Engineering Role: Senior Security Engineer SecIMOC London & Stockholm

The Spotify Security team is looking to enhance our incident response capabilities with a hardworking and collaborative security engineer focused on incident management. If you thrive under pressure and enjoy working with partners across the company to improve our containment and response efforts, then apply now!

• London
• Stockholm

1. Drive continuous improvement of Spotify's security incident management process, identifying areas for enhancement and implementing changes.
2. Collaborate with compliance teams to ensure incident processes meet all regulatory requirements while remaining lean and adaptable.
3. Utilize security technologies (e.g., SOAR, SIEM), communication platforms, and automation tools to accelerate response and train responders on their use.
4. Develop automation and response capabilities to speed up investigation and response, leveraging our defender’s advantage.
5. Coordinate scheduling for incident managers and responders to ensure coverage and readiness.
6. Create and deliver training programs for incident responders to maintain high incident readiness.
7. Participate in and lead responses to security incidents, ensuring swift action, process adherence, and documentation for improvement.
8. Work closely with IT, infrastructure, legal, and communications teams to ensure a coordinated incident management approach.

• Experienced in security incident management, including leading responses, developing processes, and automation.
• Knowledgeable of incident response frameworks like NIST and SANS.
• Passionate about automation and skilled in building tools that combine automated responses with human judgment.
• Capable of developing automation tools, with a broad understanding of cloud and endpoint security.
• Able to think like an attacker and respond to novel threats across organizational and cloud boundaries.
• Experienced with incidents in cloud environments such as GCP, AWS, or Azure.
• Excellent organizational and communication skills, able to collaborate across diverse teams globally.
• Understanding of current threat landscape and incident response strategies in SaaS environments.

• This role is based in London or Stockholm.
• Flexible work options available, with some in-person meetings and remote work flexibility.

We offer extensive learning opportunities through our dedicated team, GreenHouse, flexible share incentives, global parental leave, employee assistance programs, and flexible holidays to accommodate your values and beliefs.

Learn about life at Spotify and join a diverse, inclusive workplace where your unique background and perspectives help us innovate and thrive. Our mission is to unlock human creativity through music and podcasting, serving over 500 million users worldwide.