We are hiring an IT Compliance specialist for Spotify’s Compliance & IT Integrity team that sits within Spotify’s internal IT team. You will give the Compliance & IT Integrity team the boost it needs to scale together with the growth of the company. This will involve many challenges and continual improvements in a rapidly changing environment.
The Compliance & IT Integrity team are the main stakeholders when it comes to the internal security for IT, information, people, processes and systems. We work cross functionally and closely together with a diverse range of people within the development, security, infrastructure/operation, payment, legal and finance squads. You will work to ensure compliance with relevant legal frameworks, security standards and best practices, as well as being the point of contact for compliance assessment, audits and information security related issues. Above all, your work will impact the way the world experiences music.
The Internal IT team is responsible for maintaining office IT infrastructure and developing and administering internal systems. Spotify rely heavily on web-based services and our infrastructure is quite unique; you will have the opportunity to work with new and interesting technologies.
What you’ll do
- Maintain and enhance the IT General Control (ITGC) framework including policies and procedures, control descriptions according to SOX standards
- Support external audit testing of ITGC
- Collaborate closely with the Internal Controls team to execute management testing of the controls. Ensure that the internal control testing is performed efficiently and timely
- Assist and support internal stakeholders as they look to address IT control deficiencies or make significant process changes (e.g. implementation of new systems)
- Evaluate third party reports (SOC 1 & SOC 2) and assess impact on our ITGC framework
- Coordinate and guide the teams on risks and compliance requirements for new systems; provide ITGC training as necessary
- Develop and foster strong relationship with relevant stakeholders throughout the company
- Stay abreast of changes to SOX regulation as well as best practice within compliance and IT integrity. Share your ideas and perspectives with the rest of the Spotify team and help us become better. Drive your own professional development and maintain technical knowledge.
Who you are
- You have more than 6 years experience working operationally with ITGCs in a publicly-traded company (internet/tech company is a strong plus) and have significant experience working on Sarbanes-Oxley and PCAOB-regulated engagements (Big 4 IT Audit background is highly preferred)
- You know how to get things done in a constantly evolving organisation and have the ability to handle stakeholders and deliverables in an efficient way
- You have a strong understanding of internal controls, design and implementations and a deep understanding of IT risks and the ability to develop a plan to mitigate the risks
- CISA, CISM and other professional certifications are a merit.
- You are self-motivated and proactive with the ability to work independently
- You are highly dependable, a curious person, are biased towards action, and know how to work under tight timelines.
- You articulate yourself exceptionally well in English, both vocally and in writing.
- You are an analytical troubleshooter. You may not have the answer, but you want to and know how to find it.
- You are a team player that actively collaborates with people to find solutions to problems. You know how to manage conflict and stress effectively because you care about people and have strong leadership skills.
We are proud to foster a workplace free from discrimination. We strongly believe that diversity of experience, perspectives, and background will lead to a better environment for our employees and a better product for our users and our creators. This is something we value deeply and we encourage everyone to come be a part of changing the way the world listens to music.