Security Risk Manager - Spotify New York, NY Bookmark Share Print 290 0 1

Listing Description

The Security organization is a daring, hardworking and friendly group working together on an important mission; improving the security posture of Spotify. In a distributed and growing organization of engineering teams that need to iterate fast on their products, our environment is constantly evolving and so are the challenges for Security.
We are looking for a Risk Manager to join our team of dedicated people that share a common interest in scaling security at Spotify. You will play a key part in the Security Risk & Control team, with the mission of managing information security risks at Spotify. To enrich our security organization while living the Spotify culture, you will also provide experience and domain expertise in all fields of information security governance. Above all, your work will impact the way the world experiences music.

What You'll Do
  • Further develop and lead Spotify’s Security Risk Management program
  • Continuously improve our ability to identify, assess, prioritize and mitigate information security risks throughout the organization and come up with recommendations on how to integrate controls as part of daily operations.
  • Facilitate collaboration with other engineers, product managers, and leaders to incorporate security risk management across departments.
  • Collaborate very closely with Spotify’s technology teams and coordinate security projects across teams within Spotify
  • Coordinate and collaborate with other risk management functions and partners (e.g., Legal, Fraud, Internal Audit) to integrate security risk management, minimize duplication of efforts, and to ensure efficient execution.
  • Take part in shaping the future of our security organization.

    • Who You Are
  • You have 5+ years of experience with IT, information security risk management, governance, and controls.
  • You have experience in managing information security risks in cloud based environments.
  • You have deep technical expertise in at least one additional area of security.
  • You have experience as a CISSP, CRISC, CISM, or hold other relevant information security professional certifications.
  • You have experience with information security related work (e.g. implemented and/or conducted audits or assessments based on relevant security control frameworks), and have experience with security standards such as CIS Controls, NIST CSF, or ISO 27001.
  • You know how to teach and influence groups of different disciplines with varying experience about information security risks.
  • You feel confident coordinating and scoping larger initiatives.
  • You believe in collaboration, agile values and leading by example.

    • Where You'll Be
  • We are a distributed workforce enabling our band members to find a work mode that is best for them!
  • Where in the world? For this role, it can be within the Americas region in which we have a work location and is within working hours.
  • Working hours? We operate within the Eastern Standard time zone for collaboration and ask that all be located in that time zone. 
  • Prefer an office to work from home instead? Not a problem! We have plenty of options for your working preferences. Find more information about our Work From Anywhere options here.
    • Spotify is an equal opportunity employer. You are welcome at Spotify for who you are, no matter where you come from, what you look like, or what’s playing in your headphones. Our platform is for everyone, and so is our workplace. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be forward-thinking! So bring us your personal experience, your perspectives, and your background. It’s in our differences that we will find the power to keep revolutionizing the way the world listens.

    Spotify transformed music listening forever when we launched in 2008. Our mission is to unlock the potential of human creativity by giving a million creative artists the opportunity to live off their art and billions of fans the chance to enjoy and be passionate about these creators. Everything we do is driven by our love for music and podcasting. Today, we are the world’s most popular audio streaming subscription service with a community of more than 381 million users.

    Global COVID and Vaccination Disclosure
    Spotify is committed to safety and well-being of our employees, vendors and clients. We are following regional guidelines mandating vaccination and testing requirements, including those requiring vaccinations and testing for in-person roles and event attendance. For the US, we have mandated that all employees and contractors be fully vaccinated in order to work in our offices and externally with any third-parties. For all other locations, we strongly encourage our employees to get vaccinated and also follow local COVID and safety protocols.

    This role is not eligible for hire in Colorado, USA.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!