About the Role
The role involves collaborating with engineering teams to integrate security into product development, conducting threat modeling, performing security reviews, and responding to emerging threats to protect systems and user data.
Responsibilities
- Identify and mitigate security risks in product development
- Collaborate with software engineers to implement secure coding practices
- Conduct security assessments and code reviews
- Develop and maintain security tools and automation
- Respond to security incidents and support investigations
- Guide teams on secure architecture and design
- Stay current with emerging threats and vulnerabilities
- Assist in penetration testing and red team exercises
- Support compliance with security standards and regulations
- Promote a security-first mindset across engineering teams
- Evaluate third-party components for security risks
- Help define and enforce security policies
- Monitor for new vulnerabilities in dependencies
- Contribute to secure deployment strategies
- Participate in on-call rotations for security events
Nice to Have
- Experience with large-scale, high-traffic systems
- Prior work in a product-focused security role
- Knowledge of containerization and orchestration platforms
- Experience with incident response and forensics
- Contributions to open-source security tools or communities
Compensation
Competitive salary and benefits package
Work Arrangement
Hybrid or remote work options available
Team
Part of the engineering and security organization focused on protecting product integrity
What We Value
- Collaborative problem solving
- Continuous learning and curiosity
- Ownership of security outcomes
- Clear and respectful communication
- Balancing security with product velocity
You Belong at Spotify
- We are committed to an inclusive and diverse workplace
- Equal opportunity is central to our values
- We encourage applications from all backgrounds and identities
Visa sponsorship available for qualified candidates
