Security Engineer

At Epidemic Sound we are reinventing the music industry. Our carefully curated catalog, with over 35,000 tracks, is tailored for storytellers, streaming services, and in-store soundtracks. Countless clients around the world, from broadcasters, production companies, DSPs, and YouTubers rely on our tracks to help them tell their stories. Epidemic Sound’s music is heard in hundreds of millions of online videos daily, across millions of playlist streams, and in thousands of in-store locations. Headquartered in Stockholm, we’re spread across offices in New York City, Los Angeles, Seoul, Hamburg, and Amsterdam. We’re growing fast, have lots of fun, and are taking the music industry with us.

Job description

As a security engineer, you will form a key part of the Cybersecurity team here at Epidemic Sound. You, along with your team, will help ensure our employees and services are protected from a wide range of online threats. Although we are a global company, this position will be based in our Stockholm office.

How you will make an impact :

- Working with teams and individuals to identify, track and fix vulnerabilities/risks in both systems and processes.
- Helping to identify and evaluate new security tools and services.
- Sharing your knowledge through solid documentation, delivering internal tech talks and security awareness training to all levels of technical proficiency.
- Assisting the team conduct security reviews for new and existing business software and services.
- Promoting secure ways of working across all areas of the organisation.
- Assisting with security incidents (including on-call), breaches and training exercises around them.
- Working on a wide range of projects and new initiatives in the team.
- Responding to security-related requests from across the organisation.

We believe that to succeed in this role, you have experience of:

- Security features of the big public cloud providers (Google’s GCP and/or Amazon’s AWS platforms)
- Assisting software engineers with code reviews and highlighting best practices.
- At least one programming or scripting language (Python, Rust, Java, etc)
- Kubernetes, Docker or any other containerization architecture
- Web application security
- Social engineering attacks and mitigation (eg. Phishing)
- Identifying vulnerabilities in software, systems and processes
- Writing technical documentation

And a good understanding or working knowledge of common security frameworks (ISO 27001, SOC3, PCI-DSS, NIST, etc), compliance and regulatory requirements.

And it'll be awesome if you also have or want to learn:

- Knowledge of SIEM systems
- Experience of penetration testing
- Understanding of the OWASP Top 10
- A working knowledge of common CI/CD systems and code repository tools like Github

It would be music to our ears if you also enjoy a small, fun team that wants to make a difference and share our knowledge :)

Curious about our music? Find our music on Spotify here → https://open.spotify.com/user/... (https://open.spotify.com/user/epidemicsound)

We have lots of fun soundtracking the world and our annual Spring Bash (https://www.youtube.com/watch?v=NgnVp17IvAg) is an event that captures this perfectly. Take a look at our most recent one, a virtual celebration!

Application

Do you want to be a part of our fantastic team? Please apply, in English, by clicking the link below.

We believe that bringing people together from different backgrounds, experiences and perspectives makes for a healthy workplace, a more successful business and a better world. We value diversity and encourage everyone to come and soundtrack the world with us.