applied to cloud environments to be efficient and effective.
    • Experience with common cyber security regulations for European financial services, like guidelines from BaFin such as ZAIT, BAIT, MaRisk, and also ISO 27001.
    • Bachelor’s degree (or higher) in computer science or a related discipline, or equivalent theoretical and practical knowledge.
    • Strong communication skills to effectively communicate with third parties such as customers, auditors, and government regulators in order to represent Klarna

Our way of working

    • In your heart, you know there is a better way of doing things. Challenge the old dogmas of slow and tedious information security work with miles of documentation and do away with the tick-the-box philosophy of security.
    • You are also grounded and understand that security has to be explained, and that others need assurance that information is secure in the same way that  we require assurance from our partners and service providers.
    • You love to try a new approach, think big, but you can also focus on details. Starting out small, and quickly try out your idea because you really want to see the results now, not in years.
    • You enjoy working with and in teams, and work together to achieve a common goal.
    • You are experienced enough to own and drive projects independently. You can interact with different competences and internal and external stakeholders in a professional way.
We also believe in making contributions back to the open source community. You can find some of our work at https://github.com/klarna.

How to apply: please send us your CV or Linkedin profile in English