Senior Security Engineer - Enterprise Security
TLDR
Lead the improvement of Spotify's enterprise security program, developing security automation and partnering with various teams to ensure robust yet efficient security practices.
Drive the evolution of Spotify's enterprise security program by identifying gaps, proposing improvements, and implementing changes that balance strong security with a frictionless employee experience
Design and build security automation, integrations, and internal tooling to scale enterprise security and reduce manual toil.
Collect and analyze high-quality security data to improve detection capabilities and generate data-driven insights that shape the direction of the enterprise security program
Define and implement security hardening, guardrails and policies for enterprise applications and SaaS platforms.
Partner with Site Reliability, IT, and other Security teams to provide expert guidance on enterprise security best practices and drive meaningful improvements to systems and processes.
Investigate, propose and implement changes to Spotify’s Enterprise Security posture across domains including: IAM, Single Sign-on, Endpoint Management, and Networking.
Lead governance and oversight of enterprise security tooling, including password managers and enterprise browsers.
Champion and enforce enterprise security best practices across endpoints, enterprise products, and network infrastructure, advising bandmates and teams along the way.
Collaborate closely with IT, infrastructure, legal and communications to ensure a coordinated approach to enterprise security.
Mentor and support the growth of engineers around you, raising the security bar across the organization.
You have several years of experience in enterprise security at fast moving technology companies. Alternatively, you have deep expertise in enterprise systems engineering and are ready to transition into a security-focused career.
You have demonstrated experience applying enterprise security principles across IAM, SSO, networking, and device management, and you understand how these domains interrelate to form a cohesive security foundation.
You can think like an attacker and understand how to identify risks and implement countermeasures against threats that span identity, endpoint, network, and cloud boundaries.
You have a solid understanding of the risks introduced by agentic AI in an enterprise context and you are eager to get hands-on identifying and mitigating these risks in our environment.
You actively leverage AI tooling to augment your own work and are eager to explore how emerging AI capabilities can be applied to enterprise security challenges.
You can critically evaluate tools, practices and procedures, and you're willing to advocate for improvements and change when you see opportunities or risk.
You have an understanding of the current threat landscape, and want to be part of a team creating and implementing state of the art security solutions in a SaaS-driven enterprise environment.
You communicate complex security topics clearly to both technical and non-technical audiences, and you're skilled at building alignment across a global, cross-functional organization.
You thrive in a flexible environment with broad scope and you're energized by the freedom to innovate and challenge conventional security thinking.
Spotify is an audio streaming platform that delivers an extensive catalog of music, podcasts, and audiobooks, catering to hundreds of millions of users globally. It empowers artists by providing them with the means to monetize their creativity while offering fans unparalleled access to a diverse array of content, all driven by a passion for sound.