Staff Security Engineer

at Patreon
🔒 Cybersecurity🔵 Mid-level

Job description

Patreon is a media and community platform where over 300,000 creators give their biggest fans access to exclusive work and experiences. We offer creators a variety of ways to engage with their communities and build a lasting business including: paid memberships, free memberships, community chats, live experiences, and selling to fans directly with one-time purchases.

Ultimately our goal is simple: fund the creative class. And we’re leaders in that space, with:

  • $8 billion+ in revenue generated since Patreon’s inception

  • 60 million+ free new memberships for fans who may not be ready to pay just yet, and

  • 10 million+ fans paying each month for exclusive access to creators’ work and community.

We’re continuing to invest heavily in building the best creator platform with the best team in the creator economy and are looking for a Staff Security Engineer to support our mission.

This role is Remote friendly or open to those who are able to be in-office 2 days per week on a hybrid work model in our New York or San Francisco offices.

About the team

At Patreon, we deal with some of the most sensitive data such as patrons’ payment methods, creators’ financial information to process payouts, along with several other bits of personal information from patrons and creators alike—security is paramount to our success. As an L6 Security Engineer, you’ll be our in-house generalist: part architect, part operations specialist, part developer, and part consultant. You’ll own projects end-to-end—from conception through implementation and maintenance—and partner across Engineering, Product, and DevOps to bake security into everything we do.

About the role

  • Data Privacy & Deletion Tooling:

    • Design, build, and operate internal systems for data classification, retention, and automated deletion in compliance with GDPR, CCPA, and other regulations.

    • Integrate with downstream services and data stores to ensure end-to-end coverage.

  • Kubernetes Hardening:

    • Develop and enforce PodSecurityPolicies, NetworkPolicies, and admission controllers.

    • Write and enforce Open Policy Agent (OPA) rules

    • Perform threat modeling and risk assessments for new and existing clusters; automate remediation where possible.

  • Security Automations:

    • Write robust Python scripts and applications to detect misconfigurations, enforce security guardrails, and streamline incident response.

    • Integrate with CI/CD pipelines (Terraform Cloud, GitHub Actions, etc.) for “shift-left” security.

  • On-Call & Incident Response:

    • Serve on a quarterly rotation for 247 on-call coverage; respond to alerts and investigations, lead post-mortems, and drive continuous improvement.

  • Bug Bounty & Vulnerability Management:

    • Partner with our bug bounty program: triage incoming reports, reproduce and validate findings, and coordinate fixes with Engineering.

    • Track and report on program metrics, drive outreach to top-performing researchers.

  • Security Reviews & Advisory:

    • Review architectural and product changes—especially high-risk components—providing actionable guidance and gating risky rollouts.

    • Educate engineering teams through workshops, documentation, and “security office hours.”

About You

  • Professional Background

    • Minimum of 7+ years of combined experience in Security Engineering, Security Software Engineer, DevSecOps, SRE or related roles in an enterprise or cloud-native environment.

    • Bachelor’s degree in Computer Science, Information Security, or related field (or 8+ years of relevant experience in lieu of degree).

  • Technical Expertise

    • Strong foundation in one or more programming/scripting languages (e.g., Python) for automation and tooling.

    • Demonstrated ability to automate and secure production systems, third party SaaS apps, and security compliance controls in various environments.

    • Proficiency in security architecture reviews, implementing guardrails for cloud based web applications, and writing automations

About Patreon

Patreon powers creators to do what they love and get paid by the people who love what they do. Our team is passionate about making this mission and our core values come to life every day in our work. Through this work, our Patronauts:

  • Put Creators First | They’re the reason we’re here. When creators win, we win.

  • Build with Craft | We sign our name to every deliverable, just like the creators we serve.

  • Make it Happen | We don’t quit. We learn and deliver.

  • Win Together | We grow as individuals. We win as a team.

We hire talented and passionate people from different backgrounds because workplace diversity and inclusion is critical to our ability to serve creators worldwide. If you’re excited about a role but your past experience doesn’t match with every bullet point outlined above, we strongly encourage you to apply anyway. If you’re a creator at heart, are energized by our mission, and share our company values, we’d love to hear from you.

Patreon is proud to be an equal opportunity employer. We provide employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, or any other protected class. If you need a reasonable accommodation during the interview process, please let us know via email at accomodations@patreon.

Patreon offers a competitive benefits package including and not limited to salary, equity plans, healthcare, flexible time off, company holidays and recharge days, commuter benefits, lifestyle stipends, learning and development stipends, patronage, parental leave, and 401k plan with matching.

Patreon operates under a hybrid work model, where employees based in office locations are expected to come into the office two days per week, excluding sick time and paid leave. The goal of this policy is to be intentional about the in-person time we spend together to strengthen the feeling of community at Patreon. Candidates hired into remote-eligible roles are not expected to meet the same requirements.

At Patreon, we believe in fair and transparent pay. In compliance with New York and California pay transparency laws, we are sharing the expected salary range for this role.

The posted salary range is dependent on the location and the level. This range may encompass multiple levels within the role’s job family. The final offer will be based on candidate’s experience, skills, competencies, and geographic location, aligning with the appropriate job level within Patreon’s leveling framework. For remote employees located outside CA and NY, salary may vary based on location and local market conditions.

Patreon reserves the right to modify or update compensation and benefits at any time.

Share this job:
Please let Patreon know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Patreon

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply