Kobalt Intro:

​Kobalt is one of the world’s largest, most innovative music companies, using technology to power creative freedom, transparency, ownership and control for artists, songwriters, publishers, and labels.

Founded in 2000 by Swedish entrepreneur Willard Adhritz, the startup built a platform to maximise efficiency, accuracy, and transparency across the billions of micro-payments collected in today’s highly complex digital world. As traditional music companies fought technology and contracted, Kobalt embraced it and grew, building an infrastructure and world-class creative team purposely designed to usher in the streaming era and a more fair, rewarding music business for creators. Our technology enables them to access royalty payments 4x faster while also maximising the royalty collection amounts.

With over 400 employees in 12 offices worldwide, Kobalt today represents over 31,000 artists and songwriters, 700,000 songs and 600 publishing companies. Kobalt is proud to work with artists, songwriters, and companies like Childish Gambino, Max Martin, Paul McCartney, MPL Communications, Disney Music Group, and many more.

Context:

​​Kobalt continues to grow 3x faster than the market and, as such, continuously focuses on scaling out its systems, products and services to cope with the increasing demand. One of the key opportunities for Kobalt is to address the masses of songwriters who are reasonably early in their careers and, as such, struggle to get representation from strong publishers. As most publishers depend on primarily manual processes, the service cost usually outweighs the revenue potential that those songwriters would generate. Through technology, Kobalt aims to reduce the cost of service for each individual songwriter, making it viable to support large numbers of songwriters at a marginal cost.

Role overview:

As a Security Engineer, you'll play a pivotal role in our expanding security program. You'll have the opportunity to work across a wide range of security domains, collaborating with engineering teams to safeguard our technology stack and build a resilient security posture for our company's future

Key Responsibilities:

• Vulnerability Management: Review vulnerability reports, prioritise findings, and work with teams to remediate them across endpoints, infrastructure, and cloud environments.
• Alerting & Incident Response: Design and implement effective alerting mechanisms, investigate security incidents, and participate in table-top exercises and disaster recovery scenarios.
• Threat Modeling & Risk Assessment: Collaborate with engineering teams to identify and address potential security risks in new systems and applications.
• Secure Software Development: Champion secure coding practices and help integrate security into our development processes.
• Vendor Security: Conduct security reviews of third-party vendors to ensure they meet our security standards.
• Security Tooling: Research, evaluate, and implement new security tools and processes to enhance our overall security posture.
• Partner Collaboration: Work with external security partners to optimise alerting, reporting, and incident investigations.
• Penetration Testing: Coordinate penetration tests and collaborate with teams to address any identified vulnerabilities.

Ideal Candidate:

• Versatile Skill Set: Comfortable working across a broad range of security domains
• Strong Collaboration: Proven ability to work effectively with cross-functional teams, including engineering, IT, and management.
• Proactive Problem Solver: Eager to identify and address security risks before they become incidents.
• Cloud Security Expertise: Experience securing cloud environments (AWS) and knowledge of relevant security frameworks.
• Excellent Communication: Ability to clearly communicate technical concepts to both technical and non-technical audiences.
• Self-Starter: Ability to work independently, take initiative, and manage projects with minimal supervision.

Nice to have:

• Security Certifications: Relevant certifications like CISSP are a plus.
• Experience with Scripting/Automation: Python, Bash, or similar scripting languages.

Proposed interview process:

1. Recruiter screen (30 mins)
2. Hiring manager call (60 mins)
3. Tech assessment (90 mins)
4. Culture Add (30 mins)