- Date Posted
- Sep. 29, 2021
Do you believe that creators should have the ability to get paid for the value they give to their fans?
We do, which is why we’re building Patreon, a platform that powers membership services for creators with established followings. Patreon strives to provide creators with insight, education, and tools that make it possible to retain creative control while running their creative business, so creators can focus on creating and energizing their fanbases.
We have payed out over $500 million directly to creators on our platform this year alone, and our user base has doubled. In order to support this level of growth, we are looking for a Senior Application Security Engineer.
What you will do
- You will collaborate across teams at Patreon and it’s subsidiaries to create and execute security controls to defend Patreon from both internal and external attacks.
- You will develop and iterate on a threat modeling framework and automation to help the software development lifecycle to comply with industry best practices such as CIS and NIST.
- You will assist with security compliance-related questions and designs such as PCI, Sarbanes–Oxley Act, and Systems and Organization Controls Type 2 (SOC 2 Type 2).
- You will drive periodic penetration assessments of our web and mobile experience.
- You will articulate risk to appropriate stakeholders including engineers, leaders, and executives.
- You will participate in vendor security risk assessments.
Skills and Experiences You Possess
- You have significant experience across multiple technical stacks, with special attention to product scalability, usability, and performance.
- You know industry best practices for software design and coding standards.
- You are a great communicator who can explain technical issues and risks to a broad, non-technical audience. You work well with engineering, legal, product, executives, and others. You tailor your communication style, level of detail, and approach based on the audience.
- You are a strong collaborator and can influence technical teams, and you take them along with you.
- You operate effectively across teams and disciplines even in highly ambiguous situations.
- You have experience building inclusive team cultures.
- You care about building great products and a great company that matters.
- You have the ability to design and implement identity-based access management systems and controls.
- You have knowledge of cryptography and cryptographic implementation of best practices.
- You have experience building out a threat modeling program at another company
Who You’ll Work With:
At Patreon, you’ll join a high-performing and highly-empathetic team of people who proudly work on fulfilling our mission of funding the creative class. Our culture of creator-first, thoughtful teammates keeps work creative, stretching, and rewarding.
Our Core Behaviors:
- Put Creators First. Patreon is nothing without our creators.
- Achieve Ambitious Outcomes. Set, measure, and accomplish goals that deliver massive value to our creators and patrons.
- Cultivate Inclusion. We want an environment that retains and engages the diverse teams we build.
- Bias Towards Action. When in doubt, we take the next best step, then course correct when needed. We go out of our way to fix problems when we see them. We take ownership seriously.
- Be Candid and Kind. Be extremely caring and extremely direct in all you do at Patreon, especially when it comes to giving positive and constructive feedback.
- Be Curious. You don’t know it all, and that’s the fun part. Everything gets better when you’re curious. Things get more interesting, more clear, and more approachable. When you bring curiosity into the workplace, you’re growing yourself, your teammates, and Patreon as a whole.
- Want to Learn More About Patreon?
- Check out TechCrunch’s article about our focus on membership
- Listen to our CEO Jack and Co-Founder Sam chat with Guy Raz on NPR’s How I Built This
- Check to see if you know a Patreon teammate on LinkedIn