Principal Security Engineer

You will be the single-threaded owner of security at Fanvue. You'll design and implement controls across our AWS infrastructure, application layer, CI/CD pipelines, and payment flows. You'll drive SOC 2 Type II and PCI DSS compliance, build an incident response capability, and establish a security champion network across every engineering stream. This is a high-ownership, hands-on role where you shape how security works across the entire company. If you want to build a security function, not just inherit one, this is it., * Design and implement security controls across AWS infrastructure, application layer, CI/CD pipelines, and payment flows

• Write RFCs/ADRs for security architecture decisions; maintain the security chapter in the engineering-rfcs-and-adrs repo
• Establish and run a security champion network across Platform, Growth, AI, Creator Earnings, and other engineering streams, including weekly security office hours
• Own the SOC 2 Type II and PCI DSS roadmap and execution - manage auditor relationships, evidence collection, and remediation tracking
• Conduct threat modelling for new features including iframe patterns, AI Creator Studio integrations, and live streaming surfaces
• Perform hands-on security reviews: IAM policies, secrets management, API authorisation, data encryption, and vendor contracts
• Build incident response playbooks and run quarterly tabletop exercises with the on-call rotation
• Partner with Legal on compliance across PCI DSS, GDPR, age verification, and content moderation policy
• Configure and tune SIEM, vulnerability scanning, and dependency checks - own alerting and response
• Review PRs for security-critical changes and embed security gates into the project checklist

Do you have experience in TypeScript?, * A senior security engineer with 8+ years of experience, including 3+ years as the solo or founding security hire at a scaling company

• Deep AWS security expertise: IAM, GuardDuty, Security Hub, VPC design, service control policies, and multi-account strategy
• Strong application security fundamentals: OWASP, OAuth/OIDC, API authorisation, cryptography, and secrets management
• Hands-on compliance experience - SOC 2, PCI DSS Level 1, GDPR and data residency
• Proficient in TypeScript; can read and review application code for vulnerabilities
• A track record of writing clear technical documentation - HLDs, RFCs, and runbooks that others can actually follow
• Comfortable with infrastructure as code (CDK/Terraform), CI/CD security, and container scanning
• Experience building a security champion programme and influencing cross-functionally without formal authority

You'll Thrive Here If

• You want to build the security function from scratch, not maintain someone else's
• You are energised by breadth - infrastructure, application, compliance, and culture all in one role
• You are hands-on first: you write code, review PRs, and get into the detail before delegating
• You communicate security risk in business terms, not just technical ones
• You are excited by the pace and ambiguity of a high-growth startup

You'll Struggle Here If

• You prefer to work within an established security team with defined scope
• You are more comfortable writing policies than implementing controls
• You need everything documented before you can act
• You treat compliance as a checkbox exercise rather than a genuine risk reduction effort

Fanvue is one of the fastest-growing creator monetisation platforms globally. We're an AI-powered, creator-first platform helping creators connect, engage, and earn directly from their audiences at scale. Following our recent Series A, Fanvue has surpassed $100M+ in annual recurring revenue, with triple-digit year-on-year growth, supporting hundreds of thousands of creators and millions of fans worldwide. As Fanvue scales, security becomes one of the most critical functions in the company. This role exists to own and build our security posture from the ground up - across infrastructure, application, payments, and compliance - and help protect how hundreds of thousands of creators and millions of fans use Fanvue.