Spotify
Technology
SecurityEngineer-ProductSecurity
Neural analysis suggests this role is
optimal for Mid candidates.
“Security Engineer- Product Security at Spotify. Skills: Product security, Platform security, AI security, Threat modeling. Champion security best practices. Contribute to security best practices”
What You'll Achieve.
Strengthening security posture; Improve security outcomes; Improve developer experience
Industry & Context.
Solving complex technical challenges
What They're Looking For.
Must Have
3+ years of hands-on experience in security engineering, Comfortable writing code to integrate security tools, Comfortable automating workflows using modern software development practices, Expertise in backend development, Expertise in AI/ML systems, Expertise in distributed computing, Expertise in CI/CD platforms, Expertise in cloud infrastructure, Expertise in developer platforms, Foundation in security concepts, Foundation in cryptography, Foundation in threat modeling, Foundation in secure design, Foundation in software security, Comfortable working with diverse stakeholders, Communicating security concepts to technical audiences, Communicating security concepts to non-technical audiences, Experience working in agile environments, Ability to adapt quickly to changing priorities, Ability to adapt to evolving challenges, Read and write code in Java, Read and write code in Python, Read and write code in Scala, Read and write code in C++, Read and write code in TypeScript, Experience applying generative AI tools, Understanding of common security risks, Understanding of attack vectors, Understanding of vulnerabilities relevant to AI, Understanding of vulnerabilities relevant to machine learning, Experience integrating security tooling into production environments, Familiar with modern agentic AI frameworks, Familiar with emerging AI development patterns
Nice to Have
Experience with Kubernetes, Experience with container orchestration platforms
What You'll Do.
Champion security best practices
Contribute to security best practices
Develop security standards
Implement security standards
Develop automated tooling for secure development
Implement automated tooling for secure development
Develop automated tooling for secure deployment
Implement automated tooling for secure deployment
Integrate security throughout software development lifecycle
Consult practical security approaches
Educate practical security approaches
Advocate practical security approaches
Drive cross-disciplinary initiatives
Improve security of engineering ecosystem
Improve security of products built
Conduct threat modeling
Conduct security reviews
Conduct risk assessments
Evaluate security solutions
Prototype security solutions
Integrate security solutions
Evaluate security tools
Prototype security tools
Integrate security tools
Stay current with AI security threats
Stay current with academic research
Stay current with vulnerabilities
Stay current with mitigation strategies
Contribute to security incident response
Strengthen detection capabilities
Strengthen response capabilities
Strengthen remediation capabilities
How You'll Work.
Team & Collaboration
Partnering with development teams; Partnering with platform teams; Working with diverse stakeholders; Cross-disciplinary initiatives
Communication Scope
Communicating security concepts; Translating security concepts
Process & Methodology
Agile environments
Full Job Description
## Description Security engineers at Spotify help protect the security of our platform and the experience of more than 700 million users around the world. We're looking for an experienced engineer to join us in securing some of Spotify’s most important engineering initiatives. You’ll work across product and infrastructure security, partnering with autonomous development and platform teams to build secure systems at scale. We’re a distributed team that combines deep security expertise with practical tooling and guidance, helping engineers move quickly while continuously strengthening Spotify’s security posture. We value curiosity, collaboration, and a willingness to both teach and learn from others. You bring experience in security, software, or systems engineering and enjoy solving complex technical challenges. In this role, you’ll represent security across a variety of engineering and business contexts, so you’re comfortable communicating with diverse audiences and translating security concepts into practical outcomes. ## What You'll Do Champion and contribute to the development and implementation of security best practices, standards, and automated tooling for secure development and deployment across Spotify’s infrastructure and platforms, including AI-driven development. Partner closely with teams across the company to integrate security throughout the software development lifecycle, from ideation and design through deployment and monitoring. Consult, educate, and advocate for practical security approaches with groups of varying sizes, disciplines, and experience levels. Drive cross-disciplinary initiatives that improve the security of Spotify’s engineering ecosystem and the products we build. Conduct threat modeling, security reviews, and risk assessments across Spotify’s diverse range of generative AI and non-AI systems and platforms. Evaluate, prototype, and integrate security solutions and tools that improve security outcomes and developer experience at scale
Applying for this Security Engineer- Product Security role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about Spotify?
Real rants from real employees. Read before you apply.