Join Patreon as a Staff Security Engineer and Help Fund the Creative Class!
At Patreon, we're on a mission to fund the creative class by providing over 300,000 creators with a platform to connect with their biggest fans. We empower them with tools for paid memberships, community chats, live experiences, and direct sales, generating over $8 billion in revenue for creators since our inception. With over 60 million free memberships and 10 million paying fans, we're leading the charge in the creator economy. Now, we're looking for a talented Staff Security Engineer to join our team and help us build the most secure and reliable platform for creators and their communities.
This role is Remote-friendly, or open to hybrid work (2 days per week in-office) in our New York or San Francisco offices.
The Opportunity:
As a Staff Security Engineer (L6), you'll be a vital part of our security team, acting as a versatile generalist with a passion for protecting our creators and patrons. You'll be involved in architecture, operations, development, and consulting, working across Engineering, Product, and DevOps to integrate security into every aspect of Patreon. You'll own security projects end-to-end, from initial design to ongoing maintenance.
What You'll Do:
Data Privacy & Deletion Tooling:
Design, build, and operate internal systems for data classification, retention, and automated deletion in compliance with GDPR, CCPA, and other regulations.
Integrate with downstream services and data stores to ensure end-to-end coverage.
Kubernetes Hardening:
Develop and enforce PodSecurityPolicies, NetworkPolicies, and admission controllers.
Write and enforce Open Policy Agent (OPA) rules.
Perform threat modeling and risk assessments for new and existing clusters; automate remediation where possible.
Security Automations:
Write robust Python scripts and applications to detect misconfigurations, enforce security guardrails, and streamline incident response.
Integrate with CI/CD pipelines (Terraform Cloud, GitHub Actions, etc.) for "shift-left" security.
On-Call & Incident Response:
Serve on a quarterly rotation for 24/7 on-call coverage; respond to alerts and investigations, lead post-mortems, and drive continuous improvement.
Bug Bounty & Vulnerability Management:
Partner with our bug bounty program: triage incoming reports, reproduce and validate findings, and coordinate fixes with Engineering.
Track and report on program metrics, drive outreach to top-performing researchers.
Security Reviews & Advisory:
Review architectural and product changes—especially high-risk components—providing actionable guidance and gating risky rollouts.
Educate engineering teams through workshops, documentation, and "security office hours."
What You Bring to the Table:
Professional Background:
Minimum of 7+ years of combined experience in Security Engineering, Security Software Engineer, DevSecOps, SRE or related roles in an enterprise or cloud-native environment.
Bachelor’s degree in Computer Science, Information Security, or related field (or 8+ years of relevant experience in lieu of degree).
Technical Expertise:
Strong foundation in one or more programming/scripting languages (e.g., Python) for automation and tooling.
Demonstrated ability to automate and secure production systems, third party SaaS apps, and security compliance controls in various environments.
Proficiency in security architecture reviews, implementing guardrails for cloud based web applications, and writing automations.
Life at Patreon:
We're more than just a company; we're a community of passionate individuals dedicated to empowering creators. At Patreon, you'll be surrounded by talented and driven colleagues who share our core values:
Put Creators First: They’re the reason we’re here. When creators win, we win.
Build with Craft: We sign our name to every deliverable, just like the creators we serve.
Make it Happen: We don’t quit. We learn and deliver.
Win Together: We grow as individuals. We win as a team.
We believe in creating a diverse and inclusive workplace where everyone can thrive. We strongly encourage you to apply, even if your experience doesn't perfectly align with every bullet point. If you're a creator at heart, energized by our mission, and share our values, we want to hear from you!
Patreon is an equal opportunity employer and provides employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, or any other protected class. If you need a reasonable accommodation during the interview process, please let us know via email at [email protected].
Patreon offers a competitive benefits package including salary, equity plans, healthcare, flexible time off, company holidays and recharge days, commuter benefits, lifestyle stipends, learning and development stipends, patronage, parental leave, and 401k plan with matching.
Patreon operates under a hybrid work model for office-based employees, requiring two days per week in the office. Remote-eligible roles are not subject to this requirement.
In compliance with pay transparency laws, the expected salary range for this role will be discussed during the interview process and is dependent on location and level.