Senior Security GRC Manager
Description:
The Platform team creates the technology that enables Spotify to learn quickly and scale easily, enabling rapid growth in our users and our business around the globe.
Spanning many disciplines, we work to make the business work; creating the frameworks, capabilities and tools needed to welcome a billion customers.
Join us and help to amplify productivity, quality and innovation across Spotify.
Spotify is seeking a Senior Security Governance, Risk, and Compliance (GRC) Manager to join the Security Studio who will work closely with our engineering teams and audit functions.
You’ll be focused on managing the execution of tasks for the Security GRC Program within Spotify, primarily in relation to ITGC and SOX, but also to other compliance frameworks.
You will work on ensuring tasks provide high-quality value and are completed in a timely fashion.
Additionally, you will play an integral part in recommending process improvements and in helping to implement these updates.
This role will require an understanding of SOX, Internal Controls and information security practices, as well as experience in working with technology teams.
What You'll Do
Coordinate large-scale compliance projects, define success, dependencies and ensure timely delivery
Design, implement, supervise, and maintain GRC controls with engineering and business partners
Identify, assess, and advise on compliance risks and controls to a variety of partners
Analyze existing processes, explore optimization opportunities and propose improvements
Who You Are
You have 5+ years of experience with security compliance frameworks, ITGC and SOX, controls design and implementation, and best practices, including AICPA Trust Principles (SSAE 18 - SOC 2), NIST CSF, GDPR, regulations governing personally identifiable information (PII), and other regulatory compliance frameworks
You are a strong collaborator, with experience working on teams composed of both technical and non-technical members
You have the ability to problem-solve, multitask, track and organize data
You have excellent written and verbal communication skills, with experience presenting to key stakeholders and partnering with internal and external auditors and third parties
You thrive in a data-driven, fast-paced and innovative environment
Where You'll Be
For this role you will be based in Stockholm, Sweden, or London, UK
Permanent
Spotify is an equal opportunity employer. You are welcome at Spotify for who you are, no matter where you come from, what you look like, or what’s playing in your headphones. Our platform is for everyone, and so is our workplace. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be forward-thinking! So bring us your personal experience, your perspectives, and your background. It’s in our differences that we will find the power to keep revolutionizing the way the world listens. Spotify transformed music listening forever when we launched in 2008. Our mission is to unlock the potential of human creativity by giving a million creative artists the opportunity to live off their art and billions of fans the chance to enjoy and be passionate about these creators. Everything we do is driven by our love for music and podcasting. Today, we are the world’s most popular audio streaming subscription service.