Security Professional - Information Security (TPRM)

About Klarna
Klarna was founded in Stockholm, Sweden in 2005. Since then we've changed the banking industry forever. And now we're creating the world's smoothest shopping experience. We serve over 90 million consumers worldwide, and partner with 250,000 merchants – with a new merchant joining us every 8 minutes. Including some of the world's leading brands, such as H&M, ASOS, IKEA, Adidas, Samsung and Lufthansa. Our offices are spread over 17 different markets, hosted by 4000+ employees from 100+ nationalities.
Engineering at Klarna is an inspired, customer focused community, dedicated to crafting solutions that redefine our industry. Working in small, highly collaborative Agile teams, you and your team will have a clear mission and ownership of an important outcome that supports Klarna and our customers. At Klarna we optimise for quality, flow, fast feedback, focussing on end-to-end ownership, continuous improvement, testing, monitoring and experimentation. We aim for teams that are inclusive, helpful, and have a strong sense of ownership for the things they build.
At Klarna we strive to deliver market leading, secure, high-quality, and compliant products that everyone loves developing, and customers love using. With a banking license and operating in the financial industry in several regions, Klarna is naturally highly regulated. Regardless, we strive to build the smooothest experience possible, for both our customers and employees.
We are looking for an information security professional to join our Procurement team and help us to develop a risk based vendor lifecycle management from scratch.

What you'll get to do

• Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks.
• Help with classifications and identifying / gathering of security requirements for supplier risk management process.
• Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements.
• Lead and perform risk identification and risk assessments for supplier, NPA’s, major changes, and yearly risk assessments.
• Manage engineering metrics follow-up and improvement overall risk assessment workflow.
• Establish local security routines and drive improvement programs within the business area and support implementation of global TPRM processes to meet risk and regulatory requirements.
• Coordinate with control functions and auditors and oversee completion of mitigations.
• Provide support for 3rd party vendor or outsourcing management.

You should have

• 5+ years of experience working in security in a broad scope - you know a little bit about everything.
• A solid understanding of Information Security Standards and Risk management frameworks.
• Strong experience in third-party risk operating models and global TPRM processes.
• Knowledge of third party risk management process along with relevant governance standards such as ISO, ITIL or ISAE.
• Experience in working at financial institutions and understanding of compliance requirements with Banking regulations.
• Experience with Lean and Agile methodologies.
• Strong communication skills - you communicate clearly and can adapt your style to different target audiences.
• The ability to handle ambiguity and make decisions in situations where you don’t have all the information.
• Working proficiency in English.

You may also have

• Hands-on experience implementing/maintaining an ISMS
• Experience building controls in a 100% Cloud-based infrastructure
• Experience leading risk workshops
• Solid engineering background

What can we offer you

• Culture - You'll have an opportunity to work with talented people from 100+ different countries in our English speaking offices in Stockholm.
• Learning - We have a learning and development focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, and insurance plans, plus we offer all of our employees an opportunity to invest in a RSU program and own a stake of the company. You’ll also receive 30 days annual leave and since we recognise that life is about more than work, we also offer benefits for gym memberships, marathons, and all sorts of activities that promote physical health. We also have generous parental leave.
• Relocation - We can offer relocation support to Stockholm.

How to apply: Please send us your CV or Linkedin profile in English.

Klarna is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates. Please refrain from including your picture and age with your application.