The Spotify Security team is looking to advance our threat detection and incident response capabilities. If working with logs and security telemetry to identify new and unknown threats excites you, if threat hunting and building alerts to stay ahead of attackers gets your heart pumping, and if you are up to the challenge of handling security incidents and driving enterprise-wide efforts for containment and response, then stop what you’re doing and apply!
What You'll Do
You will work with our IT, infrastructure, and feature teams across Spotify to identify new detection opportunities and build out the signal collection to support it.You will resolve best solutions for monitoring, processing, and alerting on security-based signals.You will form repeatable processes for prioritizing and responding to alerts and developing playbooks.You will mature our capabilities to proactively identify security threats and develop detections.You will participate in response to incidents to drive containment and remediation to keep Spotify secure.You will work with security technologies such as SIEM, EDR, SOAR and other platforms that we use in our daily operations.You like rapidly prioritizing work based on business needs and assessed risks.You like working in a flexible environment where you can wear many hats.,
Who You Are
You have experience and interest in security detection engineering and incident response.You have a demonstrable understanding of developer concepts and technologies such as Github, CI/CD, and infrastructure as codeYou like crafting repeatable processes, but when you have to do something more than a few times, you automate it using a scripting language of your choice, or an automation platformYou have an understanding of the current threat landscape and building detection and response capabilities in SaaS-oriented corporate IT environments.You have experience working in cloud environments such as GCP, AWS, or Azure.,
Where You'll Be
For this role you will be based in Stockholm, Sweden or London, UK.