Head of IT Security

About Kustom

Kustom, formerly known as Klarna Checkout (KCO), is the Nordic market leader in digital checkout solutions. Today, they support over 24,000 merchants across more than 170 countries, providing a streamlined checkout experience. They offer localized solutions in 18 markets, tailored to specific languages, currencies, and payment methods. No matter where businesses operate, they deliver a checkout experience that meets the needs of both merchants and shoppers – driving growth globally.

About the role

As Head of IT Security, you’ll have the overall responsibility over Kustom’s IT security, security infrastructure, and compliance. You make sure that their company network, applications, and data are protected from unauthorized access and threats. When working closely with their product teams, you will provide expertise in both proactive and reactive security measures, as well as ensuring compliance with security standards and best practices.

Among things you’ll be doing

• Design, implement, and manage security measures, including firewalls, intrusion detection/prevention systems, and endpoint protection
• Monitor security systems for unusual activity, investigate incidents, and respond to security breaches in a timely and effective manner
• Manage vulnerability assessments, penetration testing, and risk analysis to identify potential weaknesses and mitigate risks
• Collaborate with product teams to design secure systems, applications, and networks with a focus on secure coding practices and threat modeling
• Lead the investigation of security incidents, root cause analysis, and assist in developing incident response plans and procedures
• Develop and conduct security training programs to enhance staff awareness and adherence to security policies
• Work closely with other technical teams (e.g., DevOps) to integrate security throughout the development and deployment processes
• Ensure compliance with relevant industry standards (e.g., NIST, ISO 27001, GDPR) and assist in audits and regulatory reporting
• Serve as the primary contact for IT security and compliance-related questions in RFPs and other commercial discussions. 

This role reports into Kustom’s CTO.

About you

• You have a broad background in IT security and have led security efforts in a modern cloud-hosted tech environment
• We see that you probably come from a background where you worked hands-on with security engineering and/or working with securing enterprise networks and systems
• Proficiency with security tools (e.g., firewalls, IDS/IPS, SIEM systems, endpoint protection tools)
• Knowledge of encryption protocols, VPN technologies, and secure network design
• Experience with scripting and automation (e.g., Python, Bash, PowerShell)
• Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes)
• CISSP, CISM, CISA, CEH, or similar certifications preferred
• You have familiarity with standard security frameworks such as NIST, ISO 27001, SOC 2, and PCI-DSS

To thrive in this role we believe you have

• Strong analytical skills and ability to troubleshoot complex security issues
• Excellent verbal and written communication skills with the ability to explain technical concepts to non-technical stakeholders
• Ability to collaborate with cross-functional teams in a fast-paced environment

A place to grow

At Kustom, you won’t just be another face in the crowd. This is a place where they elevate each other and celebrate success as a team. They believe in their ability to create excellence — and have fun doing it!