Staff Security Engineer

1 Month ago • 7 Years + • Cyber Security • $221,800 PA - $369,600 PA

Job Summary

Job Description

Patreon is seeking a Staff Security Engineer to join their team. This role involves designing, building, and operating internal systems for data privacy and deletion, including compliance with regulations like GDPR and CCPA. Responsibilities include Kubernetes hardening, developing PodSecurityPolicies, NetworkPolicies, and Open Policy Agent rules, as well as performing threat modeling. The engineer will also write Python scripts for security automations, integrate with CI/CD pipelines for shift-left security, participate in on-call rotations for incident response, manage the bug bounty program, triage vulnerabilities, and conduct security reviews for architectural and product changes. This position emphasizes baking security into all aspects of the platform.
Must have:
  • Minimum 7+ years experience in Security Engineering or related roles
  • Strong Python scripting for automation
  • Automating and securing production systems
  • Security architecture reviews
  • Implementing cloud web application guardrails
Good to have:
  • Bachelor's degree in Computer Science or Information Security
  • Experience with Kubernetes security (PodSecurityPolicies, NetworkPolicies, OPA)
  • CI/CD integration (Terraform Cloud, GitHub Actions)
  • Threat modeling and risk assessments
  • Vulnerability management and bug bounty triage
Perks:
  • Salary, equity plans
  • Healthcare
  • Flexible time off
  • Company holidays and recharge days
  • Commuter benefits
  • Lifestyle stipends
  • Learning and development stipends
  • Patronage
  • Parental leave
  • 401k plan with matching

Job Details

Patreon is a media and community platform where over 300,000 creators give their biggest fans access to exclusive work and experiences. We offer creators a variety of ways to engage with their communities and build a lasting business including: paid memberships, free memberships, community chats, live experiences, and selling to fans directly with one-time purchases.

Ultimately our goal is simple: fund the creative class. And we're leaders in that space, with:

  • $8 billion+ in revenue generated since Patreon's inception

  • 60 million+ free new memberships for fans who may not be ready to pay just yet, and

  • 10 million+ fans paying each month for exclusive access to creators' work and community.

We're continuing to invest heavily in building the best creator platform with the best team in the creator economy and are looking for a Staff Security Engineer to support our mission.

This role is Remote friendly or open to those who are able to be in-office 2 days per week on a hybrid work model in our New York or San Francisco offices.

About the team

At Patreon, we deal with some of the most sensitive data such as patrons’ payment methods, creators’ financial information to process payouts, along with several other bits of personal information from patrons and creators alike—security is paramount to our success. As an L6 Security Engineer, you'll be our in-house generalist: part architect, part operations specialist, part developer, and part consultant. You'll own projects end-to-end—from conception through implementation and maintenance—and partner across Engineering, Product, and DevOps to bake security into everything we do.

About the role

  • Data Privacy & Deletion Tooling:

    • Design, build, and operate internal systems for data classification, retention, and automated deletion in compliance with GDPR, CCPA, and other regulations.

    • Integrate with downstream services and data stores to ensure end-to-end coverage.

  • Kubernetes Hardening:

    • Develop and enforce PodSecurityPolicies, NetworkPolicies, and admission controllers.

    • Write and enforce Open Policy Agent (OPA) rules

    • Perform threat modeling and risk assessments for new and existing clusters; automate remediation where possible.

  • Security Automations:

    • Write robust Python scripts and applications to detect misconfigurations, enforce security guardrails, and streamline incident response.

    • Integrate with CI/CD pipelines (Terraform Cloud, GitHub Actions, etc.) for \"shift-left\" security.

  • On-Call & Incident Response:

    • Serve on a quarterly rotation for 24/7 on-call coverage; respond to alerts and investigations, lead post-mortems, and drive continuous improvement.

  • Bug Bounty & Vulnerability Management:

    • Partner with our bug bounty program: triage incoming reports, reproduce and validate findings, and coordinate fixes with Engineering.

    • Track and report on program metrics, drive outreach to top-performing researchers.

  • Security Reviews & Advisory:

    • Review architectural and product changes—especially high-risk components—providing actionable guidance and gating risky rollouts.

    • Educate engineering teams through workshops, documentation, and \"security office hours.\"

About You

  • Professional Background

    • Minimum of 7+ years of combined experience in Security Engineering, Security Software Engineer, DevSecOps, SRE or related roles in an enterprise or cloud-native environment.

    • Bachelor’s degree in Computer Science, Information Security, or related field (or 8+ years of relevant experience in lieu of degree).

  • Technical Expertise

    • Strong foundation in one or more programming/scripting languages (e.g., Python) for automation and tooling.

    • Demonstrated ability to automate and secure production systems, third party SaaS apps, and security compliance controls in various environments.

    • Proficiency in security architecture reviews, implementing guardrails for cloud based web applications, and writing automations

About Patreon

Patreon powers creators to do what they love and get paid by the people who love what they do. Our team is passionate about making this mission and our core values come to life every day in our work. Through this work, our Patronauts:

  • Put Creators First | They’re the reason we’re here. When creators win, we win.

  • Build with Craft | We sign our name to every deliverable, just like the creators we serve.

  • Make it Happen | We don’t quit. We learn and deliver.

  • Win Together | We grow as individuals. We win as a team.

We hire talented and passionate people from different backgrounds because workplace diversity and inclusion is critical to our ability to serve creators worldwide. If you’re excited about a role but your past experience doesn’t match with every bullet point outlined above, we strongly encourage you to apply anyway. If you’re a creator at heart, are energized by our mission, and share our company values, we’d love to hear from you.

Patreon is proud to be an equal opportunity employer. We provide employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, or any other protected class. If you need a reasonable accommodation during the interview process, please let us know via email at accomodations@patreon.

Patreon offers a competitive benefits package including and not limited to salary, equity plans, healthcare, flexible time off, company holidays and recharge days, commuter benefits, lifestyle stipends, learning and development stipends, patronage, parental leave, and 401k plan with matching.

Patreon operates under a hybrid work model, where employees based in office locations are expected to come into the office two days per week, excluding sick time and paid leave. The goal of this policy is to be intentional about the in-person time we spend together to strengthen the feeling of community at Patreon. Candidates hired into remote-eligible roles are not expected to meet the same requirements.

At Patreon, we believe in fair and transparent pay. In compliance with New York and California pay transparency laws, we are sharing the expected salary range for this role.

The posted salary range is dependent on the location and the level. This range may encompass multiple levels within the role’s job family. The final offer will be based on candidate’s experience, skills, competencies, and geographic location, aligning with the appropriate job level within Patreon’s leveling framework. For remote employees located outside CA and NY, salary may vary based on location and local market conditions.

Patreon reserves the right to modify or update compensation and benefits at any time.

Similar Jobs

Plain - Senior Product Engineer (Frontend)

Plain

San Francisco, California, United States (Remote)
1 Month ago
Vercel - Legal Counsel

Vercel

San Francisco, California, United States (Remote)
4 Weeks ago
deel. - Payroll Expert

deel.

Peru (Remote)
3 Weeks ago
AI Fund - Content Marketing Manager

AI Fund

United States (On-Site)
10 Months ago
Boomi  - Sales Development Representative

Boomi

Tokyo, Japan (Hybrid)
1 Month ago
Kavalirio - Expert Cyber Security Analyst

Kavalirio

Chantilly, Virginia, United States (On-Site)
2 Months ago
Ubisoft - Security Analyst

Ubisoft

Montreal, Quebec, Canada (On-Site)
4 Months ago
Scale AI - Security Engineer (Infrastructure)

Scale AI

Washington, District Of Columbia, United States (On-Site)
3 Months ago
Adobe - Senior Cyber Defense Analyst

Adobe

Sydney, New South Wales, Australia (On-Site)
3 Months ago
Jane Street - Cybersecurity Governance and Risk Specialist

Jane Street

London, England, United Kingdom (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Zenoti - Technical Support Specialist - VOIP Solutions

Zenoti

Seattle, Washington, United States (On-Site)
1 Month ago
Rippling - Account Executive, Global Products, Mid Market

Rippling

New York, United States (On-Site)
2 Months ago
deel. - Junior Legal Counsel

deel.

