Senior Analyst - Internal Audit & Risk

Spotify’s Internal Audit & Risk (IAR) team is seeking a Senior Analyst with a technological or engineering background to help implement our audit strategy across the product lifecycle within our agile, international environment. In this role you will be working on a diverse range of projects, from building tools leveraging AI agents to supporting the company's annual SOX compliance program and contributing to assurance and advisory projects across technology and product areas. The ideal candidate has an engineering background, good understanding of software development in microservices architecture, and has some experience in building AI systems and using AI powered coding assistants. You should be passionate about risk management and be keen on learning auditing techniques. The United States base range for this position is $92,171 - $131,673 plus equity. The benefits available for this position include health insurance, six month paid parental leave, 401(k) retirement plan, monthly meal allowance, 23 paid days off, 13 paid flexible holidays, paid sick leave. These ranges may be modified in the future. Spotify is an equal opportunity employer. You are welcome at Spotify for who you are, no matter where you come from, what you look like, or what’s playing in your headphones. Our platform is for everyone, and so is our workplace. The more voices we have represented and amplified in our business, the more we will all thrive, contribute, and be forward-thinking! So bring us your personal experience, your perspectives, and your background. It’s in our differences that we will find the power to keep revolutionizing the way the world listens. At Spotify, we are passionate about inclusivity and making sure our entire recruitment process is accessible to everyone. We have ways to request reasonable accommodations during the interview process and help assist in what you need. If you need accommodations at any stage of the application or interview process, please let us know - we’re here to support you in any way we can. What You'll Do Test technology components within the SOX framework, including planning, executing walkthroughs, reporting, and driving continuous improvements such as control rationalization. Design, build, and iterate on internal audit & risk tooling and systems using AI agents, leveraging modern cloud-native architectures and generative AI models to drive execution. Champion technology-enabled audit execution by embedding AI directly into core audit processes to deliver deeper, more effective results. Develop a deep understanding of the businesses, products, and processes you are auditing, including their strategy, product lifecycle, and associated business processes. Participate in complex assurance and advisory projects, covering risk assessment, testing, and reporting across various technical domains. Coordinate with co-sourced providers, external auditors, and internal process owners to ensure the timely and effective execution of the SOX testing program and operational/technical audits. Provide guidance and support to internal stakeholders as they address control deficiencies or make significant process changes, such as the implementation of new systems or product features. Who You Are You have at least 3 years of work experience. The majority should come from an engineering role or similar in high performing, cross-functional teams. Experience in technology audit, IT consulting and/or IT risk management is a merit, but not a requirement. You effectively use AI agents in your day-to-day work, and you have at least basic experience in building AI systems or using AI powered coding assistants such as Claude Code or Cursor. You have a solid understanding of modern software development lifecycles (SDLC), programming languages for AI development (Python) and cloud infrastructure. You’re passionate about risk management and audit, and you’re eager to learn and grow your auditing skills under mentorship of our team of experts. You possess strong problem-solving skills, demonstrating critical and logical thinking to reach solutions in complex technical environments. You care deeply about quality and hold yourself and others to a high standard. You hold a Bachelor’s degree in Computer Science, Software Engineering or a related field. Self-taught engineers holding another degree are also welcome to apply. Professional certifications (e.g., CISA, CISSP, CIA) are a merit but not a requirement. Where You'll Be This role is based in our New York City or Stockholm office. Remote work may be considered for strong candidates. We offer a hybrid work model, typically working 2–3 days per week in the office to foster collaboration with the IAR team and stakeholders.

{
  "content_hash": "db14d0c684f8bcd0b560d218123ba4fdc0b6583a4be6de42506b7e306008b40d",
  "source_hash": "afed016ce6bd2d750abbacef77d753aebf3f58817295dfc2c2013249ef521520",
  "last_changed_at": "2026-05-29T07:00:52.396Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "New York, NY",
    "city": "New York",
    "region": "NY",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.9
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-04T11:32:02.390Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "New York, NY",
      "city": "New York",
      "region": "NY",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.9
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": "hybrid",
  "salary_period": null,
  "workplace_type": "hybrid",
  "salary_currency": null
}

{}

{
  "lists": [
    {
      "text": "What You'll Do",
      "content": "\n<li>Test technology components within the SOX framework, including planning, executing walkthroughs, reporting, and driving continuous improvements such as control rationalization.</li>\n<li>Design, build, and iterate on internal audit &amp; risk tooling and systems using AI agents, leveraging modern cloud-native architectures and generative AI models to drive execution.</li>\n<li>&nbsp;Champion technology-enabled audit execution by embedding AI directly into core audit processes to deliver deeper, more effective results.</li>\n<li>Develop a deep understanding of the businesses, products, and processes you are auditing, including their strategy, product lifecycle, and associated business processes.</li>\n<li>Participate in complex assurance and advisory projects, covering risk assessment, testing, and reporting across various technical domains.</li>\n<li>Coordinate with co-sourced providers, external auditors, and internal process owners to ensure the timely and effective execution of the SOX testing program and operational/technical audits.</li>\n<li>Provide guidance and support to internal stakeholders as they address control deficiencies or make significant process changes, such as the implementation of new systems or product features.</li>\n"
    },
    {
      "text": "Who You Are",
      "content": "\n<li>You have at least 3 years of work experience. The majority should come from an engineering role or similar in high performing, cross-functional teams. Experience in technology audit, IT consulting and/or IT risk management is a merit, but not a requirement.</li>\n<li>You effectively use AI agents in your day-to-day work, and you have at least basic experience in building AI systems or using AI powered coding assistants such as Claude Code or Cursor.</li>\n<li>You have a solid understanding of modern software development lifecycles (SDLC), programming languages for AI development (Python) and cloud infrastructure.</li>\n<li>You’re passionate about risk management and audit, and you’re eager to learn and grow your auditing skills under mentorship of our team of experts.</li>\n<li>You possess strong problem-solving skills, demonstrating critical and logical thinking to reach solutions in complex technical environments.</li>\n<li>You care deeply about quality and hold yourself and others to a high standard.</li>\n<li>You hold a Bachelor’s degree in Computer Science, Software Engineering or a related field. Self-taught engineers holding another degree are also welcome to apply. Professional certifications (e.g., CISA, CISSP, CIA) are a merit but not a requirement.</li>\n"
    },
    {
      "text": "Where You'll Be",
      "content": "\n<li>This role is based in our New York City or Stockholm office. Remote work may be considered for strong candidates.&nbsp;&nbsp;</li>\n<li>We offer a hybrid work model, typically working 2–3 days per week in the office to foster collaboration with the IAR team and stakeholders.</li>\n\n<div>&nbsp;</div>"
    }
  ],
  "country": "US",
  "createdAt": 1770912292609,
  "updatedAt": null,
  "categories": {
    "team": "Finance Strategy, Operations & Risk",
    "location": "New York, NY",
    "commitment": "Permanent",
    "department": "Finance",
    "allLocations": [
      "New York, NY",
      "Stockholm"
    ]
  },
  "salaryRange": null,
  "workplaceType": "hybrid"
}