Principal ICT and Security Operations Lead

Engineering at Klarna is an inspired customer focused community dedicated to crafting solutions that redefine our industry. Working in small highly collaborative Agile teams you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers.

At Klarna we optimize for quality flow fast feedback focusing on endtoend ownership continuous improvement testing monitoring and experimentation. We aim for teams that are inclusive helpful and have a strong sense of ownership for the things they build. Our engineers make some of the most significant decisions for the company and we are looking for bold open and curious developers. As a Klarnaut youll be inspired to contribute to the growth of one of the Worlds most highly valued fintech and your work will impact the lives of our millions of users.
Help us make shopping online even more smoooth!

What youll get to do:

Reporting directly to the Chief Security Risk Officer (CSRO) in the 2nd line of defence you will lead and mentor a dynamic team responsible for the companys audit compliance and technical security operations oversight. Your role involves leading strategic oversight of Klarnas security policies and compliance frameworks ensuring alignment with business objectives and regulatory requirements. You will collaborate with senior stakeholders across the organization to develop security strategies that not only protect the companys assets and data but also enhance operational efficiencies and customer trust.

Who you are

You are a seasoned leader in the fields of security governance and compliance with a proven track record of managing diverse teams. At Klarna you will harness your strategic insight and technical expertise to drive robust security practices and ensure compliance with global regulatory standards. Your leadership is characterized by a proactive approach and a deep understanding of the intricacies of cybersecurity audit procedures and regulatory compliance.

Key Responsibilities:

Lead develop and manage the EA Operations team promoting a holistic approach to Klarnas security governance and compliance initiatives.

Design and implement comprehensive security strategies and frameworks that address the full spectrum of Klarnas risk landscape.

Oversee the execution of regular security risk assessments penetration testing and compliance audits ensuring that all practices meet industry standards and regulatory requirements.

Lead comprehensive audits such as SOX ISAE (SOC2) PCAOB SWIFT PCIDSS etc. to ensure Klarnas compliance with all relevant financial and security regulations. Strategically guide the audit process from planning through execution coordinating with internal teams and external auditors to ensure thorough coverage and adherence to all regulatory requirements.

Foster strong relationships with regulatory bodies staying ahead of changes in compliance laws and standards to dynamically adapt Klarnas policies and procedures.Drive the development and implementation of training programs to raise security and compliance awareness across all departments.

Regularly report to Klarnas senior management on the status of security and compliance efforts providing strategic insights and recommendations for enhancements.

Required Skill Set/Experience:

Proficiency in both written and spoken English enabling you to comprehend regulatory requirements and contracts effortlessly and lead meetings efficiently.

A minimum of 7 years of experience as an Information Security Professional with a technical background as well as experience in managing an ISMS or its components.

Proven leadership skills with the ability to manage and inspire a team of security and compliance professionals.

Proven experience in defining testing (automation) and monitoring of controls. A solid grasp of their organizational impact particularly in relation to Engineering teams.

A thorough understanding of how information security assurance is implemented in practice with a strong desire to optimize and simplify its application.

Strong analytical skills with the ability to leverage data for informed decisionmaking. Basic Python and experience in prompt engineering (ChatGPT) is desired.

Strong knowledge of global financial regulations cybersecurity frameworks and best practices (e.g. GDPR PCIDSS ISO/IEC 27001).

Strong communication and interpersonal skills capable of engaging effectively with both technical teams and executive management.