Spotify

Security Engineer – Product Security

Spotify

full-time

Posted on:

Location Type: Hybrid

Location: LondonUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudJavaPythonScalaTypeScript

About the role

  • Champion and contribute to the development and implementation of security best practices, standards, and automated tooling for secure development and deployment within Spotify's infrastructure, including AI-driven development.
  • Partner closely with teams across the company to integrate security seamlessly into their development lifecycle, from ideation to deployment and monitoring.
  • Consult, evangelize, and teach theoretical and practical security to groups of varying sizes, disciplines, and experience levels.
  • Drive cross-disciplinary initiatives to improve the security of our engineering ecosystem and the products developed at Spotify.
  • Conduct threat modeling, security reviews, and risk assessments for Spotify's diverse range of generative AI and non-AI systems.
  • Evaluate, prototype, and integrate specialized security tools for AI/ML systems.
  • Stay ahead of the curve on the rapidly evolving landscape of AI security threats, academic research, vulnerabilities, and mitigation strategies relevant to Spotify's scale and domain.
  • Contribute to security incident response activities involving AI systems.

Requirements

  • Hands-on technical experience with software security.
  • You are comfortable writing code to integrate security tools and automate your work with modern software development practices.
  • Security expertise in one or more domains, such as backend, mobile, web, and machine learning.
  • Strong foundation in core security domains such as cryptography, cloud security and application security.
  • You are comfortable working with diverse stakeholders and explaining security concepts to non-expert audiences.
  • You have experience from working in agile environments and easily adapt to change, enjoy challenges and thrive in ambiguity.
  • Ability to read and write code in languages such as Java, Python, Scala, C++ and TypeScript.
  • Experience with generative AI tools for common software engineering tasks.
  • Good understanding of common security risks, attack vectors, and vulnerabilities specific to AI/ML systems and how to mitigate them.
  • Demonstrable experience with security research on AI/ML systems and applications.
  • Experience integrating security tooling into production systems at scale.
  • Familiarity with common agentic AI frameworks.
Benefits
  • 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
software securitycryptographycloud securityapplication securityJavaPythonScalaC++TypeScriptsecurity tooling
Soft Skills
communicationadaptabilityproblem-solvingcollaborationteachingevangelizingstakeholder engagementworking in ambiguitycross-disciplinary initiativesconsulting