M+E Technology Job Board

Senior Security Engineer: Intrusion Detection


Spotify listeners, creators and employees trust us to provide a safe digital platform that protects any sensitive information they share with us. Spotify Security is a distributed team that champions and delivers on initiatives with Spotify’s autonomous teams to ensure that our organization keeps information security appropriately prioritized and that the trust we have with these stakeholders is well-deserved. We focus on raising security awareness, providing security intelligence and building tools to enable these teams to feel a shared sense of responsibility for security and privacy concerns. We aim to constantly improve the security posture of our organization by iterating on our tooling and process.

The Spotify Security team is looking to advance our in-house intrusion detection capabilities. If logging and alerting pipelines excites you, if you would love to help enable feature teams to start to generate and act upon security specific metrics and log lines, or if you are up for the challenge of defining and deploying alerts with a signal-to-noise ratio that really gets your heart pumping when triggered, you might want to consider joining us!
What you will do:

You will closely collaborate in a cross-discipline team that builds, iterates upon and maintains a platform to generate alerts from existing application and infrastructure logging pipelines that can handle the scale of millions of users
You will provide guidance to development and infrastructure teams on how to ensure their products can be designed to enable anomaly detection.
You will deploy, test and tune alerts to increase visibility without growing signal-to-noise ratio of alerts.
You will consult, evangelize, and teach theoretical and practical security to groups of varying sizes, disciplines, and experience levels.
You will help develop our strategy for finding innovative ways to defend our infrastructure, users and employees.

Who you are:

You have industry experience on a security team providing support to development, internal networks and corporate IT infrastructure teams.
You have worked within product development organizations building highly distributed systems
You have experience working with application teams in enabling them on advancing security initiatives.
You have the coding skill, experience, and engineering mindset for building reliable, maintainable security infrastructure for a high number of users and developers.