Senior Application Security Software Engineer


The Security team focuses on improving Spotify’s security posture while maintaining the ability for our engineering team to iterate as fast as possible in our rapidly-changing environment. We are looking for a software engineer to join our team that share a common interest in distributed secure systems, their scalability and continued development. You will build the systems that keep our application secure and continuously improve our engineering practices. Above all, your work will impact the way the world experiences music.

As a member of the team focused on collection and analysis of security related signals, you’ll build a platform and tools to help other Spotify teams detect and act on malicious activity.
What you’ll do

You will design, build and operate distributed security systems at large-scale. (i.e. affecting thousands of machines and hundreds of developers in a DevOps manner that collect, analyze, and generate insights from security logs and signals).
You will work with other engineers to improve the security properties and attributes of applications and production systems.
You will provide technical engineering leadership for our cross-functional security teams.
You will educate and influence the Spotify engineering community in security-related topics.

Who you are

You are a software engineer who has built quality, maintainable, production grade services. You should have deep experience in any language of choice. Java and Python experience strongly preferred.
You have an insatiable desire for solving difficult problems, learning about new technology, and sharing your learnings with others.
You’re enthusiastic about security. You need not have professional experience but should be able to substantiate your level of interest and have an eagerness for learning more.
You are familiar with continuous deployment and delivery philosophies using tools like Docker, Jenkins, Kubernetes, etc.
You can effortlessly articulate your designs and proposals to people within the Security team and with internal stakeholders, collaboratively improving and executing on them.