At Epidemic Sound, we make soundtracking content simple and inspiring with unlimited access to music and sound effects. Headquartered in Stockholm, with offices all over the world, we are a force of over 500 on a mission to soundtrack the world. Our innovative licensing model paves the way for creators - from YouTubers to small businesses to the world’s most recognizable brands such as Netflix, Redbull and BBC - to use sound to enhance their content while simultaneously supporting artists both financially and creatively. Epidemic Sound music is heard 2 billion times a day on YouTube alone and is recognized as one of Europe’s fastest-growing companies by the Financial Times. Epidemic Sound is backed by EQT, Blackstone, Creandum, Atwater Capital to name a few.
We are looking for a Security Engineer, specializing in Infrastructure Security, you will form a key part of the Security Division here at Epidemic Sound. You, along with your team, will help ensure our cloud perimeter and operations are protected from a wide range of online threats. Although we are a global company, this position will be based in our Stockholm office. If you are currently not in Stockholm, we're happy to help!
Job Summary: Help to architect and implement security solutions across our containerized cloud environment. Optimize and increase maturity of existing solutions across rapidly changing threat landscapes. Work closely with a small team of experts as well as spending significant time embedded with our cloud engineering teams to better understand our usage patterns and needs and build relationships. Translate security knowledge and best practices to best suit the needs of our infrastructure teams through in person interactions as well as code libraries and written documentation.
- Working closely with SRE and Client Infrastructure teams and individuals to identify, track and fix security vulnerabilities/risks in our infrastructure.
- Expanding, architecting, implementing and evangelizing our Secure Infrastructure guidance, and automating security checks and processes where feasible.
- Sharing your knowledge through solid documentation, secure coding libraries, secure code reviews, delivering internal tech talks and security awareness training to technical staff.
- Researching, deploying and managing fraud detection and prevention systems.
- Promoting secure ways of working across all areas of the organization.
- Helping to identify and evaluate new security tools and services, and integrate existing tools and services into central dashboarding tools.
- Assisting with security incidents (including on-call), breaches and training exercises around them, including creating security patches.
- Working on a wide range of projects and new initiatives in the team.
- Responding to infrastructure security-related requests from across the organization.
- Mentoring junior security engineers.
- Writing solid documentation that can be used by a wide range of different viewers.
- Experience securing GCP environments
- At least one programming or scripting language (Python, Go, Kotlin, Node.js, and Bash experience preferred)
- Experience securing Kubernetes, Docker or any other containerization architecture
- Experience with Git, Github Actions and Terraform
- Experience with Cloud Security software (Google Security Command Center, Fastly, Cloud Armor preferred)
- Identifying vulnerabilities in software, systems and processes
- Static code analysis
- Writing test cases for existing cod
And a good understanding or working knowledge of common security frameworks (ISO 27001, SOC2, PCI-DSS, NIST, etc), compliance and regulatory requirements.
Equal Opportunity Employer:
We believe that bringing people together from different backgrounds, experiences and perspectives makes for a healthy workplace, a more successful business and a better world. We value diversity and encourage everyone to come and soundtrack the world with us.
Do you want to be a part of our fantastic team? Please apply, in English, by clicking the link below.