Senior Security Engineer



Software Engineering
New York, USA · San Francisco, CA, USA · Seattle, WA, USA · Remote
Posted on Monday, September 25, 2023

Patreon is the best place for creators to build exclusive content and community for their fans. We enable creators (podcasters, writers, musicians, illustrators, etc) to connect with their fans directly and make money from their creative work. Creators can sell one-off items from their own shops or offer recurring monthly memberships with exclusive access to their work.

There are over 250,000 active creators earning on Patreon and over 10 million members. Our goal has always been to help creators achieve financial freedom doing what they love - and we're leaders in the space, with over $3.5 billion earned by creators on our platform. We’re continuing to invest heavily in building the most talented team in the Creator Economy and are looking for a Senior Security Engineer to support our mission.

This role can be based in San Francisco, Seattle, New York or Remote.

About the Role

At Patreon, we deal with some of the most sensitive data such as patrons’ payment methods, creators’ financial information to process payouts, along with several other bits of personal information from patrons and creators alike. We process over a billion dollars annually. Our security team takes on the responsibility of protecting and safeguarding this data, and making sure these transactions proceed without being tampered with.

We are looking for a senior security engineer with experience in the cloud security and/or application/product security domain. This role allows for remote work.

About You:

  • Design, Architect and implement solutions to strengthen our infrastructure and corporate security posture.

  • Design and deliver solutions that solve real-world security problems.

  • Implement and tune security detection and automation for response

  • Develop security processes and automated tooling that prevent classes of security issues (ie., SSRF, broken AuthZ, etc.)

  • Provide architectural, design and threat-based guidance to software development teams to improve the security posture before code is written

  • Perform security assessments of Patreon’s platform, which includes our web application, mobile application, infrastructure, developer tools and internal services

  • Respond to and, when appropriate, resolve or escalate security incidents

  • Assess, design, implement, automate, and document security solutions and processes for securing K8s, Private Cloud environments, Distributed Systems, and SaaS applications

  • Participate in application architecture design, Perform security-focused code reviews, and collaborate with engineering teams to educate them on threats and vulnerabilities applicable to Patreon’s platform

  • Be the standard bearer for security at Patreon.

Skills and experience you possess:

  • Minimum 4 years of experience as a Security Engineer or Site Reliability Engineer

  • Significant technical experience with AWS

  • Experience with Python and/or any other additional language

  • Deep experience managing and maintaining Web Application Firewalls, PKI, Infrastructure-as-Code tools, and Data sharing services

  • Deep experience in cloud native environments

  • Working knowledge of container technologies including Docker and Kubernetes

  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment

  • Knowledge of network based, system level, and application layer attacks and mitigation methods

  • Experience with or understanding of a broad range of security technologies including SIEM, SOAR, PKI, IDS/IPS, IAM, Certificate Management, etc.

  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security

  • An understanding of identity federation, authentication, and authorization (SAML, OIDC, OAuth)

  • Strong understanding of common security libraries, security controls, and common security flaws

  • Experience making contributions to security community (i.e. podcasts, blogs, open-source tooling, etc.)

Who You'll Work With:

At Patreon, you'll join a high-performing and highly-empathetic team of people who proudly work on fulfilling our mission of funding the creative class. Our culture of creator-first, thoughtful teammates keeps work creative, stretching, and rewarding.

About Patreon

Patreon powers creators to do what they love and get paid by the people who love what they do. Our team is passionate about making this mission and our core values come to life every day in our work. Through this work, our Patronauts:

  • Put Creators First | They’re the reason we’re here. When creators win, we win.

  • Build with Craft | We sign our name to every deliverable, just like the creators we serve.

  • Make it Happen | We don’t quit. We learn and deliver.

  • Win Together | We grow as individuals. We win as a team.

We hire talented and passionate people from different backgrounds across the organization. If you’re excited about a role but your past experience doesn’t match with every bullet point outlined above, we strongly encourage you to apply anyway. If you’re a creator at heart, are energized by our mission, and share our company values, we’d love to hear from you.

Patreon is proud to be an equal opportunity employer. We provide employment opportunities without regard to age, race, color, ancestry, national origin, religion, disability, sex, gender identity or expression, sexual orientation, veteran status, or any other protected class.

Patreon offers a competitive benefits package including and not limited to salary, equity plans, healthcare, unlimited paid time off, company holidays and recharge days, commuter benefits, lifestyle stipends, learning and development stipends, patronage, parental leave, and 401k plan with matching.