Security Engineer

Salary: $160.7K - $241.5K Employment Type: Full-Time Location Type: Remote (or Hybrid in San Francisco or New York)

---

Position Overview

Patreon is a media and community platform dedicated to empowering creators by providing them with tools to connect with their biggest fans, offer exclusive content, and build their businesses. We are seeking a mid-level (L4) Security Engineer to join our growing Security team. This role is crucial in safeguarding sensitive patron and creator data, including payment methods and financial information, ensuring the security and compliance of our platform and corporate environment.

---

About the Role

As a Security Engineer at Patreon, you will be instrumental in designing, implementing, and maintaining robust security automation, detection, and response capabilities. You will also own and streamline our Governance, Risk, and Compliance (GRC) functions. Your contributions will directly impact our ability to scale securely and maintain the trust of our community.

---

What You Will Do

Design & Implement Security Solutions

• Architect and deploy tools and processes to enhance our infrastructure and corporate security posture across cloud-native (AWS), containerized (Kubernetes/Docker), and on-prem environments.
• Engineer and maintain controls across various security domains including Endpoint Detection and Response (EDR), Cloud Detection and Response (CDR), CI/CD security, SIEM, IAM, and PKI.

Automate Security Detection & Response

• Develop and refine security detection rules, playbooks, and workflows for real-time threat response.
• Build integrations and automated pipelines using DevOps/SecOps tools (e.g., Python scripting, APIs, webhooks) to expedite investigation and remediation processes.

Security Incident Handling

• Triage and investigate security alerts and incidents, coordinating efforts across cross-functional teams as needed.
• Drive the continuous improvement of incident response processes and the technologies used for detection and containment.

Governance, Risk & Compliance (GRC)

• Lead risk management initiatives, including conducting risk assessments, third-party vendor reviews, and compliance checks against frameworks such as ISO, NIST, PCI, and HIPAA.
• Develop and maintain security metrics (KRI/KPI/OKR) to report on program effectiveness and guide strategic decisions.
• Contribute to audits, assessments, and certification processes, while maintaining and optimizing GRC tooling for evidence gathering and continuous monitoring.
• Draft and evolve security policies, standards, and documentation in line with regulatory requirements and industry best practices.

Cross-Functional Collaboration

• Partner with Product, Engineering, Legal, and other business teams to integrate security requirements into new and existing features.
• Provide threat modeling and security architecture guidance to software development teams to ensure secure design principles are applied from the outset.

Continuous Improvement & Thought Leadership

• Participate in proactive threat hunting and vulnerability management programs to minimize risk exposure.
• Stay current with industry trends, emerging threats, and advancements in security technologies.
• Act as an internal advocate for security awareness, training, and best practices across the organization.

---

About You

• [Specific qualifications and experience would typically be listed here, but are not provided in the original text.]

---

Company Information

Patreon is a leading platform in the creator economy, enabling over 300,000 creators to build businesses and cultivate fandoms. Since our inception, creators have earned over $8 billion through our platform. We've seen significant growth with 30 million free memberships and 10 million paid monthly memberships. Our mission is to fund the creative class, and we are committed to investing in the best creator products and the best team to achieve this goal.