Shield are responsible for providing reliable IT platforms to teams throughout Spotify. We provide identity management and user access control in addition to managing how software applications are created and deployed in our Internal Services. Shield is a squad within the IT tribe.
We are looking for a Security Engineer that will join our Internal IT team. In addition to day to day systems engineering we want an engineer with experience and passion for all things Security. You will be responsible for advocating and fostering the security culture in the team.
Spotify is experiencing intense internal growth within the company – most obviously in the number of employees, but also in the number of new departments and internal systems. We are looking for someone to deliver ultra-scalable, secure and highly reliable systems.
Our internal systems are mostly served by Linux servers but we also use Windows Servers for certain tasks. We rely heavily on web-based services (GCP and AWS) and you will have the opportunity to work with new and interesting technology as well as with some of the best people in the industry.
What you will do:
- Build a strong security culture within the team that allows them to make good security decisions in day to day engineering tasks
- Design, build and operate tools that improve IT security on IT systems and employee workstations.
- Act as a liaison and strong stakeholder to the larger security organization at Spotify.
- Balance business asks with security goals in order to empower and enable the larger goals of the organization.
- Administer internal systems such as: internal authentication servers, web servers and services, server and firewall configuration, monitoring and backups.
- Support and develop internal systems for Spotify staff.
- Manage user access and user access control.
- Take the lead in troubleshooting and analyzing applications, OS, and networks issues.
- Automating AWS and/or GCP environments.
Who you are:
- You have experience with hardening one or more of the following operating systems: MacOS or Windows. Knowledge with hardening Linux is a bonus.
- You are knowledgeable with SAML best practices. It’s a bonus if you’ve worked with Okta and securing applications that are behind Okta.
- In depth knowledge of common attacks and remediations on desktop workstations.
- You have experience with securing workstations with Jamf and Puppet
- You thoroughly understand system and network security.
- You are experienced in managing Active Directory and LDAP.
- You have knowledge in configuration management tools, preferably Puppet.
- You are knowledgeable of at least one scripting language (PowerShell, bash, python, ruby, etc.)
- You have analytical skills.
- You have excellent written and verbal communication in English.
- You enjoy knowledge sharing and collaborating other members of the team.
At Spotify, employees in certain roles are required to consent to background checks. We will notify you if your role is subject to a background check and will follow all applicable laws and requirements.
We are proud to foster a workplace free from discrimination. We truly believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product for our users and our creators. This is something we value deeply and we encourage everyone to come be a part of changing the way the world listens to music.