Staff Security Engineer

Summary

Join Patreon as a Staff Security Engineer and play a crucial role in protecting sensitive user data. This remote-friendly position, with a hybrid option in New York or San Francisco, requires 7+ years of experience in security engineering or related fields. You will design, build, and operate internal systems for data classification and deletion, harden Kubernetes clusters, automate security processes using Python, and participate in on-call rotations. Responsibilities also include bug bounty management, security reviews, and educating engineering teams. Patreon offers a competitive benefits package.

Requirements

• Minimum of 7+ years of combined experience in Security Engineering, Security Software Engineer, DevSecOps, SRE or related roles in an enterprise or cloud-native environment
• Bachelor’s degree in Computer Science, Information Security, or related field (or 8+ years of relevant experience in lieu of degree)
• Strong foundation in one or more programming/scripting languages (e.g., Python) for automation and tooling
• Demonstrated ability to automate and secure production systems, third party SaaS apps, and security compliance controls in various environments
• Proficiency in security architecture reviews, implementing guardrails for cloud based web applications, and writing automations

Responsibilities

• Design, build, and operate internal systems for data classification, retention, and automated deletion in compliance with GDPR, CCPA, and other regulations
• Integrate with downstream services and data stores to ensure end-to-end coverage
• Develop and enforce PodSecurityPolicies, NetworkPolicies, and admission controllers
• Write and enforce Open Policy Agent (OPA) rules
• Perform threat modeling and risk assessments for new and existing clusters; automate remediation where possible
• Write robust Python scripts and applications to detect misconfigurations, enforce security guardrails, and streamline incident response
• Integrate with CI/CD pipelines (Terraform Cloud, GitHub Actions, etc.) for "shift-left" security
• Serve on a quarterly rotation for 24/7 on-call coverage; respond to alerts and investigations, lead post-mortems, and drive continuous improvement
• Partner with our bug bounty program: triage incoming reports, reproduce and validate findings, and coordinate fixes with Engineering
• Track and report on program metrics, drive outreach to top-performing researchers
• Review architectural and product changes—especially high-risk components—providing actionable guidance and gating risky rollouts
• Educate engineering teams through workshops, documentation, and "security office hours."

Benefits

• Healthcare
• Flexible time off
• Company holidays and recharge days
• Commuter benefits
• Lifestyle stipends
• Learning and development stipends
• Patronage
• Parental leave
• 401k plan with matching