Germany (Remote)
3 Weeks ago
Glean - Senior Product Marketing Manager

Glean

Palo Alto, California, United States (Hybrid)
1 Month ago
Take-Two Interactive - Systems Administrator I

Take-Two Interactive

London, England, United Kingdom (On-Site)
1 Month ago
WebFX - Jr. UX Designer

WebFX

Ann Arbor, Michigan, United States (On-Site)
8 Months ago
Diligent Corporation - Value Engineer II

Diligent Corporation

London, England, United Kingdom (Hybrid)
2 Months ago
Miro - Strategic Customer Success Manager (Nordics)

Miro

London, England, United Kingdom (On-Site)
1 Month ago
Sailpoint - Principal Engineer - Agentic AI

Sailpoint

Austin, Texas, United States (On-Site)
1 Month ago
CyberArk - Java & Angular Full Stack for EPM

CyberArk

Israel (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Jobs in United States

bounteous - Murex Functional Analyst (Front Office)

bounteous

New York, United States (On-Site)
1 Month ago
Palo Alto Networks - Senior Technical Support Engineer, Focused Services

Palo Alto Networks

Plano, Texas, United States (On-Site)
2 Months ago
Apple - Operations and Maintenance Coordinator

Apple

Boulder, Colorado, United States (On-Site)
2 Months ago
Glean - AI Outcomes Manager

Glean

Palo Alto, California, United States (On-Site)
3 Months ago
EMA - Product Designer

EMA

California, United States (Hybrid)
10 Months ago
Next Level Business Services - Service Desk Support

Next Level Business Services

Phoenix, Arizona, United States (On-Site)
10 Months ago
Next Level Business Services - Senior UI Developer

Next Level Business Services

Austin, Texas, United States (On-Site)
10 Months ago
Flow - Senior/Staff Web Engineer

Flow

Palo Alto, California, United States (Hybrid)
10 Months ago
Loft Orbital - Team Lead - Cloud Infrastructure Team

Loft Orbital

Golden, Colorado, United States (Hybrid)
3 Months ago
Captions - Member of Technical Staff, Image Generation

Captions

New York, New York, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Kyruus Health - Staff Application Security Engineer

Kyruus Health

United States (Remote)
3 Weeks ago
binance - DevSecOps Engineer, Infrastructure Security

binance

Taipei City, Taiwan (Remote)
1 Year ago
Take-Two Interactive - Senior Application Security Engineer

Take-Two Interactive

Toronto, Ontario, Canada (On-Site)
1 Month ago
Nexon - Associate Security Engineer

Nexon

El Segundo, California, United States (Hybrid)
3 Months ago
Windranger - Security Engineer

Windranger

Apac, Northern Region, Uganda (Remote)
4 Months ago
Kavalirio - Expert Cyber Security Analyst

Kavalirio

Chantilly, Virginia, United States (On-Site)
2 Months ago
Optiv - Associate Cyber Security Advisor - Commercial Northeast

Optiv

Boston, Massachusetts, United States (Remote)
2 Months ago
Postman - Senior Security Engineer, Application Security

Postman

San Francisco, California, United States (Hybrid)
3 Months ago
InMobiInMobi - Senior Information Security Analyst (IT Risk)

InMobiInMobi

Bengaluru, Karnataka, India (On-Site)
3 Months ago
Twitch - Senior Security Engineer

Twitch

Los Angeles, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

New York, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

New York, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Patreon

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug