Security engineers at Spotify protect the security of Spotify’s platform and of our 750+ million users. We are looking for an experienced engineer to join us in securing the most important engineering initiatives at Spotify.
You will be working in the infrastructure security engineering area to secure the foundations of Spotify’s platform. We’re a distributed team building the architecture and foundations for secure cloud computing and support platform teams in building best-in-class infrastructure on it. We aim to constantly improve the security posture for our fast-paced and rapidly-changing environment in a manner that will keep up with our scale. We’re experts in many domains of security, willing to teach and learn from anyone at the company.
You are a seasoned security, systems or software engineer with a passion for cloud security. Above all you have an insatiable appetite for learning new things and honing your existing skill set. In this role you are expected to represent security in various engineering and business contexts so we expect you to be comfortable communicating with diverse audiences both verbally and in writing.
What You'll Do
Champion and contribute to the development and implementation of security best practices, standards, and automated tooling to secure Spotify’s use of cloud computing.
Partner closely with teams across the company to integrate security seamlessly into Spotify’s infrastructure, from ideation to deployment and monitoring.
Consult, evangelize, and teach theoretical and practical security to groups of varying sizes, disciplines, and experience levels.
Drive cross-disciplinary initiatives to improve the security of Spotify’s engineering ecosystem and infrastructure.
Conduct threat modeling, security reviews, and risk assessments to make risk-informed security decisions and recommendations.
Evaluate, prototype, and integrate security solutions and tools to secure Spotify’s cloud environment.
Stay ahead of the curve on the rapidly evolving landscape of security threats, academic research, vulnerabilities and mitigation strategies relevant to Spotify's scale and domain.
Contribute to security incident response activities involving Spotify platforms and systems.
Who You Are
3+ years of hands-on technical experience with security engineering and cloud computing.
Hands-on security experience and expertise with one or more major cloud platforms such as GCP, AWS or Azure.
You are confident in automating your work in languages like Python, Java, or Golang with modern software development practices.
You are comfortable with infrastructure-as-code and declarative configuration management.
You have hands-on experience with operating and securing Kubernetes or similar container orchestration platforms.
Strong foundation with security skills such as cryptography, IAM, threat modeling and software security.
You are comfortable working with diverse stakeholders and explaining security concepts to non-expert audiences.
You have experience from working in agile environments and easily adapt to change, enjoy challenges and thrive in ambiguity.
Experience with applying generative AI tools to security problems and software engineering tasks.
Experience integrating security tooling into production systems at scale.
Where You'll Be
This role is based in Stockholm or London.
We offer you the flexibility to work where you work best! There will be some in person meetings, but still allows for flexibility to work from home.