Senior Security GRC Manager, Spotify
SOX ITGC
Commercial music streaming service
Open for applications
Commercial music streaming service
1001+ employees
Open for applications
1001+ employees
Company mission
To unlock the potential of human creativity—by giving a million creative artists the opportunity to live off their art and billions of fans the opportunity to enjoy and be inspired by it
Role
Who you are
- You have 7+ years of experience with ITGC and SOX, including controls design and implementation. Experience in the technology industry is preferred
- You have 5+ years of experience with security frameworks (e.g. SOC 2 Type II, ISO27001, NIST CSF, etc.), security controls design and implementation, and best practices
- CISA, CISM, CISSP, CPA or other related certifications a plus
- You have experience with PII and GDPR (preferred but not required)
- You are a strong collaborator, with experience working on teams composed of both technical and non-technical members
- You have the ability to problem-solve, multitask, and have excellent organizational skills
- You have excellent written and verbal communication skills, with experience presenting to key stakeholders and partnering with internal and external auditors and third parties
- You thrive in a data-driven, fast-paced and innovative environment
What the job involves
- Spotify is seeking a Senior Security Governance, Risk, and Compliance (GRC) Manager to join the Security Studio who will work closely with our engineering teams and audit functions
- You’ll be focused on managing the execution of tasks for the Security GRC Program within Spotify, primarily in relation to ITGC and SOX, but also to other compliance and information security frameworks
- You will work on ensuring tasks provide high-quality value and are completed in a timely fashion
- Additionally, you will play an integral part in recommending process improvements and in helping to implement these updates
- This role will require a deep understanding of SOX, ITGCs, and information security practices, as well as experience in working with technology teams
- Design, implement, monitor, and maintain SOX ITGC controls, with engineering and business partners
- Coordinate large-scale SOX ITGC projects (i.e. scope expansion), define success, dependencies and ensure timely delivery
- Identify, assess, and advise on information security risks, processes and controls to a variety of partners
- Build relationships with internal and external stakeholders
Salary benchmarks
Our take
Spotify was founded in an attempt to combat the rampant music piracy that was causing significant harm to the industry. The company has since taken music streaming mainstream and now has 180m+ paying subscribers across the world.
With features that include a highly accessible interface and a vast catalogue of artists, Spotify's strong brand has been able to maintain growth in spite of fierce competition from deep-pocketed rivals like Amazon and Apple. The company has achieved this by making smart acquisitions to move into other verticals to strengthen its offerings, especially podcasting, by acquiring Gimlet Media, Anchor and Parcast.
Spotify's future plans include rapid growth with a goal to become a one-stop destination for all digital sound, as well as AI and NFT integrations. However, high costs incurred from the acquisition of exclusive podcasts, increasing competitor strength, and weak bottom-line growth mean that the company must find a balance to maintain its position in the sector.
Freddie
Company Specialist
Insights
Some candidates hear
back within 2 weeks
23% employee growth in 12 months
Company
Funding (last 2 of 8 rounds)
Jan 2016
$1bn
CONVERTIBLE
Jun 2015
$526m
SERIES G
Total funding: $2.1bn
Company benefits
- Extensive learning opportunities, through our dedicated team, GreenHouse
- Flexible share incentives letting you choose how you share in our success
- Global parental leave, six months off - fully paid - for all new parents
- All The Feels, our employee assistance program and self-care hub
- Flexible public holidays, swap days off according to your values and beliefs
Company values
- Innovative: We move fast and take big risks
- Sincere: We have no time for internal politics
- Passionate: We revel in what we do
- Collaborative: We recognise that we're all in this together
- Playful: We don't take ourselves too seriously
Company HQ
Norrmalm, Stockholm, Stockholms län
Articles
Leadership
Daniel Ek
(CEO & Chairman)Founded Spotify in 2006. Previously worked as an executive at Tradera, an auction company that was sold to eBay and was briefly the CEO of uTorrent.
People progressing
Joined as a Conversion Manager in the Growth Team. Promoted three times over seven years to Senior Director - Head of Growth.
Joined as a Customer Advisor. Since then has had the role titles Senior Advisor, Content Associate, Team Coach, and Operations Manager - Primary Support. Hurst is now currently the Business Operations Manager of Music.
Share this job
View 45 more jobs at Spotify